------------------------------------------------------------------ --- Changelog.all ----------- Wed Mar 25 10:13:37 UTC 2026 ------ ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------ 2026-3-19 - Mar 19 2026 ------------------- ------------------------------------------------------------------ ++++ systemd: - Import commit a943e3ce2f655b8509038e31f03f5ded18f24683 a943e3ce2f machined: reject invalid class types when registering machines (bsc#1259650 CVE-2026-4105) 71593f77db udev: fix review mixup 73a89810b4 udev-builtin-net-id: print cescaped bad attributes 0f360bfdc0 udev-builtin-net_id: do not assume the current interface name is ethX 40905232e2 udev: ensure tag parsing stays within bounds 7bce9026e3 udev: ensure there is space for trailing NUL before calling sprintf d018ac1ea3 udev: check for invalid chars in various fields received from the kernel (bsc#1259697) ------------------------------------------------------------------ ------------------ 2026-3-18 - Mar 18 2026 ------------------- ------------------------------------------------------------------ ++++ libzypp: - Fix preloader not caching packages from arch specific subrepos (bsc#1253740) - Deprioritize invalid mirrors (fixes openSUSE/zypper#636) - version 17.38.5 (35) ------------------------------------------------------------------ ------------------ 2026-3-17 - Mar 17 2026 ------------------- ------------------------------------------------------------------ ++++ python-tornado6: - CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259553) * added CVE-2026-31958.patch - VUL-0: incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes (bsc#1259630) * added VUL-0-cookie-attribute-validation.patch ++++ ovmf: - Update mbedtls to 3.6.5 to fix CVE-2025-59438 (bsc#1252441) - Requires Mbed TLS 3.6.5 or higher to mitigate vulnerability. ------------------------------------------------------------------ ------------------ 2026-3-16 - Mar 16 2026 ------------------- ------------------------------------------------------------------ ++++ pcr-oracle: - Update to 0.6.0 + Initial support for CI tests + Fix additional arguments following the PCR index + CI: Shutdown the swtpm instance after tests + Fix stop event check crash for grub-command (bsc#1258119) + Print PCR values during signing or sealing ------------------------------------------------------------------ ------------------ 2026-3-13 - Mar 13 2026 ------------------- ------------------------------------------------------------------ ++++ sqlite3: - Update to version 3.51.3: * Fix the WAL-reset database corruption bug: https://sqlite.org/wal.html#walresetbug * Other minor bug fixes. ------------------------------------------------------------------ ------------------ 2026-3-12 - Mar 12 2026 ------------------- ------------------------------------------------------------------ ++++ libsolv: - respect the "default" attribute in environment optionlist in the comps parser - support suse namespace deps in boolean dependencies [bsc#1258193] - support for the Elbrus2000 (e2k) architecture - support language() suse namespace rewriting - bump version to 0.7.36 ++++ libssh: - CVE-2026-3731: Denial of Service via out-of-bounds read in SFTP extension name handler (bsc#1259377) Added libssh-CVE-2026-3731.patch ------------------------------------------------------------------ ------------------ 2026-3-11 - Mar 11 2026 ------------------- ------------------------------------------------------------------ ++++ libsoup: - Refresh some patches to match the output from gitlab.gnome.org. ++++ vim: * Update Vim to version 9.2.0110 (from 9.2.0045). * Specifically, this fixes bsc#1259051 / CVE-2026-28417. ------------------------------------------------------------------ ------------------ 2026-3-10 - Mar 10 2026 ------------------- ------------------------------------------------------------------ ++++ libzypp: - Fix Product::referencePackage lookup (bsc#1259311) Use a provided autoproduct() as hint to the package name of the release package. It might be that not just multiple versions of the same release package provide the same product version, but also different release packages. - version 17.38.4 (35) ------------------------------------------------------------------ ------------------ 2026-3-9 - Mar 9 2026 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fixes: * CVE-2026-1965: Bad reuse of HTTP Negotiate connection (bsc#1259362) * CVE-2026-3783: Token leak with redirect and netrc (bsc#1259363) * CVE-2026-3784: Wrong proxy connection reuse with credentials (bsc#1259364) * CVE-2026-3805: Use after free in SMB connection reuse (bsc#1259365) * Add patches: - curl-CVE-2026-1965.patch - curl-CVE-2026-3783.patch - curl-CVE-2026-3784.patch - curl-CVE-2026-3805.patch ------------------------------------------------------------------ ------------------ 2026-3-6 - Mar 6 2026 ------------------- ------------------------------------------------------------------ ++++ python311-core: - Update to 3.11.15: - Security - gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650). - gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs (bsc#1257029 CVE-2025-11468). - gh-143925: Reject control characters in data: URL media types (bsc#1257046, CVE-2025-15282). - gh-143919: Reject control characters in http.cookies.Morsel fields and values (bsc#1257031, CVE-2026-0672). - gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042, CVE-2026-0865). - gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing. In order to do this without breaking existing users, we also add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead (bsc#1254997, CVE-2025-12084). - gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. - gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran. - gh-136065: Fix quadratic complexity in os.path.expandvars() (bsc#1252974, CVE-2025-6075). - gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (CVE-2025-13836, bsc#1254400). - gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes. - gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (bsc#1254401, CVE-2025-13837). - Library - gh-144833: Fixed a use-after-free in ssl when SSL_new() returns NULL in newPySSLSocket(). The error was reported via a dangling pointer after the object had already been freed. - gh-144363: Update bundled libexpat to 2.7.4 - gh-90949: Add SetAllocTrackerActivationThreshold() and SetAllocTrackerMaximumAmplification() to xmlparser objects to prevent use of disproportional amounts of dynamic memory from within an Expat parser. Patch by Bénédikt Tran. - Core and Builtins - gh-120384: Fix an array out of bounds crash in list_ass_subscript, which could be invoked via some specificly tailored input: including concurrent modification of a list object, where one thread assigns a slice and another clears it. - gh-120298: Fix use-after free in list_richcompare_impl which can be invoked via some specificly tailored evil input. Remove upstreamed patches: - CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2025-12084-minidom-quad-search.patch - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-13837-plistlib-mailicious-length.patch - CVE-2025-6075-expandvars-perf-degrad.patch - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865-wsgiref-ctrl-chars.patch - CVE-2025-15282-urllib-ctrl-chars.patch ++++ libzypp: - specfile: on fedora use %{_prefix}/share as zyppconfdir if %{_distconfdir} is undefined (fixes #693) This will set '-DZYPPCONFDIR=%{zyppconfdir}' for cmake. - Fall back to a writable location when precaching packages without root (bsc#1247948) - version 17.38.3 (35) ++++ python311: - Update to 3.11.15: - Security - gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650). - gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs (bsc#1257029 CVE-2025-11468). - gh-143925: Reject control characters in data: URL media types (bsc#1257046, CVE-2025-15282). - gh-143919: Reject control characters in http.cookies.Morsel fields and values (bsc#1257031, CVE-2026-0672). - gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042, CVE-2026-0865). - gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing. In order to do this without breaking existing users, we also add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead (bsc#1254997, CVE-2025-12084). - gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. - gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran. - gh-136065: Fix quadratic complexity in os.path.expandvars() (bsc#1252974, CVE-2025-6075). - gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (CVE-2025-13836, bsc#1254400). - gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes. - gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (bsc#1254401, CVE-2025-13837). - Library - gh-144833: Fixed a use-after-free in ssl when SSL_new() returns NULL in newPySSLSocket(). The error was reported via a dangling pointer after the object had already been freed. - gh-144363: Update bundled libexpat to 2.7.4 - gh-90949: Add SetAllocTrackerActivationThreshold() and SetAllocTrackerMaximumAmplification() to xmlparser objects to prevent use of disproportional amounts of dynamic memory from within an Expat parser. Patch by Bénédikt Tran. - Core and Builtins - gh-120384: Fix an array out of bounds crash in list_ass_subscript, which could be invoked via some specificly tailored input: including concurrent modification of a list object, where one thread assigns a slice and another clears it. - gh-120298: Fix use-after free in list_richcompare_impl which can be invoked via some specificly tailored evil input. Remove upstreamed patches: - CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2025-12084-minidom-quad-search.patch - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-13837-plistlib-mailicious-length.patch - CVE-2025-6075-expandvars-perf-degrad.patch - CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865-wsgiref-ctrl-chars.patch - CVE-2025-15282-urllib-ctrl-chars.patch ++++ zypper: - Report download progress for command line rpms (fixes #613) - Hint to '-vv ref' to see the mirrors used to download the metadata (bsc#1257882) - Service: Allow "zypper ls SERVICE ..." to test whether a service with this alias is defined (bsc#1252744) The command prints an abstract of all services passed on the command line. It returns 3-ZYPPER_EXIT_ERR_INVALID_ARGS if some argument does not name an existing service. - Keep repo data when updating the service settings (bsc#1252744) - info: Enhance pattern content table (bsc#1158038) Alternatives (multiple packages providing the same requirement) are now listed as a single entry in the content table. The entry shows either the installed package which satisfies the requirement or the requirement itself as type 'Provides'. Listing all potential alternatives was miss leading, especially if the alternatives were mutual exclusive. It looked like an installed pattern had not-installed requirements and it was not possible to install all requirements at the same time. - version 1.14.95 ------------------------------------------------------------------ ------------------ 2026-3-5 - Mar 5 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ASoC: nau8821: Cancel pending work before suspend (git-fixes). - ASoC: nau8821: Cancel delayed work on component remove (git-fixes). - commit b862c94 - spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() (git-fixes). - thermal: int340x: Fix sysfs group leak on DLVR registration failure (stable-fixes). - watchdog: imx7ulp_wdt: handle the nowayout option (stable-fixes). - wifi: ath10k: fix lock protection in ath10k_wmi_event_peer_sta_ps_state_chg() (stable-fixes). - wifi: rtw89: pci: restore LDO setting after device resume (stable-fixes). - wifi: iwlwifi: mvm: check the validity of noa_len (stable-fixes). - wifi: ath12k: fix preferred hardware mode calculation (stable-fixes). - wifi: ath11k: add pm quirk for Thinkpad Z13/Z16 Gen1 (stable-fixes). - wifi: iwlegacy: add missing mutex protection in il4965_store_tx_power() (stable-fixes). - wifi: iwlegacy: add missing mutex protection in il3945_store_measurement() (stable-fixes). - wifi: rtw89: wow: add reason codes for disassociation in WoWLAN mode (stable-fixes). - wifi: rtw88: rtw8821cu: Add ID for Mercusys MU6H (stable-fixes). - wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() (stable-fixes). - wifi: rtw88: fix DTIM period handling when conf->dtim_period is zero (stable-fixes). - wifi: libertas: fix WARNING in usb_tx_block (stable-fixes). - spi: spi-mem: Protect dirmap_create() with spi_mem_access_start/end (stable-fixes). - spi: spi-mem: Limit octal DTR constraints to octal DTR situations (stable-fixes). - spi: stm32: fix Overrun issue at < 8bpw (stable-fixes). - spi-geni-qcom: initialize mode related registers to 0 (stable-fixes). - spi-geni-qcom: use xfer->bits_per_word for can_dma() (stable-fixes). - tools/power cpupower: Reset errno before strtoull() (stable-fixes). - spi: wpcm-fiu: Simplify with dev_err_probe() (stable-fixes). - commit 9ae9cd6 - PCI: Add defines for bridge window indexing (stable-fixes). - Refresh patches.suse/PCI-ACPI-Restrict-program_hpx_type2-to-AER-bits.patch. - commit 7f99d8e - PCI: Add PCIE_MSG_CODE_ASSERT_INTx message macros (stable-fixes). - Refresh patches.suse/PCI-ACPI-Restrict-program_hpx_type2-to-AER-bits.patch. - commit 8b1fafb - media: dvb-net: fix OOB access in ULE extension header tables (git-fixes). - rtc: zynqmp: correct frequency value (stable-fixes). - ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access (stable-fixes). - ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut (stable-fixes). - net: usb: catc: enable basic endpoint checking (git-fixes). - phy: mvebu-cp110-utmi: fix dr_mode property read from dts (stable-fixes). - phy: fsl-imx8mq-usb: disable bind/unbind platform driver feature (stable-fixes). - soundwire: dmi-quirks: add mapping for Avell B.ON (OEM rebranded of NUC15) (stable-fixes). - serial: 8250: 8250_omap.c: Clear DMA RX running status only after DMA termination is done (stable-fixes). - serial: 8250_dw: handle clock enable errors in runtime_resume (stable-fixes). - staging: rtl8723bs: fix memory leak on failure path (stable-fixes). - staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes). - iio: magnetometer: Remove IRQF_ONESHOT (stable-fixes). - iio: Use IRQF_NO_THREAD (stable-fixes). - Revert "mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms" (git-fixes). - mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms (git-fixes). - misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read() (stable-fixes). - misc: eeprom: Fix EWEN/EWDS/ERAL commands for 93xx56 and 93xx66 (stable-fixes). - net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean() (git-fixes). - nfc: nxp-nci: remove interrupt trigger type (stable-fixes). - myri10ge: avoid uninitialized variable use (stable-fixes). - net: usb: sr9700: remove code to drive nonexistent multicast filter (stable-fixes). - net: usb: r8152: fix transmit queue timeout (stable-fixes). - PCI: dw-rockchip: Disable BAR 0 and BAR 1 for Root Port (stable-fixes). - PCI: Enable ACS after configuring IOMMU for OF platforms (stable-fixes). - PCI: Add ACS quirk for Qualcomm Hamoa & Glymur (stable-fixes). - PCI: Fix pci_slot_lock () device locking (stable-fixes). - PCI: Mark Nvidia GB10 to avoid bus reset (stable-fixes). - PCI: Mark ASM1164 SATA controller to avoid bus reset (stable-fixes). - media: rkisp1: Fix filter mode register configuration (stable-fixes). - media: cx25821: Fix a resource leak in cx25821_dev_setup() (stable-fixes). - media: pvrusb2: fix URB leak in pvr2_send_request_ex (stable-fixes). - media: solo6x10: Check for out of bounds chip_id (stable-fixes). - media: adv7180: fix frame interval in progressive mode (stable-fixes). - media: amphion: Clear last_buffer_dequeued flag for DEC_CMD_START (stable-fixes). - media: omap3isp: isppreview: always clamp in preview_try_format() (stable-fixes). - media: omap3isp: set initial format (stable-fixes). - media: omap3isp: isp_video_mbus_to_pix/pix_to_mbus fixes (stable-fixes). - media: dvb-core: dmxdevfilter must always flush bufs (stable-fixes). - HID: elecom: Add support for ELECOM HUGE Plus M-HT1MRBK (stable-fixes). - HID: multitouch: add eGalaxTouch EXC3188 support (stable-fixes). - HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() (stable-fixes). - HID: prodikeys: Check presence of pm->input_ep82 (stable-fixes). - HID: magicmouse: Do not crash on missing msc->input (stable-fixes). - HID: apple: Add "SONiX KN85 Keyboard" to the list of non-apple keyboards (stable-fixes). - hwmon: (f71882fg) Add F81968 support (stable-fixes). - hwmon: (nct6775) Add ASUS Pro WS WRX90E-SAGE SE (stable-fixes). - gpio: aspeed-sgpio: Change the macro to support deferred probe (stable-fixes). - PCI/MSI: Unmap MSI-X region on error (stable-fixes). - i3c: master: svc: Initialize 'dev' to NULL in svc_i3c_master_ibi_isr() (stable-fixes). - spi: wpcm-fiu: Fix uninitialized res (git-fixes). - spi: wpcm-fiu: Use devm_platform_ioremap_resource_byname() (stable-fixes). - PCI: Log bridge info when first enumerating bridge (stable-fixes). - PCI: Log bridge windows conditionally (stable-fixes). - PCI: Supply bridge device, not secondary bus, to read window details (stable-fixes). - PCI: Move pci_read_bridge_windows() below individual window accessors (stable-fixes). - commit 291a680 - ASoC: amd: yc: Add DMI quirk for ASUS Vivobook Pro 15X M6501RR (stable-fixes). - drm/amdgpu: Add HAINAN clock adjustment (stable-fixes). - drm/radeon: Add HAINAN clock adjustment (stable-fixes). - drm/amdgpu: Adjust usleep_range in fence wait (stable-fixes). - drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (git-fixes). - drm/amd/display: Avoid updating surface with the same surface under MPO (stable-fixes). - drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (stable-fixes). - dma: dma-axi-dmac: fix SW cyclic transfers (git-fixes). - dmaengine: sun6i: Choose appropriate burst length under maxburst (stable-fixes). - fpga: of-fpga-region: Fail if any bridge is missing (stable-fixes). - fix it87_wdt early reboot by reporting running timer (stable-fixes). - fbdev: ffb: fix corrupted video output on Sun FFB1 (stable-fixes). - ata: libata: avoid long timeouts on hot-unplugged SATA DAS (stable-fixes). - Bluetooth: btusb: Add device ID for Realtek RTL8761BU (stable-fixes). - Bluetooth: btusb: Add new VID/PID for RTL8852CE (stable-fixes). - Bluetooth: hci_conn: Set link_policy on incoming ACL connections (stable-fixes). - Bluetooth: hci_conn: use mod_delayed_work for active mode timeout (stable-fixes). - drm/atmel-hlcdc: don't reject the commit if the src rect has fractional parts (stable-fixes). - drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release (stable-fixes). - drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback (stable-fixes). - drm: Account property blob allocations to memcg (stable-fixes). - drm/amdkfd: Fix GART PTE for non-4K pagesize in svm_migrate_gart_map() (stable-fixes). - drm/amdgpu: avoid a warning in timedout job handler (stable-fixes). - drm/amdgpu: add support for HDP IP version 6.1.1 (stable-fixes). - drm/v3d: Set DMA segment size to avoid debug warnings (stable-fixes). - drm/i915/wakeref: clean up INTEL_WAKEREF_PUT_* flag macros (stable-fixes). - drm/display/dp_mst: Add protection against 0 vcpi (stable-fixes). - ASoC: codecs: max98390: Check return value of devm_gpiod_get_optional() in max98390_i2c_probe() (stable-fixes). - ASoC: sunxi: sun50i-dmic: Add missing check for devm_regmap_init_mmio (stable-fixes). - ASoC: wm8962: Don't report a microphone if it's shorted to ground on plug (stable-fixes). - ASoC: wm8962: Add WM8962_ADC_MONOMIX to "3D Coefficients" mask (stable-fixes). - ASoC: nau8821: Fixup nau8821_enable_jack_detect() (git-fixes). - char: tpm: cr50: Remove IRQF_ONESHOT (stable-fixes). - docs: fix WARNING document not included in any toctree (stable-fixes). - drm/amdkfd: fix debug watchpoints for logical devices (stable-fixes). - commit 0c8127e - ASoC: nau8821: Consistently clear interrupts before unmasking (git-fixes). - Refresh patches.suse/ASoC-nau8821-Add-DMI-quirk-to-bypass-jack-debounce-c.patch. - commit abf4286 - ALSA: usb-audio: Add sanity check for OOB writes at silencing (stable-fixes). - ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes). - ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio (stable-fixes). - ALSA: hda/conexant: Add headset mic fix for MECHREVO Wujie 15X Pro (stable-fixes). - APEI/GHES: ensure that won't go past CPER allocated record (stable-fixes). - ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() (stable-fixes). - ACPICA: Abort AML bytecode execution when executing AML_FATAL_OP (stable-fixes). - ASoC: nau8821: Avoid unnecessary blocking in IRQ handler (stable-fixes). - commit d3af28a ++++ libsoup: - Update libsoup-CVE-2026-0716.patch to incorporate glgo#GNOME/libsoup!518. The original fix was incomplete (bsc#1256418 CVE-2026-0716 glgo#GNOME/libsoup#476). ------------------------------------------------------------------ ------------------ 2026-3-4 - Mar 4 2026 ------------------- ------------------------------------------------------------------ ++++ salt: - Make syntax in httputil_test compatible with Python 3.6 - Fix KeyError in postgres module with PostgreSQL 17 (bsc#1254325) - Use internal deb classes instead of external aptsource lib - Speed up wheel key.finger call (bsc#1240532) - Backport security patches for Salt vendored tornado: * CVE-2025-67724: missing validation of supplied reason phrase (bsc#1254903) * CVE-2025-67725: fix DoS via malicious HTTP request (bsc#1254905) * CVE-2025-67726: fix HTTP header parameter parsing algorithm (bsc#1254904) - Simplify and speed up utils.find_json function (bsc#1246130) - Extend warn_until period to 2027 - Added: * fix-tornado-s-httputil_test-syntax-for-python-3.6.patch * backport-add-maintain-m-privilege-to-postgres-module.patch * use-internal-salt.utils.pkg.deb-classes-instead-of-a.patch * speedup-wheel-key.finger-call-bsc-1240532-713.patch * fixes-for-security-issues-cve-2025-13836-cve-2025-67.patch * simplify-utils.json.find_json-function.patch * extend-fails-to-warnings-until-2027-742.patch ++++ tar: - Add tar-fix-deletion-from-archive.patch * Fixes tar creating invalid tarballs when used with --delete (bsc#1246607) * Add makeinfo build requirement, needed after the addition of the patch ++++ vim: * Update Vim to version 9.2.0045 (from 9.1.1629). * Fix bsc#1258229 CVE-2026-26269 as 9.2.0045 is not impacted (fixed upstream). * Fix bsc#1246602 CVE-2025-53906 as 9.2.0045 is not impacted (fixed upstream). * Drop obsolete or upstreamed patches: - vim-7.3-filetype_spec.patch - vim-7.4-filetype_apparmor.patch - vim-8.2.2411-globalvimrc.patch * Refresh the following patches: - vim-7.3-filetype_changes.patch - vim-7.3-filetype_ftl.patch - vim-7.3-sh_is_bash.patch - vim-9.1.1134-revert-putty-terminal-colors.patch * Remove autoconf from BuildRequires and drop the autoconf call in %build. * Package new Swedish (sv) man pages and clean up duplicate encodings (sv.ISO8859-1 and sv.UTF-8) during %install. ------------------------------------------------------------------ ------------------ 2026-3-3 - Mar 3 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - cifs: add xid to query server interface call (git-fixes). - Refresh patches.suse/cifs-handle-when-server-starts-supporting-multichannel.patch. - Refresh patches.suse/cifs-make-sure-server-interfaces-are-requested-only-for-SMB3-.patch (bsc#1258928,bsc#1259070). - Refresh patches.suse/cifs-do-not-disable-interface-polling-on-failure.patch. - Refresh patches.suse/cifs-add-xid-to-query-server-interface-call.patch. - commit e67e831 - iommu/mediatek: fix use-after-free on probe deferral (CVE-2025-71071 bsc#1256802). - commit 0b777d9 - bpf: Forget ranges when refining tnum after JSET (CVE-2025-39748 bsc#1249587). - commit 9bb0920 ++++ freetype2: - update to 2.14.2 - Important changes * Several changes related to LCD filtering are implemented to achieve better performance and encourage sound practices. + Instead of blanket LCD filtering over the entire bitmap, it is now applied only to non-zero spans using direct rendering. This speeds up the ClearType-like rendering by more than 40% at sizes above 32 ppem. + Setting the filter weights with FT_Face_Properties is no longer supported. The default and light filters are optimized to work with any face. + The legacy libXft LCD filter algorithm is no longer provided. - Important bug fixes * A bunch of potential security problems have been found (bsc#1259118, CVE-2026-23865). All users should update. * The italic angle in `PS_FontInfo` is now stored as a fixed-point value in degrees for all Type 1 fonts and their derivatives, consistent with CFF fonts and common practices. The broken underline position and thickness values are fixed for CFF fonts. - Miscellaneous * The `x` field in the `FT_Span` structure is now unsigned. * Demo program `ftgrid` got an option `-m` to select a start character to display. * Similarly, demo program `ftmulti` got an option `-m` to select a text string for rendering. * Option `-d` in the demo program `ttdebug` is now called `-a`, expecting a comma-separated list of axis values. The user interface is also slightly improved. * The `ftinspect` demo program can now be compiled with Qt6, too. ------------------------------------------------------------------ ------------------ 2026-3-2 - Mar 2 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - io_uring/io-wq: check IO_WQ_BIT_EXIT inside work run loop (CVE-2026-23113 bsc#1258278). - commit 2e91927 - libceph: replace BUG_ON with bounds check for map->max_osd (CVE-2025-68283 bsc#1255379). - commit 1c35b41 - nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (CVE-2026-23179 bsc#1258394). - commit 63de389 - btrfs: don't log conflicting inode if it's a dir moved in the current transaction (bsc#1256683 CVE-2025-68778). - commit 0cd8ff8 - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (CVE-2026-23112 bsc#1258184). - commit e38d2c3 - landlock: Fix handling of disconnected directories (CVE-2025-68736 bsc#1255698). - commit cdf3815 - landlock: Optimize file path walks and prepare for audit support (bsc#1255698). - commit 5db1b51 - pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (CVE-2026-23116 bsc#1258277). - commit 1905ad8 - bonding: fix use-after-free due to enslave fail after slave array update (CVE-2026-23171 bsc#1258349). - bonding: provide a net pointer to __skb_flow_dissect() (CVE-2026-23119 bsc#1258273). - fou: Don't allow 0 for FOU_ATTR_IPPROTO (CVE-2026-23083 bsc#1257745). - bonding: limit BOND_MODE_8023AD to Ethernet devices (CVE-2026-23099 bsc#1257816). - net: bonding: update the slave array for broadcast mode (CVE-2026-23171 bsc#1258349). - commit d461cd4 - Update patches.suse/ALSA-ac97-fix-a-double-free-in-snd_ac97_controller_r.patch (git-fixes CVE-2025-71192 bsc#1257679). - Update patches.suse/ALSA-ctxfi-Fix-potential-OOB-access-in-audio-mixer-h.patch (stable-fixes CVE-2026-23076 bsc#1257788). - Update patches.suse/ALSA-scarlett2-Fix-buffer-overflow-in-config-retriev.patch (git-fixes CVE-2026-23078 bsc#1257789). - Update patches.suse/ASoC-amd-fix-memory-leak-in-acp3x-pdm-dma-ops.patch (git-fixes CVE-2026-23190 bsc#1258397). - Update patches.suse/Bluetooth-MGMT-Fix-memory-leak-in-set_ssp_complete.patch (git-fixes CVE-2026-23151 bsc#1258237). - Update patches.suse/Bluetooth-hci_uart-fix-null-ptr-deref-in-hci_uart_wr.patch (git-fixes CVE-2026-23146 bsc#1258234). - Update patches.suse/HID-i2c-hid-fix-potential-buffer-overflow-in-i2c_hid.patch (stable-fixes CVE-2026-23178 bsc#1258358). - Update patches.suse/bus-fsl-mc-fix-use-after-free-in-driver_override_sho.patch (git-fixes CVE-2026-23221 bsc#1258660). - Update patches.suse/can-ems_usb-ems_usb_read_bulk_callback-fix-URB-memor.patch (git-fixes CVE-2026-23058 bsc#1257739). - Update patches.suse/can-etas_es58x-allow-partial-RX-URB-allocation-to-su.patch (git-fixes CVE-2026-23037 bsc#1257554). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-fix-error-me.patch (git-fixes CVE-2026-23155 bsc#1258313). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-unanchor-URL.patch (git-fixes CVE-2026-23082 bsc#1257715). - Update patches.suse/can-j1939-make-j1939_session_activate-fail-if-device.patch (stable-fixes CVE-2025-71182 bsc#1257586). - Update patches.suse/can-kvaser_usb-kvaser_usb_read_bulk_callback-fix-URB.patch (git-fixes CVE-2026-23061 bsc#1257776). - Update patches.suse/can-mcba_usb-mcba_usb_read_bulk_callback-fix-URB-mem.patch (git-fixes CVE-2026-23080 bsc#1257714). - Update patches.suse/can-usb_8dev-usb_8dev_read_bulk_callback-fix-URB-mem.patch (git-fixes CVE-2026-23108 bsc#1257770). - Update patches.suse/crypto-iaa-Fix-out-of-bounds-index-in-find_empty_iaa.patch (git-fixes CVE-2025-71231 bsc#1258424). - Update patches.suse/crypto-omap-Allocate-OMAP_CRYPTO_FORCE_COPY-scatterl.patch (git-fixes CVE-2026-23222 bsc#1258484). - Update patches.suse/crypto-virtio-Add-spinlock-protection-with-virtqueue.patch (git-fixes CVE-2026-23229 bsc#1258429). - Update patches.suse/dmaengine-at_hdmac-fix-device-leak-on-of_dma_xlate.patch (git-fixes CVE-2025-71191 bsc#1257579). - Update patches.suse/dmaengine-bcm-sba-raid-fix-device-leak-on-probe.patch (git-fixes CVE-2025-71190 bsc#1257580). - Update patches.suse/dmaengine-dw-dmamux-fix-OF-node-leak-on-route-alloca.patch (git-fixes CVE-2025-71189 bsc#1257573). - Update patches.suse/dmaengine-lpc18xx-dmamux-fix-device-leak-on-route-al.patch (git-fixes CVE-2025-71188 bsc#1257576). - Update patches.suse/dmaengine-omap-dma-fix-dma_pool-resource-leak-in-err.patch (git-fixes CVE-2026-23033 bsc#1257570). - Update patches.suse/dmaengine-qcom-gpi-Fix-memory-leak-in-gpi_peripheral.patch (git-fixes CVE-2026-23026 bsc#1257562). - Update patches.suse/dmaengine-ti-dma-crossbar-fix-device-leak-on-am335x-.patch (git-fixes CVE-2025-71185 bsc#1257560). - Update patches.suse/dmaengine-xilinx-xdma-Fix-regmap-max_register.patch (git-fixes CVE-2025-71195 bsc#1257704). - Update patches.suse/dpll-Prevent-duplicate-registrations.patch (git-fixes CVE-2026-23129 bsc#1258299). - Update patches.suse/drm-amdgpu-fix-NULL-pointer-dereference-in-amdgpu_gm.patch (git-fixes CVE-2026-23163 bsc#1258544). - Update patches.suse/drm-imx-tve-fix-probe-device-leak.patch (git-fixes CVE-2026-23170 bsc#1258379). - Update patches.suse/drm-panel-simple-fix-connector-type-for-DataImage-SC.patch (git-fixes CVE-2026-23049 bsc#1257723). - Update patches.suse/efivarfs-fix-error-propagation-in-efivar_entry_get.patch (git-fixes CVE-2026-23156 bsc#1258317). - Update patches.suse/ext4-fix-iloc.bh-leak-in-ext4_xattr_inode_update_ref.patch (git-fixes CVE-2026-23145 bsc#1258326). - Update patches.suse/iio-adc-at91-sama5d2_adc-Fix-potential-use-after-fre.patch (git-fixes CVE-2025-71199 bsc#1257750). - Update patches.suse/iio-imu-st_lsm6dsx-fix-iio_chan_spec-for-sensors-wit.patch (git-fixes CVE-2025-71198 bsc#1257741). - Update patches.suse/intel_th-fix-device-leak-on-output-open.patch (git-fixes CVE-2026-23091 bsc#1257813). - Update patches.suse/leds-led-class-Only-Add-LED-to-leds_list-when-it-is-.patch (git-fixes CVE-2026-23101 bsc#1257768). - Update patches.suse/mISDN-annotate-data-race-around-dev-work.patch (git-fixes CVE-2026-23121 bsc#1258309). - Update patches.suse/mmc-sdhci-of-dwcmshc-Prevent-illegal-clock-reduction.patch (git-fixes CVE-2025-71200 bsc#1258222). - Update patches.suse/net-usb-pegasus-fix-memory-leak-in-update_eth_regs_a.patch (git-fixes CVE-2026-23021 bsc#1257557). - Update patches.suse/net-wwan-t7xx-fix-potential-skb-frags-overflow-in-RX.patch (git-fixes CVE-2026-23172 bsc#1258519). - Update patches.suse/nfc-llcp-Fix-memleak-in-nfc_llcp_send_ui_frame.patch (git-fixes CVE-2026-23150 bsc#1258354). - Update patches.suse/nfc-nci-Fix-race-between-rfkill-and-nci_unregister_d.patch (git-fixes CVE-2026-23167 bsc#1258374). - Update patches.suse/phy-stm32-usphyc-Fix-off-by-one-in-probe.patch (git-fixes CVE-2025-71196 bsc#1257716). - Update patches.suse/platform-x86-toshiba_haps-Fix-memory-leaks-in-add-re.patch (git-fixes CVE-2026-23176 bsc#1258256). - Update patches.suse/regmap-Fix-race-condition-in-hwspinlock-irqsave-rout.patch (git-fixes CVE-2026-23071 bsc#1257706). - Update patches.suse/scsi-qla2xxx-Delay-module-unload-while-fabric-scan-i.patch (bsc#1256863 CVE-2025-71235 bsc#1258469). - Update patches.suse/scsi-qla2xxx-Free-sp-in-error-path-to-fix-system-cra.patch (bsc#1256863 CVE-2025-71232 bsc#1258422). - Update patches.suse/scsi-qla2xxx-Validate-sp-before-freeing-associated-m.patch (bsc#1256863 CVE-2025-71236 bsc#1258442). - Update patches.suse/slimbus-core-fix-device-reference-leak-on-report-pre.patch (git-fixes CVE-2026-23090 bsc#1257759). - Update patches.suse/spi-spi-sprd-adi-Fix-double-free-in-probe-error-path.patch (git-fixes CVE-2026-23068 bsc#1257805). - Update patches.suse/spi-tegra-Fix-a-memory-leak-in-tegra_slink_probe.patch (git-fixes CVE-2026-23182 bsc#1258259). - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-check-in-IRQ-han.patch (git-fixes bsc#1257952 CVE-2026-23207 bsc#1258524). - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-in-tegra_qspi_co.patch (git-fixes bsc#1257952 CVE-2026-23202 bsc#1258338). - Update patches.suse/uacce-ensure-safe-queue-release-with-state-managemen.patch (git-fixes CVE-2026-23063 bsc#1257722). - Update patches.suse/uacce-fix-cdev-handling-in-the-cleanup-path.patch (git-fixes CVE-2026-23096 bsc#1257809). - Update patches.suse/uacce-fix-isolate-sysfs-check-condition.patch (git-fixes CVE-2026-23094 bsc#1257811). - Update patches.suse/uacce-implement-mremap-in-uacce_vm_ops-to-return-EPE.patch (git-fixes CVE-2026-23056 bsc#1257729). - Update patches.suse/w1-therm-Fix-off-by-one-buffer-overflow-in-alarms_st.patch (git-fixes CVE-2025-71197 bsc#1257743). - Update patches.suse/wifi-ath10k-fix-dma_free_coherent-pointer.patch (git-fixes CVE-2026-23133 bsc#1258249). - Update patches.suse/wifi-ath12k-fix-dma_free_coherent-pointer.patch (git-fixes CVE-2026-23135 bsc#1258245). - Update patches.suse/wifi-mac80211-correctly-decode-TTLM-with-default-lin.patch (git-fixes CVE-2026-23152 bsc#1258252). - Update patches.suse/wifi-mac80211-ocb-skip-rx_no_sta-when-interface-is-n.patch (stable-fixes CVE-2025-71224 bsc#1258824). - Update patches.suse/wifi-rsi-Fix-memory-corruption-due-to-not-set-vif-dr.patch (git-fixes CVE-2026-23073 bsc#1257707). - Update patches.suse/wifi-rtl8xxxu-fix-slab-out-of-bounds-in-rtl8xxxu_sta.patch (git-fixes CVE-2025-71234 bsc#1258419). - Update patches.suse/wifi-rtw88-Fix-alignment-fault-in-rtw_core_enable_be.patch (git-fixes CVE-2025-71229 bsc#1258415). - Update patches.suse/wifi-wlcore-ensure-skb-headroom-before-skb_push.patch (stable-fixes CVE-2025-71222 bsc#1258279). - commit 30080c1 - smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924, CVE-2025-40103). - commit 2028384 - cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911, CVE-2025-40099). - commit 821259f - Refresh patches.suse/smb-client-split-cached_fid-bitfields-to-avoid-shared-byte-RMW-rac.patch. - commit 1325cd1 - ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (CVE-2026-23166 bsc#1258272). - net/mlx5e: TC, delete flows only for existing peers (CVE-2026-23173 bsc#1258520). - commit 1315a36 ++++ openssh: - Add openssh-7.7p1-gssapi-new-unique.patch (bsc#1258166). This allows using SSSD with a non-file backend. ++++ virtiofsd: - Add CVE-2026-25727.patch: Avoid denial of service when parsing Rfc2822(bsc#1257912 CVE-2026-25727). ------------------------------------------------------------------ ------------------ 2026-3-1 - Mar 1 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - device property: Allow secondary lookup in fwnode_get_next_child_node() (git-fixes). - commit 13b0bcb ++++ util-linux-systemd: - Use full hostname for PAM to ensure correct access control for "login -h" (bsc#1258859, CVE-2026-3184, util-linux-CVE-2026-3184.patch). ++++ util-linux: - Use full hostname for PAM to ensure correct access control for "login -h" (bsc#1258859, CVE-2026-3184, util-linux-CVE-2026-3184.patch). ------------------------------------------------------------------ ------------------ 2026-2-28 - Feb 28 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0 (stable-fixes). - ALSA: usb-audio: Check max frame size for implicit feedback mode, too (stable-fixes). - commit 94dd673 - PCI: Correct PCI_CAP_EXP_ENDPOINT_SIZEOF_V2 value (git-fixes). - mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index() (git-fixes). - ALSA: usb-audio: Use correct version for UAC3 header validation (git-fixes). - ALSA: usb-audio: Use inclusive terms (git-fixes). - ALSA: usb-audio: Cap the packet size pre-calculations (git-fixes). - ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices (git-fixes). - drm/bridge: samsung-dsim: Fix memory leak in error path (git-fixes). - drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used (git-fixes). - drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse() (git-fixes). - drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (git-fixes). - drm/vmwgfx: Fix invalid kref_put callback in vmw_bo_dirty_release (git-fixes). - commit b1fa310 ------------------------------------------------------------------ ------------------ 2026-2-27 - Feb 27 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: core: Wake up the error handler when final completions race against each other (CVE-2026-23110 bsc#1257761). - commit 59f5efa - dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (CVE-2026-23004 bsc#1257231). - commit 3cd007f - btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635 CVE-2025-71184). - commit 5bf422c - netfilter: nf_conncount: update last_gc only when GC has been performed (CVE-2026-23139 bsc#1258304). - commit 9a70b26 - netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (CVE-2026-23111 bsc#1258181). - commit 56db8af - ipmi: ipmb: initialise event handler read bytes (git-fixes). - wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (git-fixes). - wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration (git-fixes). - wifi: radiotap: reject radiotap with unknown bits (git-fixes). - wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() (git-fixes). - wifi: cfg80211: wext: fix IGTK key ID off-by-one (git-fixes). - net: usb: kaweth: validate USB endpoints (git-fixes). - net: usb: kalmia: validate USB endpoints (git-fixes). - nfc: pn533: properly drop the usb interface reference on disconnect (git-fixes). - Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ (git-fixes). - Bluetooth: L2CAP: Fix not checking output MTU is acceptable on L2CAP_ECRED_CONN_REQ (git-fixes). - Bluetooth: L2CAP: Fix response to L2CAP_ECRED_CONN_REQ (git-fixes). - Bluetooth: hci_qca: Cleanup on all setup failures (git-fixes). - Bluetooth: L2CAP: Fix invalid response to L2CAP_ECRED_RECONF_REQ (git-fixes). - net: usb: pegasus: enable basic endpoint checking (git-fixes). - net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets (git-fixes). - net: usb: lan78xx: scan all MDIO addresses on LAN7801 (git-fixes). - net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode (git-fixes). - commit d2c7de0 ++++ systemd: - Import commit aef6e11921f8c46a2b7ee8cfab024c9c641d74d8 aef6e11921 core/cgroup: avoid one unnecessary strjoina() cc7426f38a sd-json: fix off-by-one issue when updating parent for array elements 26a748f727 core: validate input cgroup path more prudently (bsc#1259418 CVE-2026-29111) 99d8308fde core/dbus-manager: propagate meaningful dbus errors from EnqueueMarkedJobs ------------------------------------------------------------------ ------------------ 2026-2-26 - Feb 26 2026 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fix spec file for SLFO 1.1 target glibc-gconv-modules-extra does not exist in SLFO 1.1 ++++ kernel-default: - btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (bsc#1257687 CVE-2025-71194). - commit 2e0cb69 - drm/amdgpu: ensure no_hw_access is visible before MMIO (CVE-2026-23213 bsc#1258465). - commit bec3979 - drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (CVE-2026-23213 bsc#1258465). - commit 3b81ead - media: dvb-core: fix wrong reinitialization of ringbuffer on reopen (git-fixes). - commit ba51966 ++++ nvidia-open-driver-G06-signed: - updated CUDA variant to version 580.126.20 - supersedes kernel-6.19.patch ------------------------------------------------------------------ ------------------ 2026-2-25 - Feb 25 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NFS: Fix a deadlock involving nfs_release_folio() (CVE-2026-23053 bsc#1257718). - commit 492ba43 - KVM: Don't clobber irqfd routing type when deassigning irqfd (CVE-2026-23198 bsc#1258321). - commit e973f50 - KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (CVE-2025-68810 bsc#1256679). - commit a9c2c12 ++++ libsoup: - Add libsoup-CVE-2026-1760.patch: server: close the connection after responsing a request containing... (bsc#1257597, CVE-2026-1760, glgo#GNOME/libsoup#475). - Add libsoup-CVE-2026-1467.patch: uri-utils: do host validation when checking if a GUri is valid (bsc#1257398, CVE-2026-1467, glgo#GNOME/libsoup#488). - Add libsoup-CVE-2026-1539.patch: Also remove Proxy-Authorization header on cross origin redirect (bsc#1257441, CVE-2026-1539, glgo#GNOME/libsoup#489). ++++ qemu: - Bug and CVE fixes: * cryptodev-builtin: Limit the maximum size (bsc#1255400, CVE-2025-14876) * hw/virtio/virtio-crypto: verify asym request size (bsc#1255400, CVE-2025-14876) * hw/i386/kvm: fix PIRQ bounds check in xen_physdev_map_pirq() (bsc#1256484, CVE-2026-0665) ------------------------------------------------------------------ ------------------ 2026-2-24 - Feb 24 2026 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fix upstream merge README ++++ gnutls: - Add the functionality to allow to specify the hash algorithm for the PSK. This fixes a bug in the current implementation where the binder is always calculated with SHA256. * (bsc#1258083, jsc#PED-15752, jsc#PED-15753) * lib/psk: Add gnutls_psk_allocate_{client,server}_credentials2 * tests/psk-file: Add testing for _credentials2 functions * lib/psk: add null check for binder algo * pre_shared_key: fix memleak when retrying with different binder algo * pre_shared_key: add null check on pskcred * Add patches: - gnutls-PSK-hash.patch - gnutls-PSK-hash-tests.patch - gnutls-PSK-hash-NULL-check.patch - gnutls-PSK-hash-NULL-check-pskcred.patch - gnutls-PSK-hash-fix-memleak.patch ++++ kernel-default: - md: suspend array while updating raid_disks via sysfs (CVE-2025-71225, bsc#1258411). - commit 22f1953 - smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129, CVE-2025-68295). - commit 069aa1f - Refresh patches.suse/smb-client-split-cached_fid-bitfields-to-avoid-shared-byte-RMW-rac.patch. - commit f42de87 - Move upstreamed mm and SCSI patches into sorted section - commit 2b576e9 - btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377 CVE-2026-23141). - commit b93c18b - btrfs: reject new transactions if the fs is fully read-only (bsc#1258464 CVE-2026-23214). - commit c375a48 ------------------------------------------------------------------ ------------------ 2026-2-23 - Feb 23 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: fix memory leak in skb_segment_list for GRO packets (CVE-2026-22979 bsc#1257228). - commit 59160d7 - rpm/check-for-config-changes: add OPENSSL_SUPPORTS_ to IGNORED_CONFIGS_RE Config option OPENSSL_SUPPORTS_ML_DSA was introduced by mainline commit 0ad9a71933e7 ("modsign: Enable ML-DSA module signing") in 7.0-rc1 - commit 21b4616 - macvlan: observe an RCU grace period in macvlan_common_newlink() error path (CVE-2026-23209 bsc#1258518). - macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209 bsc#1258518). - commit eaf1535 - bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691). - commit 0b66a07 - rtc: interface: Alarm race handling should not discard preceding error (git-fixes). - commit f96272c ------------------------------------------------------------------ ------------------ 2026-2-22 - Feb 22 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NTB: ntb_transport: Fix too small buffer for debugfs_name (git-fixes). - commit 269c576 ------------------------------------------------------------------ ------------------ 2026-2-21 - Feb 21 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: usb-audio: Use the right limit for PCM OOB check (CVE-2026-23208 bsc#1258468). - ALSA: usb-audio: Prevent excessive number of frames (CVE-2026-23208 bsc#1258468). - commit 895c473 - ASoC: rockchip: i2s-tdm: Use param rate if not provided by set_sysclk (git-fixes). - drm/amd/display: Use same max plane scaling limits for all 64 bpp formats (git-fixes). - drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify (git-fixes). - drm/i915/acpi: free _DSM package when no connectors (git-fixes). - drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected() (git-fixes). - drm/amdgpu: Fix memory leak in amdgpu_ras_init() (git-fixes). - drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc() (git-fixes). - efi: Fix reservation of unaccepted memory table (git-fixes). - commit 2183b13 ------------------------------------------------------------------ ------------------ 2026-2-20 - Feb 20 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (CVE-2025-37861 bsc#1243055). - commit 807000c - net: nfc: nci: Fix parameter validation for packet data (git-fixes). - atm: fore200e: fix use-after-free in tasklets during device removal (git-fixes). - USB: serial: option: add Telit FN920C04 RNDIS compositions (stable-fixes). - fbdev: smscufx: properly copy ioctl memory to kernelspace (stable-fixes). - bus: fsl-mc: fix use-after-free in driver_override_show() (git-fixes). - ASoC: amd: yc: Add quirk for HP 200 G2a 16 (stable-fixes). - ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9 (stable-fixes). - platform/x86: classmate-laptop: Add missing NULL pointer checks (stable-fixes). - platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro (stable-fixes). - platform/x86: panasonic-laptop: Fix sysfs group leak in error path (stable-fixes). - gpio: sprd: Change sprd_gpio lock to raw_spin_lock (stable-fixes). - drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used (stable-fixes). - bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions (stable-fixes). - commit 436dcdb ------------------------------------------------------------------ ------------------ 2026-2-19 - Feb 19 2026 ------------------- ------------------------------------------------------------------ ++++ docker-compose: - Add patch for CVE-2025-62725 (bsc#1252752) 0002-CVE-2025-62725-fix-Enforce-compose-files-from-OCI-ar.patch ++++ kernel-default: - config.conf: Drop armv7hl builds commit 09ee386c4ae dropped support for armv7hl in SLE15-SP7, SUSE-2024 never supported it, therefore, no branch downstream of fixes/linux-6.4 supports this arch (bsc#1255265). - commit 5dc5aaf - ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191 bsc#1258395). - commit 114f0d2 - ACPI: CPPC: Fix remaining for_each_possible_cpu() to use online CPUs (git-fixes). - ACPI: PM: Add unused power resource quirk for THUNDEROBOT ZERO (git-fixes). - powercap: intel_rapl_tpmi: Remove FW_BUG from invalid version check (git-fixes). - PM: sleep: wakeirq: Update outdated documentation comments (git-fixes). - commit 700df2d ++++ libsoup: - Add more CVE fixes: + libsoup-CVE-2025-32049.patch (bsc#1240751 CVE-2025-32049 glgo#GNOME/libsoup#390) + libsoup-CVE-2026-2443.patch (bsc#1258170 CVE-2026-2443 glgo#GNOME/libsoup#487) + libsoup-CVE-2026-2369.patch (bsc#1258120 CVE-2026-2369 glgo#GNOME/libsoup!508) + libsoup-CVE-2026-2708.patch (bsc#1258508 CVE-2026-2708 glgo#GNOME/libsoup#500) ------------------------------------------------------------------ ------------------ 2026-2-18 - Feb 18 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (bsc#1257735 CVE-2026-23060). - commit 9347d8b - crypto: af_alg - zero initialize memory allocated via sock_kmalloc (bsc#1256716 CVE-2025-71113). - commit 449e0ae - crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui() (bsc#1254992 CVE-2023-53817). - commit f8259ad - gue: Fix skb memleak with inner IP protocol 0 (CVE-2026-23095 bsc#1257808). - commit e8190a1 - vsock/virtio: cap TX credit to local buffer size (CVE-2026-23086 bsc#1257757). - commit 2a01723 - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (bsc#1251966 CVE-2025-39964). - commit 2a9a19a - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966 CVE-2025-39964). Refresh patches.suse/crypto-add-suse_kabi_padding.patch. - commit a6b1063 - Workaround for hybrid git workflow in SLFO 1.0/1.1 - commit 7ab5a74 - dmaengine: mediatek: uart-apdma: Fix above 4G addressing TX/RX (git-fixes). - usb: dwc2: fix resume failure if dr_mode is host (git-fixes). - usb: gadget: tegra-xudc: Add handling for BLCG_COREPLL_PWRDN (git-fixes). - usb: bdc: fix sleep during atomic (git-fixes). - serial: SH_SCI: improve "DMA support" prompt (git-fixes). - serial: imx: change SERIAL_IMX_CONSOLE to bool (git-fixes). - staging: rtl8723bs: fix null dereference in find_network (git-fixes). - iio: sca3000: Fix a resource leak in sca3000_probe() (git-fixes). - iio: gyro: itg3200: Fix unchecked return value in read_raw (git-fixes). - drivers: iio: mpu3050: use dev_err_probe for regulator request (git-fixes). - fpga: dfl: use subsys_initcall to allow built-in drivers to be added (git-fixes). - commit e89b2ea ++++ zlib: - Fix CVE-2026-27171, infinite loop via the crc32_combine64 and crc32_combine_gen64 functions due to missing checks for negative lengths (bsc#1258392) * CVE-2026-27171.patch ------------------------------------------------------------------ ------------------ 2026-2-17 - Feb 17 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (CVE-2026-23084 bsc#1257830). - commit 27fe347 - leds: qcom-lpg: Check the return value of regmap_bulk_write() (git-fixes). - backlight: qcom-wled: Change PM8950 WLED configurations (git-fixes). - backlight: qcom-wled: Support ovp values for PMI8994 (git-fixes). - mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure (git-fixes). - mfd: core: Add locking around 'mfd_of_node_list' (git-fixes). - mfd: tps6105x: Fix kernel-doc warnings relating to the core struct and tps6105x_mode (git-fixes). - Revert "mfd: da9052-spi: Change read-mask to write-mask" (stable-fixes). - pinctrl: single: fix refcount leak in pcs_add_gpio_func() (git-fixes). - pinctrl: qcom: sm8250-lpass-lpi: Fix i2s2_data_groups definition (git-fixes). - pinctrl: equilibrium: Fix device node reference leak in pinbank_init() (git-fixes). - Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (stable-fixes). - commit 516fe60 ++++ python-cryptography: - CVE-2026-26007: Subgroup Attack Due to Missing Subgroup Validation for SECT Curves (bsc#1258074) * added CVE-2026-26007.patch ------------------------------------------------------------------ ------------------ 2026-2-16 - Feb 16 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Input: stmfts - make comments correct (git-fixes). - Input: stmfts - correct wording for the warning message (git-fixes). - clk: qcom: gfx3d: add parent to parent request map (git-fixes). - clk: qcom: dispcc-sdm845: Enable parents for pixel clocks (git-fixes). - clk: qcom: gcc-msm8917: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes). - clk: qcom: gcc-msm8953: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes). - clk: qcom: rcg2: compute 2d using duty fraction directly (git-fixes). - clk: mediatek: Fix error handling in runtime PM setup (git-fixes). - clk: meson: g12a: Limit the HDMI PLL OD to /4 (git-fixes). - clk: meson: gxbb: Limit the HDMI PLL OD to /4 on GXL/GXM SoCs (git-fixes). - clk: tegra: tegra124-emc: Fix potential memory leak in tegra124_clk_register_emc() (git-fixes). - clk: tegra: tegra124-emc: fix device leak on set_rate() (git-fixes). - clk: clk-apple-nco: Add "apple,t8103-nco" compatible (git-fixes). - clk: renesas: rzg2l: Select correct div round macro (git-fixes). - clk: renesas: rzg2l: Fix intin variable size (git-fixes). - fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe() (git-fixes). - fbdev: of: display_timing: fix refcount leak in of_get_display_timings() (git-fixes). - fbdev: vt8500lcdfb: fix missing dma_free_coherent() (git-fixes). - fbcon: check return value of con2fb_acquire_newinfo() (git-fixes). - fbdev: rivafb: fix divide error in nv3_arb() (git-fixes). - rpmsg: core: fix race in driver_override_show() and use core helper (git-fixes). - commit b135afb - Update "drm/mgag200: fix mgag200_bmc_stop_scanout()" bug number (bsc#1258153) - commit 2fe2c66 ------------------------------------------------------------------ ------------------ 2026-2-14 - Feb 14 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - crypto: ccp - Add an S4 restore flow (git-fixes). - tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus() (git-fixes). - mtd: rawnand: pl353: Fix software ECC support (git-fixes). - mtd: spinand: Fix kernel doc (git-fixes). - mtd: rawnand: cadence: Fix return type of CDMA send-and-wait helper (git-fixes). - mtd: parsers: ofpart: fix OF node refcount leak in parse_fixed_partitions() (git-fixes). - mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() (git-fixes). - commit 766aa67 ------------------------------------------------------------------ ------------------ 2026-2-13 - Feb 13 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ice: fix devlink reload call trace (CVE-2026-23104 bsc#1257763). - net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (CVE-2026-23035 bsc#1257559). - idpf: fix error handling in the init_task on load (CVE-2026-23017 bsc#1257552). - commit fb93c36 - power: supply: qcom_battmgr: Recognize "LiP" as lithium-polymer (git-fixes). - power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() (git-fixes). - power: supply: bq27xxx: fix wrong errno when bus ops are unsupported (git-fixes). - power: reset: nvmem-reboot-mode: respect cell size for nvmem_cell_write (git-fixes). - power: supply: sbs-battery: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: rt9455: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: goldfish: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: cpcap-battery: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: bq25980: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: bq256xx: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: act8945a: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: ab8500: Fix use-after-free in power_supply_changed() (git-fixes). - ata: pata_ftide010: Fix some DMA timings (git-fixes). - rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() (git-fixes). - commit 46137a2 - dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (CVE-2026-23004 bsc#1257231). - commit 75a3dd5 ++++ libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) * Add patch libxml2-CVE-2026-0990.patch - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) * Add patch libxml2-CVE-2026-0992.patch - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) * Add patch libxml2-CVE-2025-8732.patch ++++ libxml2-python: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) * Add patch libxml2-CVE-2026-0990.patch - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) * Add patch libxml2-CVE-2026-0992.patch - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) * Add patch libxml2-CVE-2025-8732.patch ------------------------------------------------------------------ ------------------ 2026-2-12 - Feb 12 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net/sched: act_ife: avoid possible NULL deref (CVE-2026-23064 bsc#1257765). - net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (CVE-2026-23105 bsc#1257775). - commit a17643b - Update upstreamed net and powerpc patch references and sorting - commit 638a424 - KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708, CVE-2025-71104). - commit 1d88ad6 - vsock/virtio: Coalesce only linear skb (bsc#1257740, CVE-2026-23057). - commit 09262b6 - nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (CVE-2026-22998 bsc#1257209). - commit f5cd5c5 - wifi: ath10k: sdio: add missing lock protection in ath10k_sdio_fw_crashed_dump() (git-fixes). - wifi: ath9k: fix kernel-doc warnings in common-debug.h (git-fixes). - wifi: ath9k: debug.h: fix kernel-doc bad lines and struct ath_tx_stats (git-fixes). - wifi: cfg80211: stop NAN and P2P in cfg80211_leave (git-fixes). - wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add (git-fixes). - wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() (git-fixes). - wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes). - soc: mediatek: svs: Fix memory leak in svs_enable_debug_write() (git-fixes). - soc: qcom: cmd-db: Use devm_memremap() to fix memory leak in cmd_db_dev_probe (git-fixes). - soc: qcom: smem: handle ENOMEM error during probe (git-fixes). - wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice (stable-fixes). - wifi: mac80211: correctly check if CSA is active (stable-fixes). - wifi: cfg80211: Fix bitrate calculation overflow for HE rates (stable-fixes). - wifi: mac80211: collect station statistics earlier when disconnect (stable-fixes). - wifi: mac80211: ocb: skip rx_no_sta when interface is not joined (stable-fixes). - wifi: wlcore: ensure skb headroom before skb_push (stable-fixes). - commit 7dd6fbf - PCI: mediatek: Fix IRQ domain leak when MSI allocation fails (git-fixes). - PCI: Add ACS quirk for Pericom PI7C9X2G404 switches [12d8:b404] (git-fixes). - PCI: Fix pci_slot_trylock() error handling (git-fixes). - PCI/portdrv: Fix potential resource leak (git-fixes). - PCI/PM: Avoid redundant delays on D3hot->D3cold (git-fixes). - PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails (git-fixes). - PCI/IOV: Fix race between SR-IOV enable/disable and hotplug (git-fixes). - Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" (git-fixes). - PCI/ACPI: Restrict program_hpx_type2() to AER bits (git-fixes). - PCI: Initialize RCB from pci_configure_device() (git-fixes). - PCI: Mark 3ware-9650SA Root Port Extended Tags as broken (git-fixes). - regulator: core: move supply check earlier in set_machine_constraints() (git-fixes). - regulator: core: fix locking in regulator_resolve_supply() error path (git-fixes). - platform/chrome: cros_ec_lightbar: Fix response size initialization (git-fixes). - platform/chrome: cros_typec_switch: Don't touch struct fwnode_handle::dev (git-fixes). - soc: ti: pruss: Fix double free in pruss_clk_mux_setup() (git-fixes). - soc: ti: k3-socinfo: Fix regmap leak on probe failure (git-fixes). - regmap: maple: free entry on mas_store_gfp() failure (stable-fixes). - commit 5d29d16 - nfc: hci: shdlc: Stop timers and work before freeing context (git-fixes). - PCI: Do not attempt to set ExtTag for VFs (git-fixes). - PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions (git-fixes). - media: uvcvideo: Fix allocation for small frame sizes (git-fixes). - media: venus: vdec: fix error state assignment for zero bytesused (git-fixes). - media: ccs: Accommodate C-PHY into the calculation (git-fixes). - media: i2c: ov5647: use our own mutex for the ctrl lock (git-fixes). - media: i2c: ov5647: Fix PIXEL_RATE value for VGA mode (git-fixes). - media: i2c: ov5647: Sensor should report RAW color space (git-fixes). - media: i2c: ov5647: Correct minimum VBLANK value (git-fixes). - media: i2c: ov5647: Correct pixel array offset (git-fixes). - media: i2c: ov5647: Initialize subdev before controls (git-fixes). - media: ccs: Avoid possible division by zero (git-fixes). - media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes). - media: i2c/tw9906: Fix potential memory leak in tw9906_probe() (git-fixes). - media: i2c/tw9903: Fix potential memory leak in tw9903_probe() (git-fixes). - media: cx25821: Add missing unmap in snd_cx25821_hw_params() (git-fixes). - media: cx23885: Add missing unmap in snd_cx23885_hw_params() (git-fixes). - media: cx88: Add missing unmap in snd_cx88_hw_params() (git-fixes). - net: usb: sr9700: support devices with virtual driver CD (stable-fixes). - commit b9e0ae7 - drm/msm/a2xx: fix pixel shader start on A225 (git-fixes). - drm/msm/dpu: fix CMD panels on DPU 1.x - 3.x (git-fixes). - drm/buddy: Prevent BUG_ON by validating rounded allocation (git-fixes). - drm/tegra: dsi: fix device leak on probe (git-fixes). - media: radio-keene: fix memory leak in error path (git-fixes). - media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() (git-fixes). - media: mtk-mdp: Fix error handling in probe function (git-fixes). - HID: hid-pl: handle probe errors (git-fixes). - HID: playstation: Add missing check for input_ff_create_memless (git-fixes). - Revert "hwmon: (ibmpex) fix use-after-free in high/low store" (git-fixes). - hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (git-fixes). - HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101) (stable-fixes). - HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() (stable-fixes). - HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list (stable-fixes). - HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL (stable-fixes). - HID: intel-ish-hid: Reset enum_devices_done before enumeration (stable-fixes). - HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes). - HID: playstation: Center initial joystick axes to prevent spurious events (stable-fixes). - commit a4d4518 - Documentation: PCI: endpoint: Fix ntb/vntb copy & paste errors (git-fixes). - ASoC: amd: drop unused Kconfig symbols (git-fixes). - ASoC: pxa: drop unused Kconfig symbol (git-fixes). - ASoC: SOF: ipc4-control: Keep the payload size up to date (git-fixes). - ASoC: SOF: ipc4-control: Use the correct size for scontrol->ipc_control_data (git-fixes). - ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls (git-fixes). - ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes). - bus: fsl-mc: fix an error handling in fsl_mc_device_add() (git-fixes). - ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU (git-fixes). - ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (stable-fixes). - ASoC: tlv320adcx140: Propagate error codes during probe (stable-fixes). - ASoC: amd: yc: Fix microphone on ASUS M6500RE (stable-fixes). - ASoC: davinci-evm: Fix reference leak in davinci_evm_probe (stable-fixes). - ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk (stable-fixes). - commit cd7803f ++++ libpng16: - added patches CVE-2026-25646: Heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020) * libpng16-CVE-2026-25646.patch ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to version 580.126.18 (boo#1258154) - updated CUDA variant to version 580.126.16 ------------------------------------------------------------------ ------------------ 2026-2-11 - Feb 11 2026 ------------------- ------------------------------------------------------------------ ++++ gpg2: - Fix Y2K38 FTBFS: * gpg2 quick-key-manipulation test FTBFS-2038 (bsc#1251214) * Upstream issue: dev.gnupg.org/T8096 * Add gnupg-gpgscm-New-operator-long-time-t-to-detect-proper-tim.patch ++++ kernel-default: - net/sched: Enforce that teql can only be used as root qdisc (CVE-2026-23074 bsc#1257749). - commit 476e9b8 - mfd: wm8350-core: Use IRQF_ONESHOT (git-fixes). - crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (git-fixes). - crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (git-fixes). - crypto: virtio - Add spinlock protection with virtqueue notification (git-fixes). - crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware queue unavailable (git-fixes). - crypto: octeontx - fix dma_free_coherent() size (git-fixes). - crypto: cavium - fix dma_free_coherent() size (git-fixes). - crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (git-fixes). - crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (git-fixes). - crypto: qat - fix warning on adf_pfvf_pf_proto.c (git-fixes). - crypto: qat - fix parameter order used in ICP_QAT_FW_COMN_FLAGS_BUILD (git-fixes). - Documentation: mailbox: mbox_chan_ops.flush() is optional (git-fixes). - commit ef8920f ++++ python311-core: - CVE-2025-11468: preserving parens when folding comments in email headers (bsc#1257029, gh#python/cpython#143935). CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2026-0672: rejects control characters in http cookies. (bsc#1257031, gh#python/cpython#143919) CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865: rejecting control characters in wsgiref.headers.Headers, which could be abused for injecting false HTTP headers. (bsc#1257042, gh#python/cpython#143916) CVE-2026-0865-wsgiref-ctrl-chars.patch - CVE-2025-15366: basically the same as the previous patch for IMAP protocol. (bsc#1257044, gh#python/cpython#143921) CVE-2025-15366-imap-ctrl-chars.patch - CVE-2025-15282: basically the same as the previous patch for urllib library. (bsc#1257046, gh#python/cpython#143925) CVE-2025-15282-urllib-ctrl-chars.patch - CVE-2025-15367: basically the same as the previous patch for poplib library. (bsc#1257041, gh#python/cpython#143923) CVE-2025-15367-poplib-ctrl-chars.patch - CVE-2025-12781: fix decoding with non-standard Base64 alphabet (bsc#1257108, gh#python/cpython#125346) CVE-2025-12781-b64decode-alt-chars.patch ++++ libssh: - Security fixes: * CVE-2026-0964: SCP Protocol Path Traversal in ssh_scp_pull_request() (bsc#1258049) * CVE-2026-0965: Possible Denial of Service when parsing unexpected configuration files (bsc#1258045) * CVE-2026-0966: Buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054) * CVE-2026-0967: Specially crafted patterns could cause DoS (bsc#1258081) * CVE-2026-0968: OOB Read in sftp_parse_longname() (bsc#1258080) * Add patches: - libssh-CVE-2026-0964-scp-Reject-invalid-paths-received-thro.patch - libssh-CVE-2026-0965-config-Do-not-attempt-to-read-non-regu.patch - libssh-CVE-2026-0966-misc-Avoid-heap-buffer-underflow-in-ss.patch - libssh-CVE-2026-0966-tests-Test-coverage-for-ssh_get_hexa.patch - libssh-CVE-2026-0966-doc-Update-guided-tour-to-use-SHA256-f.patch - libssh-CVE-2026-0967-match-Avoid-recursive-matching-ReDoS.patch - libssh-CVE-2026-0968-sftp-Sanitize-input-handling-in-sftp_p.patch ++++ python311: - CVE-2025-11468: preserving parens when folding comments in email headers (bsc#1257029, gh#python/cpython#143935). CVE-2025-11468-email-hdr-fold-comment.patch - CVE-2026-0672: rejects control characters in http cookies. (bsc#1257031, gh#python/cpython#143919) CVE-2026-0672-http-hdr-inject-cookie-Morsel.patch - CVE-2026-0865: rejecting control characters in wsgiref.headers.Headers, which could be abused for injecting false HTTP headers. (bsc#1257042, gh#python/cpython#143916) CVE-2026-0865-wsgiref-ctrl-chars.patch - CVE-2025-15366: basically the same as the previous patch for IMAP protocol. (bsc#1257044, gh#python/cpython#143921) CVE-2025-15366-imap-ctrl-chars.patch - CVE-2025-15282: basically the same as the previous patch for urllib library. (bsc#1257046, gh#python/cpython#143925) CVE-2025-15282-urllib-ctrl-chars.patch - CVE-2025-15367: basically the same as the previous patch for poplib library. (bsc#1257041, gh#python/cpython#143923) CVE-2025-15367-poplib-ctrl-chars.patch - CVE-2025-12781: fix decoding with non-standard Base64 alphabet (bsc#1257108, gh#python/cpython#125346) CVE-2025-12781-b64decode-alt-chars.patch ------------------------------------------------------------------ ------------------ 2026-2-10 - Feb 10 2026 ------------------- ------------------------------------------------------------------ ++++ ca-certificates-mozilla: - Updated to 2.84 state (bsc#1258002) - Removed: - Baltimore CyberTrust Root - CommScope Public Trust ECC Root-01 - CommScope Public Trust ECC Root-02 - CommScope Public Trust RSA Root-01 - CommScope Public Trust RSA Root-02 - DigiNotar Root CA - Added: - e-Szigno TLS Root CA 2023 - OISTE Client Root ECC G1 - OISTE Client Root RSA G1 - OISTE Server Root ECC G1 - OISTE Server Root RSA G1 - SwissSign RSA SMIME Root CA 2022 - 1 - SwissSign RSA TLS Root CA 2022 - 1 - TrustAsia SMIME ECC Root CA - TrustAsia SMIME RSA Root CA - TrustAsia TLS ECC Root CA - TrustAsia TLS RSA Root CA ++++ gnutls: - Security fix: * CVE-2025-14831: DoS via excessive resource consumption during certificate verification (bsc#1257960) * Add gnutls-CVE-2025-14831.patch ++++ kernel-default: - irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758 CVE-2026-23085) - commit e3370c0 - arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762 CVE-2026-23107) - commit c430300 - arm64/fpsimd: signal: Fix restoration of SVE context (bsc#1257772 CVE-2026-23102) - commit 6759c0c - arm64/fpsimd: signal: Mandate SVE payload for streaming-mode state (bsc#1257772 CVE-2026-23102) - commit 1baf93e - net: tunnel: make skb_vlan_inet_prepare() return drop reasons (bsc#1257942 bsc#1257246 CVE-2026-23003). - commit 3935902 - vxlan: Pull inner IP header in vxlan_xmit_one() (bsc#1257942 bsc#1257246 CVE-2026-23003). - commit 8097957 - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (bsc#1257952) - commit 54f273c - spi: tegra210-quad: Protect curr_xfer clearing in (bsc#1257952) - commit 1da9508 - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (bsc#1257952) - commit 25ff6b8 - spi: tegra210-quad: Protect curr_xfer assignment in (bsc#1257952) - commit e3d34f8 - spi: tegra210-quad: Move curr_xfer read inside spinlock (bsc#1257952) - commit 4658841 - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed (bsc#1257952) - commit 997844c - PM: sleep: wakeirq: harden dev_pm_clear_wake_irq() against races (git-fixes). - PM: wakeup: Handle empty list in wakeup_sources_walk_start() (git-fixes). - ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() (git-fixes). - tpm: st33zp24: Fix missing cleanup on get_burstcount() error (git-fixes). - tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure (git-fixes). - i3c: dw: Initialize spinlock to avoid upsetting lockdep (git-fixes). - i3c: Move device name assignment after i3c_bus_init (git-fixes). - auxdisplay: arm-charlcd: fix release_mem_region() size (git-fixes). - commit b423671 ++++ nvidia-open-driver-G06-signed: - kernel-6.19.patch: fixes build against kernel 6.19 ------------------------------------------------------------------ ------------------ 2026-2-9 - Feb 9 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - workqueue: mark power efficient workqueue as unbounded if (bsc#1257891) - commit a0e31fb - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (CVE-2026-23089 bsc#1257790). - commit c09ea34 ++++ rust-keylime: - Update vendored crates (bsc#1257908, CVE-2026-25727) * time 0.3.47 - Update to version 0.2.8+116: * build(deps): bump bytes from 1.7.2 to 1.11.1 * api: Modify /version endpoint output in version 2.5 * Add API v2.5 with backward-compatible /v2.5/quotes/integrity * tests: add unit test for resolve_agent_id (#1182) * (pull-model): enable retry logic for registration * rpm: Update specfiles to apply on master * workflows: Add test to detect unused crates * lib: Drop unused crates * push-model: Drop unused crates * keylime-agent: Drop unused crates * build(deps): bump uuid from 1.18.1 to 1.19.0 * Update reqwest-retry to 0.8, retry-policies to 0.5 * rpm: Fix cargo_build macro usage on CentOS Stream * fix(push-model): resolve hash_ek uuid to actual EK hash * build(deps): bump thiserror from 2.0.16 to 2.0.17 * workflows: Separate upstream test suite from e2e coverage * Send UEFI measured boot logs as raw bytes (#1173) * auth: Add unit tests for SecretToken implementation * packit: Enable push-attestation tests * resilient_client: Prevent authentication token leakage in logs ------------------------------------------------------------------ ------------------ 2026-2-8 - Feb 8 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - spi: tegra114: Preserve SPI mode bits in def_command1_reg (git-fixes). - spi: tegra: Fix a memory leak in tegra_slink_probe() (git-fixes). - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (git-fixes). - spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer (git-fixes). - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (git-fixes). - spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one (git-fixes). - spi: tegra210-quad: Move curr_xfer read inside spinlock (git-fixes). - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer (git-fixes). - commit 95b4070 ------------------------------------------------------------------ ------------------ 2026-2-7 - Feb 7 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: hda/realtek: Add quirk for Inspur S14-G1 (stable-fixes). - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (stable-fixes). - ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list (stable-fixes). - ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel (stable-fixes). - ALSA: hda/realtek - fixed speaker no sound (stable-fixes). - commit e53fbb8 - ASoC: amd: fix memory leak in acp3x pdm dma ops (git-fixes). - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes). - hwmon: (occ) Mark occ_init_attribute() as __printf (git-fixes). - drm/amd/display: fix wrong color value mapping on MCM shaper LUT (git-fixes). - Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" (git-fixes). - drm/mgag200: fix mgag200_bmc_stop_scanout() (git-fixes). - efivarfs: fix error propagation in efivar_entry_get() (git-fixes). - ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO (stable-fixes). - gpio: pca953x: mask interrupts in irq shutdown (stable-fixes). - drm/amdgpu/gfx11: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/gfx10: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/soc21: fix xclk for APUs (stable-fixes). - pinctrl: meson: mark the GPIO controller as sleeping (git-fixes). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - commit 1cabea4 ------------------------------------------------------------------ ------------------ 2026-2-6 - Feb 6 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: openvswitch: fix middle attribute validation in push_nsh() action (CVE-2025-68785 bsc#1256640). - commit 3dbef50 - clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1241345). - commit 6736e91 - clocksource: Print durations for sync check unconditionally (bsc#1241345). - commit 79738b2 ------------------------------------------------------------------ ------------------ 2026-2-5 - Feb 5 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - iomap: account for unaligned end offsets when truncating read range (git-fixes). - blacklist.conf: Blacklist 40a71b53d5a6 and 524c3853831c - commit 6f0c964 - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes). - commit c2e8303 - mptcp: avoid deadlock on fallback while reinjecting (CVE-2025-71126 bsc#1256755). - mptcp: reset fallback status gracefully at disconnect() time (CVE-2025-71126 bsc#1256755). - commit 3b7ecc1 ++++ read-only-root-fs: - Add patch to fix workaround for read-only / subvolumes (bsc#1252892): * 0001-Fix-workaround-for-read-only-subvolumes-by-remountin.patch ++++ regionServiceClientConfigGCE: - Update to version 5.2.0 + Drop the if condition for gcemetdata requirement ------------------------------------------------------------------ ------------------ 2026-2-4 - Feb 4 2026 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Update dependencies for bsc#1257324/CVE-2025-13465 ++++ cockpit-machines: - Update dependencies for bsc#1257325/CVE-2025-13465 ++++ docker: - Places a hard cap on the amount of mechanisms that can be specified and encoded in the payload. (bcs#1253904, CVE-2025-58181) * 0007-CVE-2025-58181-fix-vendor-crypto-ssh.patch ++++ kernel-default: - ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (CVE-2026-23003 bsc#1257246). - commit 2b67457 - geneve: Fix incorrect inner network header offset when innerprotoinherit is set (CVE-2026-23003 bsc#1257246). - commit 167d4d3 - platform/x86: intel_telemetry: Fix PSS event register mask (git-fixes). - platform/x86: intel_telemetry: Fix swapped arrays in PSS output (git-fixes). - platform/x86: toshiba_haps: Fix memory leaks in add/remove routines (git-fixes). - commit 41b7ff7 - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes). - commit b2c29ef ++++ libxslt: - CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553] - deleted patches * libxslt-CVE-2025-10911.patch ++++ libxml2: - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) * Add patch libxml2-CVE-2026-1757.patch - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) * Add patch libxml2-CVE-2025-10911.patch ++++ libxml2-python: - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) * Add patch libxml2-CVE-2026-1757.patch - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) * Add patch libxml2-CVE-2025-10911.patch ------------------------------------------------------------------ ------------------ 2026-2-3 - Feb 3 2026 ------------------- ------------------------------------------------------------------ ++++ docker-compose: - Add patch for CVE-2025-47914 (bsc#1254041), CVE-2025-47913 (bsc#1253584): 0001-CVE-2025-47913-CVE-2025-47914-ssh-agent-fixes.patch ++++ kernel-default: - libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990 bsc#1257221). - commit 0a3e886 - libceph: make free_choose_arg_map() resilient to partial allocation (CVE-2026-22991 bsc#1257220). - commit 2e431bc - libceph: return the handler error from mon_handle_auth_done() (CVE-2026-22992 bsc#1257218). - commit 518f909 - libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984 bsc#1257217). - commit 7474e34 - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087). - commit e90ec28 - bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603). - commit 3124f7b ++++ expat: - security update - added patches CVE-2026-24515 [bsc#1257144], NULL dereference (CWE-476) due to function XML_ExternalEntityParserCreate() failing to copy the encoding handler data passed to XML_SetUnknownEncodingHandler() from the parent to the subparser * expat-CVE-2026-24515.patch CVE-2026-25210 [bsc#1257496], lack of buffer size check can lead to an integer overflow * expat-CVE-2026-25210.patch ++++ libsoup: - Add libsoup-CVE-2026-1536.patch: Always validate the headers value when coming from untrusted source (bsc#1257440, CVE-2026-1536, glgo#GNOME/libsoup/commit/5c1a2e9c). - Add libsoup-CVE-2026-1761.patch: multipart: check length of bytes read soup_filter_input_stream_read_until() (bsc#1257598, CVE-2026-1761, glgo#GNOME/libsoup!496). ------------------------------------------------------------------ ------------------ 2026-2-2 - Feb 2 2026 ------------------- ------------------------------------------------------------------ ++++ cockpit-podman: - Update dependencies for bsc#1257324/CVE-2025-13465 ++++ kernel-default: - smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry (git-fixes). - commit 82d6911 - smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid (git-fixes). - commit d1feafe - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154). - commit e7ce4ba - scripts/python/git_sort/git_sort.yaml: add cifs for-next repository - commit 0d24c51 - smb: improve directory cache reuse for readdir operations (bsc#1252712). - commit 20c0243 - smb: client: remove unused fid_lock (git-fixes). - commit ed3cf07 - smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes). - commit 1962196 - cifs: add new field to track the last access time of cfid (git-fixes). - commit 7328aa8 - smb: change return type of cached_dir_lease_break() to bool (git-fixes). - commit da8604d - ipv6: Fix use-after-free in inet6_addr_del() (CVE-2026-23010 bsc#1257332). - commit 0f213a3 - net: mscc: ocelot: Fix crash when adding interface under a lag (CVE-2026-22982 bsc#1257179). - net/handshake: restore destructor on submit failure (CVE-2025-71148 bsc#1257159). - commit 08069be - libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (CVE-2025-68284 bsc#1255377). - commit 16880ae - Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792) - commit b3a8e60 - x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (CVE-2026-23005 bsc#1257245). - commit 4fcc2d5 - Update patches.suse/ALSA-hda-Fix-missing-pointer-check-in-hda_component_.patch (git-fixes CVE-2025-40097 bsc#1252900). - Update patches.suse/ASoC-stm32-sai-fix-OF-node-leak-on-probe.patch (git-fixes CVE-2025-71081 bsc#1256609). - Update patches.suse/KEYS-trusted-Fix-a-memory-leak-in-tpm2_load_cmd.patch (git-fixes CVE-2025-71147 bsc#1257158). - Update patches.suse/btrfs-fix-adding-block-group-to-a-reclaim-list-and-t.patch (git-fixes CVE-2024-42103 bsc#1228490). - Update patches.suse/btrfs-fix-invalid-inode-pointer-dereferences-during-.patch (git-fixes CVE-2025-38243 bsc#1246184). - Update patches.suse/drm-stm-ltdc-fix-late-dereference-check.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53714 bsc#1254465). - Update patches.suse/drm-ttm-Avoid-NULL-pointer-deref-for-evicted-BOs.patch (git-fixes CVE-2025-71083 bsc#1256610). - Update patches.suse/ftrace-Also-allocate-and-copy-hash-for-reading-of-filter-f.patch (bsc#1250032 CVE-2025-39813 CVE-2025-39689 bsc#1249307). - Update patches.suse/hwmon-w83791d-Convert-macros-to-functions-to-avoid-T.patch (git-fixes CVE-2025-71111 bsc#1256728). - Update patches.suse/ipmi-Rework-user-message-limit-handling.patch (git-fixes CVE-2025-40202 bsc#1253451). - Update patches.suse/media-adv7842-Avoid-possible-out-of-bounds-array-acc.patch (git-fixes CVE-2025-71136 bsc#1256759). - Update patches.suse/media-dvb-usb-dtv5100-fix-out-of-bounds-in-dtv5100_i.patch (git-fixes CVE-2025-68819 bsc#1256664). - Update patches.suse/media-vidtv-initialize-local-pointers-upon-transfer-.patch (git-fixes CVE-2025-68808 bsc#1256682). - Update patches.suse/perf-x86-intel-Fix-crash-in-icl_update_topdown_event.patch (git-fixes CVE-2025-38322 bsc#1246447). - Update patches.suse/platform-chrome-cros_ec_ishtp-Fix-UAF-after-unbindin.patch (git-fixes CVE-2025-68804 bsc#1256617). - Update patches.suse/powerpc-64s-slb-Fix-SLB-multihit-issue-during-SLB-preload.patch (bac#1236022 ltc#211187 CVE-2025-71078 bsc#1256616). - Update patches.suse/smb-client-fix-warning-when-reconnecting-channel.patch (git-fixes CVE-2025-38379 bsc#1247030). - Update patches.suse/tcp_bpf-Call-sk_msg_free-when-tcp_bpf_send_verdict-f.patch (bsc#1250705 CVE-2025-39913). - Update patches.suse/trace-fgraph-Fix-the-warning-caused-by-missing-unregister-.patch (bsc#1248211 CVE-2025-38539 CVE-2025-39829 bsc#1250082). - Update patches.suse/usb-dwc3-fix-fault-at-system-suspend-if-device-was-a.patch (git-fixes CVE-2024-53070 bsc#1233563). - Update patches.suse/usb-typec-ucsi-glink-fix-off-by-one-in-connector_sta.patch (git-fixes CVE-2024-53149 bsc#1234842). - Update patches.suse/usb-xhci-Fix-invalid-pointer-dereference-in-Etron-wo.patch (git-fixes CVE-2025-37813 bsc#1242909). - Update patches.suse/x86-microcode-AMD-Fix-__apply_microcode_amd-s-return.patch (bsc#1256528 CVE-2025-22047 bsc#1241437). - commit fbc3d71 - Update patches.suse/ACPICA-Avoid-walking-the-Namespace-if-start_node-is-.patch (stable-fixes CVE-2025-71118 bsc#1256763). - Update patches.suse/ALSA-usb-mixer-us16x08-validate-meter-packet-indices.patch (git-fixes CVE-2025-68783 bsc#1256650). - Update patches.suse/ASoC-tlv320adcx140-fix-null-pointer.patch (git-fixes CVE-2026-23006 bsc#1257208). - Update patches.suse/Bluetooth-btusb-revert-use-of-devm_kzalloc-in-btusb.patch (git-fixes CVE-2025-71082 bsc#1256611). - Update patches.suse/Input-ti_am335x_tsc-fix-off-by-one-error-in-wire_ord.patch (git-fixes CVE-2025-68777 bsc#1256655). - Update patches.suse/arp-do-not-assume-dev_hard_header-does-not-change-skb-head.patch (CVE-2025-71098 bsc#1256591 CVE-2026-22988 bsc#1257282). - Update patches.suse/bpf-Do-not-let-BPF-test-infra-emit-invalid-GSO-types.patch (bsc#1255569 CVE-2025-68725). - Update patches.suse/char-applicom-fix-NULL-pointer-dereference-in-ac_ioc.patch (stable-fixes CVE-2025-68797 bsc#1256660). - Update patches.suse/comedi-fix-divide-by-zero-in-comedi_buf_munge.patch (stable-fixes CVE-2025-40106 bsc#1252891). - Update patches.suse/crypto-seqiv-Do-not-use-req-iv-after-crypto_aead_enc.patch (git-fixes CVE-2025-71131 bsc#1256742). - Update patches.suse/dmaengine-idxd-fix-device-leaks-on-compat-bind-and-u.patch (git-fixes CVE-2025-71163 bsc#1257215). - Update patches.suse/dmaengine-tegra-adma-Fix-use-after-free.patch (git-fixes CVE-2025-71162 bsc#1257204). - Update patches.suse/drm-i915-gem-Zero-initialize-the-eb.vma-array-in-i91.patch (git-fixes CVE-2025-71130 bsc#1256741). - Update patches.suse/drm-msm-dpu-Add-missing-NULL-pointer-check-for-pingp.patch (git-fixes CVE-2025-71138 bsc#1256785). - Update patches.suse/hwmon-ibmpex-fix-use-after-free-in-high-low-store.patch (git-fixes CVE-2025-68789 bsc#1256781). - Update patches.suse/idpf-Fix-RSS-LUT-NULL-pointer-crash-on-early-ethtool.patch (CVE-2026-22993 bsc#1257180 CVE-2026-22985 bsc#1257277). - Update patches.suse/interconnect-Don-t-access-req_list-while-it-s-being-.patch (CVE-2023-54013 bsc#1256280 CVE-2024-27005 bsc#1223800). - Update patches.suse/net-can-j1939-j1939_xtp_rx_rts_session_active-deacti.patch (git-fixes CVE-2026-22997 bsc#1257202). - Update patches.suse/net-nfc-fix-deadlock-between-nfc_unregister_device-a.patch (git-fixes CVE-2025-71079 bsc#1256619). - Update patches.suse/net-rose-fix-invalid-array-index-in-rose_kill_by_dev.patch (git-fixes CVE-2025-71086 bsc#1256625). - Update patches.suse/net-usb-rtl8150-fix-memory-leak-on-usb_submit_urb-fa.patch (git-fixes CVE-2025-71154 bsc#1257163). - Update patches.suse/powerpc-kexec-Enable-SMT-before-waking-offline-CPUs.patch (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496 CVE-2025-71119 bsc#1256730). - Update patches.suse/smc91x-fix-broken-irq-context-in-PREEMPT_RT.patch (git-fixes CVE-2025-71132 bsc#1256737). - Update patches.suse/spi-fsl-cpm-Check-length-parity-before-switching-to-.patch (git-fixes CVE-2025-68773 bsc#1256586). - Update patches.suse/staging-rtl8723bs-fix-out-of-bounds-read-in-OnBeacon.patch (stable-fixes CVE-2025-68254 bsc#1255140). - Update patches.suse/staging-rtl8723bs-fix-out-of-bounds-read-in-rtw_get_.patch (stable-fixes CVE-2025-68256 bsc#1255138). - Update patches.suse/usb-phy-isp1301-fix-non-OF-device-reference-imbalanc.patch (git-fixes CVE-2025-71145 bsc#1257155). - Update patches.suse/usb-typec-ucsi-Handle-incorrect-num_connectors-capab.patch (stable-fixes CVE-2025-71108 bsc#1256774). - Update patches.suse/via_wdt-fix-critical-boot-hang-due-to-unnamed-resour.patch (stable-fixes CVE-2025-71114 bsc#1256752). - Update patches.suse/wifi-avoid-kernel-infoleak-from-struct-iw_point.patch (git-fixes CVE-2026-22978 bsc#1257227). - Update patches.suse/wifi-rtlwifi-8192cu-fix-tid-out-of-range-in-rtl92cu_.patch (git-fixes CVE-2025-71100 bsc#1256593). - commit 856d20b - powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199). - commit b73475a - net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv (CVE-2026-22996). - net/mlx5e: Fix crash on profile change rollback failure (CVE-2026-23000 bsc#1257234). - commit 46ccefc - macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001 bsc#1257232). - commit bcf0129 - gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes). - commit 8cea9c9 ++++ pcr-oracle: - Update to 0.5.9 + Fix event skipping due to double increment + Add '--persistent-srk' to make SRK persistent (bsc#1248516) ------------------------------------------------------------------ ------------------ 2026-2-1 - Feb 1 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes). - commit b83c55a - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes). - ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes). - commit 6d4f48b ------------------------------------------------------------------ ------------------ 2026-1-31 - Jan 31 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes). - commit 4d9fa09 - gpio: omap: do not register driver in probe() (git-fixes). - drm/imx/tve: fix probe device leak (git-fixes). - drm/amd/pm: fix race in power state check before mutex lock (git-fixes). - drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes). - Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes). - Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes). - spi: spi-sprd-adi: Fix double free in probe error path (git-fixes). - ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes). - phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes). - USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes). - USB: serial: option: add Telit LE910 MBIM composition (stable-fixes). - USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes). - usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes). - usb: dwc3: Check for USB4 IP_NAME (stable-fixes). - drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes). - drm/amd: Clean up kfd node on surprise disconnect (stable-fixes). - ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes). - HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes). - ASoC: codecs: wsa881x: Drop unused version readout (stable-fixes). - spi: sprd-adi: switch to use spi_alloc_host() (stable-fixes). - spi: sprd: adi: Use devm_register_restart_handler() (stable-fixes). - commit 81840a7 ------------------------------------------------------------------ ------------------ 2026-1-30 - Jan 30 2026 ------------------- ------------------------------------------------------------------ ++++ fde-tools: - Add fde-tools-bsc1248516-tpm-Support-persistent-SRK.patch to support persistent SRK (bsc#1248516) ++++ kernel-default: - io_uring/poll: correctly handle io_poll_add() return value on update (CVE-2025-71149 bsc#1257164). - commit e38f4cf - libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116 bsc#1256744). - commit 37c126f - scripts: obsapi: Support URL trailing / in oscrc - commit 596ed59 - scripts: uploader: Handle missing upstream in is_pr_open - commit e7d7408 - net: sock: fix hardened usercopy panic in sock_recv_errqueue (CVE-2026-22977 bsc#1257053). - ipv4: Fix reference count leak when using error routes with nexthop objects (CVE-2025-71097 bsc#1256607). - net: stmmac: fix the crash issue for zero copy XDP_TX action (CVE-2025-71095 bsc#1256605). - ethtool: Avoid overflowing userspace buffer on stats query (CVE-2025-68795 bsc#1256688). - bnxt_en: Fix XDP_TX path (CVE-2025-68770 bsc#1256584). - mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800 bsc#1256646). - mlxsw: spectrum_router: Fix neighbour use-after-free (CVE-2025-68801 bsc#1256653). - lan966x: Fix sleeping in atomic context (CVE-2025-68320 bsc#1255172). - commit 6580707 - net/sched: sch_qfq: do not free existing class in qfq_change_class() (CVE-2026-22999 bsc#1257236). - commit d911768 - ipv4: ip_gre: make ipgre_header() robust (CVE-2026-23011 bsc#1257207). - commit dcc6c91 - wifi: mac80211: correctly decode TTLM with default link map (git-fixes). - nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes). - nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes). - net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes). - Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes). - Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes). - commit 6907fd9 ------------------------------------------------------------------ ------------------ 2026-1-29 - Jan 29 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - smack: fix bug: unprivileged task can create labels (CVE-2025-68733 bsc#1255615). - commit 4193ba7 - shrink_slab_memcg: clear_bits of skipped shrinkers (bsc#1256564). - commit 1a156a1 - idpf: Fix RSS LUT NULL ptr issue after soft reset (CVE-2026-22993 bsc#1257180). - idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (CVE-2026-22993 bsc#1257180). - commit bb6b853 - ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085 bsc#1256623). - commit 35a165f - kabi: export inet_frag_rbtree_purge() function again (CVE-2025-68768 bsc#1256579). - commit d066c8d - inet: frags: flush pending skbs in fqdir_pre_exit() (CVE-2025-68768 bsc#1256579). - inet: frags: add inet_frag_queue_flush() (CVE-2025-68768 bsc#1256579). - commit 3c0c564 - mptcp: fallback earlier on simult connection (CVE-2025-71088 bsc#1256630). - commit daab93c - scripts: uploader: Fix no change condition for _maintainership.json - commit 792d98c - =?UTF-8?q?net:=20phy:=20Introduce=20PHY=5FID=5FSIZE=20?= =?UTF-8?q?=E2=80=94=20minimum=20size=20for=20PHY=20ID=20string?= (CVE-2025-71094 bsc#1256597). - commit b3acbda ++++ libzypp: - Prepare a legacy /etc/zypp/zypp.conf to be installed on old distros. See the ZYPP.CONF(5) man page for details. - Fix runtime check for broken rpm --runposttrans (bsc#1257068) - version 17.38.2 (35) ++++ nvidia-open-driver-G06-signed: - apply kernel-5.14.patch also on sle15-sp5 in order to fix build and adjusted it to sle15-sp5 kernel ++++ podman: - Add symlink to catatonit in /usr/libexec/podman (bsc#1248988) ------------------------------------------------------------------ ------------------ 2026-1-28 - Jan 28 2026 ------------------- ------------------------------------------------------------------ ++++ gpg2: - Security fix [bsc#1257396, CVE-2026-24882] * gpg2: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys * Added gnupg-CVE-2026-24882.patch - Security fix [bsc#1256389] (gpg.fail/filename) * Added gnupg-accepts-path-separators-literal-data.patch * GnuPG Accepts Path Separators and Path Traversals in Literal Data ++++ kernel-default: - net/sched: ets: Remove drr class from the active list if it changes to strict (CVE-2025-68815 bsc#1256680). - commit f0fee57 - net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (CVE-2025-71066 bsc#1256645). - commit 8f4860d - net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (CVE-2026-22976 bsc#1257035). - commit 1b89834 - usb: renesas_usbhs: Fix synchronous external abort on unbind (CVE-2025-68327 bsc#1255488). - commit a41f3aa - net: usb: asix: validate PHY address before use (CVE-2025-71094 bsc#1256597). - net: usb: asix: ax88772: Increase phy_name size (CVE-2025-71094 bsc#1256597). - commit addbe43 - net: tcp: allow zero-window ACK update the window (bsc#1254767). - commit b6299d5 - scripts: uploader: Only reset branch when there is no open PR Resetting the branch closes any PR which is disruptive. With project repositories that get a lot of changes this would reset too often if reset was enabled causing unmergeable PRs. Yet it is necessary to reset to be able to get up-to-date state for a new PR. With this branch reset can be enabled for maintainership update. - commit 60e8156 - selftests/bpf: use simply-expanded variables for libpcap flags (bsc#1255552 CVE-2025-68363). - commit 2c7feb9 - selftests/bpf: ns_current_pid_tgid: Rename the test function (bsc#1255552 CVE-2025-68363). - commit 4f40cc9 - selftests/bpf: Replace CHECK with ASSERT_* in ns_current_pid_tgid test (bsc#1255552 CVE-2025-68363). - Refresh patches.suse/selftests-bpf-Clean-up-open-coded-gettid-syscall-inv.patch. - commit 0d13544 - selftests/bpf: tc_links/tc_opts: Unserialize tests (bsc#1255552 CVE-2025-68363). - selftests/bpf: Optionally open a dedicated namespace to run test in it (CVE-2025-68363 bsc#1255552). - commit 5773a45 ++++ libpng16: - security update - added patches CVE-2025-28162 [bsc#1257364], memory leaks when running `pngimage` CVE-2025-28164 [bsc#1257365], memory leaks when running `pngimage` * libpng16-CVE-2025-28162,28164.patch ++++ regionServiceClientConfigGCE: - Update to version 5.1.0 (jsc#PCT-590) + Add licenses info in the metdata - Accomodate build setup ------------------------------------------------------------------ ------------------ 2026-1-27 - Jan 27 2026 ------------------- ------------------------------------------------------------------ ++++ glib2: - Add CVE fixes: + glib2-CVE-2026-1484.patch (bsc#1257355 CVE-2026-1484 glgo#GNOME/glib!4979). + glib2-CVE-2026-1485.patch (bsc#1257354 CVE-2026-1485 glgo#GNOME/glib!4981). + glib2-CVE-2026-1489.patch (bsc#1257353 CVE-2026-1489 glgo#GNOME/glib!4984). ++++ kernel-default: - perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689 CVE-2025-68798). - commit 122c93e - selftests/bpf: Optionally open a dedicated namespace to run test in it (CVE-2025-68363 bsc#1255552). - commit 7fc3edd - selftests/bpf: Monitor traffic for select_reuseport (CVE-2025-68363 bsc#1255552). - commit 7687d07 - selftests/bpf: Monitor traffic for sockmap_listen (CVE-2025-68363 bsc#1255552). - commit 200e7d4 - selftests/bpf: Monitor traffic for tc_redirect (CVE-2025-68363 bsc#1255552). - commit ef95f02 - selftests/bpf: netns_new() and netns_free() helpers (CVE-2025-68363 bsc#1255552). - Refresh patches.suse/selftests-bpf-Fix-backtrace-printing-for-selftests-c.patch. - commit 6ac10b7 - selftests/bpf: Add the traffic monitor option to test_progs (CVE-2025-68363 bsc#1255552). - commit 24382fe - selftests/bpf: Add traffic monitor functions (CVE-2025-68363 bsc#1255552). - commit c7346b8 - blk-cgroup: fix possible deadlock while configuring policy (CVE-2025-68178 bsc#1255266). - commit 3f4a2e3 - bpf: Add bpf_prog_run_data_pointers() (bsc#1255241 CVE-2025-68200). - commit 3454614 ------------------------------------------------------------------ ------------------ 2026-1-26 - Jan 26 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: hv_netvsc: reject RSS hash key programming without RX indirection table (bsc#1257473). - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - remove an Intel CPU model change which is already part of the base kernel - remove a bpf CVE change which is already part of the base kernel - commit 6def8a1 - e1000: fix OOB in e1000_tbi_should_accept() (CVE-2025-71093 bsc#1256777). - net/mlx5: fw_tracer, Validate format string parameters (CVE-2025-68816 bsc#1256674). - commit 53c77db - ceph: fix crash in process_v2_sparse_read() for encrypted directories (CVE-2025-68297 bsc#1255403). - commit de1a69a - x86: make page fault handling disable interrupts properly (git-fixes). - commit e28ac6a - libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (CVE-2025-68284 bsc#1255377). - commit 3382537 - libceph: fix invalid accesses to ceph_connection_v1_info (CVE-2025-39880 bsc#1250388). - commit 592067a - kABI workaround for tpm_chip changes (CVE-2025-71077 bsc#1256613). - commit 66e0457 - tpm: Cap the number of PCR banks (CVE-2025-71077 bsc#1256613). - commit 727f4b1 - w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes). - w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes). - comedi: dmm32at: serialize use of paged registers (git-fixes). - uacce: ensure safe queue release with state management (git-fixes). - uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes). - uacce: fix isolate sysfs check condition (git-fixes). - uacce: fix cdev handling in the cleanup path (git-fixes). - slimbus: core: fix of_slim_get_device() kernel doc (git-fixes). - slimbus: core: fix device reference leak on report present (git-fixes). - slimbus: core: fix runtime PM imbalance on report present (git-fixes). - slimbus: core: fix OF node leak on registration failure (git-fixes). - intel_th: fix device leak on output open() (git-fixes). - comedi: Fix getting range information for subdevices 16 to 255 (git-fixes). - iio: accel: iis328dq: fix gain values (git-fixes). - iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes). - iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes). - iio: adc: ad9467: fix ad9434 vref mask (git-fixes). - iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes). - iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes). - serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes). - comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes). - commit 50f3b9f - bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569). - commit 1df0a4e ++++ pcr-oracle: - Enable build on %{arm} as it is required by sdbootutil ++++ python-urllib3: - Add security patches: * CVE-2025-66471.patch (bsc#1254867) * CVE-2025-66418.patch (bsc#1254866) ------------------------------------------------------------------ ------------------ 2026-1-24 - Jan 24 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes). - mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes). - regmap: Fix race condition in hwspinlock irqsave routine (git-fixes). - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes). - ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes). - ALSA: usb: Increase volume range that triggers a warning (git-fixes). - drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes). - drm/amd/pm: Don't clear SI SMC table when setting power limit (git-fixes). - drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes). - drm/nouveau: add missing DCB connector types (git-fixes). - commit 03d895b ------------------------------------------------------------------ ------------------ 2026-1-23 - Jan 23 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - io_uring: fix filename leak in __io_openat_prep() (CVE-2025-68814 bsc#1256651). - commit 4d3284d - octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (CVE-2025-71137 bsc#1256760) - commit f080c28 - net: hns3: using the num_tqps in the vf driver to apply for resources (CVE-2025-71064 bsc#1256654) - commit d8f982b - macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (CVE-2025-68367 bsc#1255547) - commit 31c810e - team: fix check for port enabled in team_queue_override_port_prio_changed() (CVE-2025-71091 bsc#1256773) - commit fb6bd76 - md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (CVE-2025-71135 bsc#1256761). - commit 06431f4 - iommu: disable SVA when CONFIG_X86 is set (CVE-2025-71089 bsc#1256612). - commit 74dac8b - net: hns3: add VLAN id validation before using (CVE-2025-71112 bsc#1256726). - net/handshake: duplicate handshake cancellations leak socket (CVE-2025-68775 bsc#1256665). - commit 5f03ae0 - crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes). - dpll: Prevent duplicate registrations (git-fixes). - wifi: ath12k: fix dma_free_coherent() pointer (git-fixes). - wifi: ath10k: fix dma_free_coherent() pointer (git-fixes). - wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes). - wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes). - usbnet: limit max_mtu based on device's hard_mtu (git-fixes). - mISDN: annotate data-race around dev->work (git-fixes). - can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes). - can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - Revert "nfc/nci: Add the inconsistency check between the input data length and count" (git-fixes). - net: usb: dm9601: remove broken SR9700 support (git-fixes). - leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes). - dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes). - dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes). - dpll: fix return value check for kmemdup (git-fixes). - dpll: indent DPLL option type by a tab (git-fixes). - commit 0acacf9 - drm/amdgpu: fix nullptr err of vm_handle_moved (bsc#1255428 CVE-2025-40339) - commit 42c8fa8 - drm/amdgpu: update mappings not managed by KFD (bsc#1255428) - commit 2f69405 ------------------------------------------------------------------ ------------------ 2026-1-22 - Jan 22 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mptcp: fix a race in mptcp_pm_del_add_timer() (CVE-2025-40257 bsc#1254842). - commit 83400eb - fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638 CVE-2025-68788). - commit 6b6945d - ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754 CVE-2025-68820). - commit 8f80a8b - ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757 CVE-2025-71123). - commit bd1f757 - ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164 CVE-2025-68261). - commit 835edb6 - nbd: defer config put in recv_work (bsc#1255537 CVE-2025-68372). - commit 4a0d1d2 - nbd: defer config unlock in nbd_genl_connect (bsc#1255622 CVE-2025-68366). - commit 7dc2ba0 - jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482 CVE-2025-68337). - commit dea6220 - net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (CVE-2025-68325 bsc#1255417). - commit 0e9df03 - tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (CVE-2025-68188 bsc#1255269). - commit 36ba28e ++++ sqlite3: - Update to version 3.51.2: * bsc#1259619, CVE-2025-70873: zipfile extension may disclose uninitialized heap memory during inflation. * Fix an obscure deadlock in the new broken-posix-lock detection logic. * Fix multiple problems in the EXISTS-to-JOIN optimization. * Other minor bug fixes. ++++ libxml2: - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) * Add patch libxml2-CVE-2026-0989.patch * https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374 ++++ libxml2-python: - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) * Add patch libxml2-CVE-2026-0989.patch * https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374 ++++ suseconnect-ng: - Update version to 1.20: - Update error message for Public Cloud instances with registercloudguest installed. SUSEConnect -d is disabled on PYAG and BYOS when the registercloudguest command is available. (bsc#1230861) - Enhanced SAP detected. Take TREX into account and remove empty values when only /usr/sap but no installation exists (bsc#1241002) - Fixed modules and extension link to point to version less documentation. (bsc#1239439) - Fixed SAP instance detection (bsc#1244550) - Remove link to extensions documentation (bsc#1239439) - Migrate to the public library ------------------------------------------------------------------ ------------------ 2026-1-21 - Jan 21 2026 ------------------- ------------------------------------------------------------------ ++++ cups: - Version upgrade to 2.4.16: See https://github.com/openprinting/cups/releases The hotfix release 2.4.16 includes fix for infinite loop in GTK, which was caused by change of internal behavior in libcups on which GTK depended on, and workaround for stopping the scheduler if configuration includes unknown directives. Detailed list (from CHANGES.md): * 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences, potentially reading past the end of the source string (Issue #1438) * The web interface did not support domain usernames fully (Issue #1441) * Fixed an infinite loop issue in the GTK+ print dialog (Issue #1439 boo#1254353) * Fixed stopping scheduler on unknown directive in configuration (Issue #1443) Issues are those at https://github.com/OpenPrinting/cups/issues - Version upgrade to 2.4.15: See https://github.com/openprinting/cups/releases The release CUPS 2.4.15 brings two CVE fixes: Fix various cupsd issues which cause local DoS (CVE-2025-61915 bsc#1253783) Fix unresponsive cupsd process caused by slow client (CVE-2025-58436 bsc#1244057) and several bug fixes described in CHANGES.md. Detailed list (from CHANGES.md): * Fixed potential crash in 'cups-driverd' when there are duplicate PPDs (Issue #1355) * Fixed error recovery when scanning for PPDs in 'cups-driverd' (Issue #1416) Issues are those at https://github.com/OpenPrinting/cups/issues - Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.16 - Fixed entry below dated "Sat Sep 30 08:52:42 UTC 2017" which contained needless UTF-8 Unicode characters that are now replaced by plain ASCII text in "... line - the ..." to fix a rpmlint "non-break-space" warning. - Adapted and enhanced 'tmpfiles.d' related things in cups.spec to "Fix packages for Immutable Mode - cups" (implementation task jsc#PED-14775 from epic jsc#PED-14688) ++++ glib2: - Add glib2-CVE-2026-0988.patch: fix a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049 CVE-2026-0988 glgo#GNOME/glib#3851). ++++ kernel-default: - net: ipv6: fix field-spanning memcpy warning in AH output (CVE-2025-40363 bsc#1255102). - commit b54ffd4 - ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (CVE-2025-68241 bsc#1255157). - net: netpoll: fix incorrect refcount handling causing incorrect cleanup (CVE-2025-68245 bsc#1255268). - commit f673593 - Refresh patches.suse/dmaengine-idxd-Fix-refcount-underflow-on-module-unlo.patch Fix the missing cleanup, folding the upsteram stable 6.12.y fix (commit d28c1b1566a1) into the backport patch itself. - commit d2ae2ac - of: fix reference count leak in of_alias_scan() (git-fixes). - of: platform: Use default match table for /firmware (git-fixes). - ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes). - commit 403f41b ------------------------------------------------------------------ ------------------ 2026-1-20 - Jan 20 2026 ------------------- ------------------------------------------------------------------ ++++ grub2: - Optimize PBKDF2 to reduce the decryption time (bsc#1248516) * 0001-lib-crypto-Introduce-new-HMAC-functions-to-reuse-buf.patch * 0002-lib-pbkdf2-Optimize-PBKDF2-by-reusing-HMAC-handle.patch * 0001-kern-misc-Implement-faster-grub_memcpy-for-aligned-b.patch ++++ kernel-default: - NFSD: NFSv4 file creation neglects setting ACL (CVE-2025-68803 bsc#1256770). - commit cae9b7a - nfsd: set security label during create operations (CVE-2025-68803 bsc#1256770). - commit 8ee0c2b - RDMA/irdma: avoid invalid read in irdma_net_event (CVE-2025-71133 bsc#1256733) - commit c4b2e81 - RDMA/cm: Fix leaking the multicast GID table reference (CVE-2025-71084 bsc#1256622) - commit 695ad1f - SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (CVE-2025-71120 bsc#1256779). - commit 400a381 - scsi: sg: Do not sleep in atomic context (CVE-2025-40259 bsc#1254845). - commit 386a47a ++++ nvidia-open-driver-G06-signed: - updated CUDA variant to version 580.126.09 - supersedes kernel-6.18.patch ------------------------------------------------------------------ ------------------ 2026-1-19 - Jan 19 2026 ------------------- ------------------------------------------------------------------ ++++ glibc: - memalign-overflow-check.patch: memalign: reinstate alignment overflow check (CVE-2026-0861, bsc#1256766, BZ #33796) - nss-dns-getnetbyaddr.patch: resolv: Fix NSS DNS backend for getnetbyaddr (CVE-2026-0915, bsc#1256822, BZ #33802) - wordexp-wrde-reuse.patch: posix: Reset wordexp_t fields with WRDE_REUSE (CVE-2025-15281, bsc#1257005, BZ #33814) ++++ kernel-default: - arp: do not assume dev_hard_header() does not change skb->head (CVE-2025-71098 bsc#1256591). - ip6_gre: make ip6gre_header() robust (CVE-2025-71098 bsc#1256591). - commit 0de7076 - drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128 CVE-2025-68296) - commit 4190209 - dmaengine: apple-admac: Add "apple,t8103-admac" compatible (git-fixes). - dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes). - dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes). - dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes). - dmaengine: xilinx_dma: Fix uninitialized addr_width when "xlnx,addrwidth" property is missing (git-fixes). - dmaengine: tegra-adma: Fix use-after-free (git-fixes). - dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes). - dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes). - dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes). - dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes). - dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes). - dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes). - dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes). - dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes). - dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes). - phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes). - phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes). - phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes). - phy: stm32-usphyc: Fix off by one in probe() (git-fixes). - commit c2d8602 - Remove patches.suse/0001-drm-fbcon-vga_switcheroo-Avoid-race-condition-in-fbc.patch - commit 462d775 ++++ openssl-3: - Security fixes: * Missing ASN1_TYPE validation in PKCS#12 parsing - openssl-CVE-2026-22795.patch [bsc#1256839, CVE-2026-22795] * ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function - openssl-CVE-2026-22795.patch [bsc#1256840, CVE-2026-22796] * Missing ASN1_TYPE validation in TS_RESP_verify_response() function - openssl-CVE-2025-69420.patch [bsc#1256837, CVE-2025-69420] * NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function - openssl-CVE-2025-69421.patch [bsc#1256838, CVE-2025-69421] * Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion - openssl-CVE-2025-69419.patch [bsc#1256836, CVE-2025-69419] * Heap out-of-bounds write in BIO_f_linebuffer on short writes - openssl-CVE-2025-68160.patch [bsc#1256834, CVE-2025-68160] * Unauthenticated/unencrypted trailing bytes with low-level OCB function calls - openssl-CVE-2025-69418.patch [bsc#1256835, CVE-2025-69418] * Stack buffer overflow in CMS AuthEnvelopedData parsing - openssl-CVE-2025-15467.patch [bsc#1256830, CVE-2025-15467] - openssl-CVE-2025-15467-comments.patch - openssl-CVE-2025-15467-test.patch ------------------------------------------------------------------ ------------------ 2026-1-18 - Jan 18 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - gpio: pca953x: fix wrong error probe return value (git-fixes). - commit df5f5f1 - gpio: pca953x: Utilise temporary variable for struct device (stable-fixes). - Refresh patches.suse/gpio-pca953x-log-an-error-when-failing-to-get-the-re.patch. - commit b07f679 - lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes). - mei: me: add nova lake point S DID (stable-fixes). - gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes). - drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes). - ASoC: fsl_sai: Add missing registers to cache default (stable-fixes). - ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes). - ALSA: usb-audio: Update for native DSD support quirks (stable-fixes). - drm/amd/display: Fix DP no audio issue (stable-fixes). - powercap: fix sscanf() error return value handling (stable-fixes). - powercap: fix race condition in register_control_type() (stable-fixes). - can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes). - mei: me: add wildcat lake P DID (stable-fixes). - gpio: pca953x: Add support for level-triggered interrupts (stable-fixes). - gpio: pca953x: Utilise dev_err_probe() where it makes sense (stable-fixes). - commit 46ebab7 - ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582 CVE-2025-68771). - commit fae1ed0 ------------------------------------------------------------------ ------------------ 2026-1-17 - Jan 17 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes). - commit 9ad50cc - drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes). - drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes). - drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes). - drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes). - ASoC: tlv320adcx140: fix word length (git-fixes). - ASoC: tlv320adcx140: fix null pointer (git-fixes). - ASoC: codecs: wsa884x: fix codec initialisation (git-fixes). - commit b212696 ------------------------------------------------------------------ ------------------ 2026-1-16 - Jan 16 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (CVE-2025-68764 bsc#1255930). - commit 84f3f58 - net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (CVE-2025-68776 bsc#1256659) - commit 86f02f8 - fs/ntfs3: Initialize allocated memory before use (CVE-2025-68365 bsc#1255548) - commit 354fd40 - ntfs3: fix uninit memory after failed mi_read in mi_format_new (CVE-2025-68728 bsc#1255539) - commit 3c62fa0 - iavf: fix off-by-one issues in iavf_config_rss_reg() (CVE-2025-71087 bsc#1256628). - commit 8d4da32 - RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (CVE-2025-68379 bsc#1255695) - commit 8aea2cc - Fix KABI for "md: fix rcu protection in md_wakeup_thread" (CVE-2025-68374 bsc#1255530). - commit 4078c1e - ice: use netif_get_num_default_rss_queues() (bsc#1247712). - commit eb0fac0 - md: fix rcu protection in md_wakeup_thread (CVE-2025-68374 bsc#1255530). - commit 1b0738f - scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256863). - scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256863). - scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256863). - scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256863). - scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256863). - scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256863). - scsi: qla2xxx: Allow recovery for tape devices (bsc#1256863). - scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256863). - scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256863). - scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256863). - scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256863). - scsi: qla2xxx: Add Speed in SFP print information (bsc#1256863). - scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256861). - scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256861). - commit da9bd89 - nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (CVE-2025-40261 bsc#1254839). - commit 95251dd - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349 bsc#1255544). - commit fea667d - ipvs: fix ipv4 null-ptr-deref in route error path (CVE-2025-68813 bsc#1256641). - commit 238038b - drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128 CVE-2025-68296) - commit b6c7c30 - net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes). - can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes). - can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes). - commit 6e93ffe ------------------------------------------------------------------ ------------------ 2026-1-15 - Jan 15 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ntfs3: Fix uninit buffer allocated by __getname() (CVE-2025-68727 bsc#1255568) - commit 97681c7 - libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285 bsc#1255401). - commit fdc5baf - interconnect: Don't access req_list while it's being manipulated (CVE-2023-54013 bsc#1256280). - commit 397aee1 - interconnect: Fix locking for runpm vs reclaim (CVE-2023-54013 bsc#1256280). - commit bacbc82 - RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (CVE-2025-71096 bsc#1256606) - commit 7a5edbb - mptcp: Fix proto fallback detection with BPF (CVE-2025-68227 bsc#1255216). - commit 557d74c - sysfs: check visibility before changing group attribute ownership (CVE-2025-40355 bsc#1255261). - commit 7b1e9ed - x86/fpu: Ensure XFD state on signal delivery (CVE-2025-68171 bsc#1255255). - commit 265a09f ++++ libpng16: - security update - added patches CVE-2026-22695 [bsc#1256525], Heap buffer over-read in png_image_finish_read * libpng16-CVE-2026-22695.patch CVE-2026-22801 [bsc#1256526], Integer truncation causing heap buffer over-read in png_image_write_* * libpng16-CVE-2026-22801.patch ------------------------------------------------------------------ ------------------ 2026-1-14 - Jan 14 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched: Increase sched_tick_remote timeout (bsc#1254510). - commit 87d4295 - drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (bsc#1255134 CVE-2025-68230) - commit 19b936b - net: atlantic: fix fragment overflow handling in RX path (CVE-2025-68301 bsc#1255120). - be2net: pass wrb_params in case of OS2BMC (CVE-2025-40264 bsc#1254835). - net: openvswitch: remove never-working support for setting nsh fields (CVE-2025-40254 bsc#1254852). - net/mlx5: Fix IPsec cleanup over MPV device (CVE-2025-40238 bsc#1254871). - net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (CVE-2025-40350 bsc#1255260). - commit 07231fa - drm/sysfb: Do not dereference NULL pointer in plane reset (bsc#1255095 CVE-2025-40360) - commit adae9ca - amd/amdkfd: enhance kfd process check in switch partition (CVE-2025-68174 bsc#1255327). - commit 9e3bffb - drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (CVE-2025-68190 bsc#1255131). - commit a195e39 - selftests/bpf: Test bpf_skb_check_mtu(BPF_MTU_CHK_SEGS) when transport_header is not set (CVE-2025-68363 bsc#1255552). - commit 742de98 - bpf: Check skb->transport_header is set in bpf_skb_check_mtu (CVE-2025-68363 bsc#1255552). - commit f6cdd52 - drm/amdgpu: remove two invalid BUG_ON()s (CVE-2025-68201 bsc#1255136) - commit 9a27d5e ++++ libzypp: - Avoid libcurl-mini4 when building as it does not support ftp protocol. - Translation: updated .pot file. - version 17.38.1 (35) ------------------------------------------------------------------ ------------------ 2026-1-13 - Jan 13 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Refresh patches.suse/cifs-after-disabling-multichannel-mark-tcon-for-reconnect.patch. - Refresh patches.suse/cifs-avoid-redundant-calls-to-disable-multichannel.patch. - Refresh patches.suse/cifs-cifs_pick_channel-should-try-selecting-active-channels.patch. - Refresh patches.suse/cifs-deal-with-the-channel-loading-lag-while-picking-channels.patch. - Refresh patches.suse/cifs-dns-resolution-is-needed-only-for-primary-channel.patch. - Refresh patches.suse/cifs-do-not-search-for-channel-if-server-is-terminating.patch. - Refresh patches.suse/cifs-fix-a-pending-undercount-of-srv_count.patch. - Refresh patches.suse/cifs-fix-lock-ordering-while-disabling-multichannel.patch. - Refresh patches.suse/cifs-fix-stray-unlock-in-cifs_chan_skip_or_disable.patch. - Refresh patches.suse/cifs-fix-use-after-free-for-iface-while-disabling-secondary-channel.patch. - Refresh patches.suse/cifs-handle-when-server-stops-supporting-multichannel.patch. - Refresh patches.suse/cifs-reconnect-worker-should-take-reference-on-server-struct-uncond.patch. - Refresh patches.suse/cifs-reset-connections-for-all-channels-when-reconnect-requested.patch. - Refresh patches.suse/cifs-reset-iface-weights-when-we-cannot-find-a-candidate.patch. - Refresh patches.suse/smb-client-fix-cifs_pick_channel-when-channel-needs-reconnect.patch. - Refresh patches.suse/smb-client-introduce-close_cached_dir_locked-.patch. - Refresh patches.suse/smb3-add-missing-null-server-pointer-check.patch. - commit 966613b - cifs: fix use after free for iface while disabling secondary channels (git-fixes). - commit dfe1d44 - cifs: reconnect worker should take reference on server struct unconditionally (git-fixes). - Refresh patches.suse/cifs-handle-servers-that-still-advertise-multichannel-after-disabli.patch. - Refresh patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch. - commit a6f7e74 - Refresh patches.suse/cifs-make-sure-that-channel-scaling-is-done-only-once.patch. - commit f14b40c - cifs: avoid redundant calls to disable multichannel (git-fixes). - smb3: add missing null server pointer check (git-fixes). - Refresh patches.suse/cifs-make-sure-server-interfaces-are-requested-only-for-SMB3-.patch. - Refresh patches.suse/cifs-serialize-other-channels-when-query-server-interfaces-is-pendi.patch. - commit 6f71d7c - cifs: fix stray unlock in cifs_chan_skip_or_disable (git-fixes). - commit 9d297d5 - cifs: do not search for channel if server is terminating (git-fixes). - commit 1796cf0 - cifs: handle servers that still advertise multichannel after disabling (git-fixes). - cifs: serialize other channels when query server interfaces is pending (git-fixes). - Refresh patches.suse/cifs-do-not-disable-interface-polling-on-failure.patch. - Refresh patches.suse/cifs-make-sure-server-interfaces-are-requested-only-for-SMB3-.patch. - Refresh patches.suse/cifs-make-sure-that-channel-scaling-is-done-only-once.patch. - Refresh patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch. - Refresh patches.suse/smb3-fix-for-slab-out-of-bounds-on-mount-to-ksmbd.patch. - commit e76704e - smb: client: fix cifs_pick_channel when channel needs reconnect (git-fixes). - commit 59edbd9 - cifs: cifs_pick_channel should try selecting active channels (git-fixes). - commit 3f9ba92 - ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378). - commit 7e74f80 - supported.conf: Mark lan 743x supported (jsc#PED-14571) - commit c174efd - mlx5: Fix default values in create CQ (CVE-2025-68209 bsc#1255230). - commit e7dee05 - x86/microcode/AMD: Select which microcode patch to load (bsc#1256528). - Refresh patches.suse/x86-microcode-AMD-Handle-the-case-of-no-BIOS-microcode.patch. - commit dca6829 - x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256528). - x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (bsc#1256528). - x86/microcode/AMD: Add more known models to entry sign checking (bsc#1256528). - x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1256528). - x86/microcode: Fix Entrysign revision check for Zen1/Naples (bsc#1256528). - x86/microcode/AMD: Add TSA microcode SHAs (bsc#1256528). - x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256528). - x86/microcode/AMD: Clean the cache if update did not load microcode (bsc#1256528). - x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (bsc#1256528). - x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (bsc#1256528). - x86/microcode/AMD: Add some forgotten models to the SHA check (bsc#1256528). - x86/microcode/AMD: Load only SHA256-checksummed patches (bsc#1256528). - commit 4e60c5e - bpf: Fix invalid prog->stats access when update_effective_progs fails (CVE-2025-68742 bsc#1255707). - commit 53d4b3c - bpf: Improve program stats run-time calculation (CVE-2025-68742 bsc#1255707). - commit 4ed738f ++++ libsoup: - Add libsoup-CVE-2026-0716.patch: Fix out-of-bounds read for websocket (bsc#1256418, CVE-2026-0716, glgo#GNOME/libsoup!494). - Add libsoup-CVE-2026-0719.patch: Fix overflow for password md4sum (bsc#1256399, CVE-2026-0719, glgo#GNOME/libsoup!493). ++++ systemd: - Name libsystemd-{shared,core} based on the major version of systemd and the package release number (bsc#1228081 bsc#1256427) This way, both the old and new versions of the shared libraries will be present during the update. This should prevent issues during package updates when incompatible changes are introduced in the new versions of the shared libraries. - Import commit 8bbac1d508acb8aa4e7262f47c7f4076b8350f72 8bbac1d508 detect-virt: bare-metal GCE only for x86 and i386 (bsc#1254293) ++++ linuxptp: - Move to DevicePolicy=closed instead of -PrivateDevices=true to allow access to devices (bsc#1256059) ++++ nvidia-open-driver-G06-signed: - kernel-5.14.patch * fixes build for sle15-sp4 ++++ python-urllib3: - Add CVE-2026-21441.patch to fix excessive resource consumption during decompression of data in HTTP redirect responses (bsc#1256331, CVE-2026-21441) ------------------------------------------------------------------ ------------------ 2026-1-12 - Jan 12 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fuse: fix livelock in synchronous file put from fuseblk workers (CVE-2025-40220 bsc#1254520). - commit 46a797f - tracing: Fix access to trace_event_file (bsc#1254373). - commit 768b257 - virtio_console: fix order of fields cols and rows (stable-fixes). - commit 0d412d7 - drm/amdgpu: Forward VMID reservation errors (git-fixes). - commit a7344a2 - pinctrl: single: Fix PIN_CONFIG_BIAS_DISABLE handling (stable-fixes). - Refresh patches.suse/pinctrl-single-fix-bias-pull-up-down-handling-in-pin.patch. - commit bc41b99 - usb: ohci-nxp: fix device leak on probe failure (git-fixes). - usb: usb-storage: Maintain minimal modifications to the bcdDevice range (git-fixes). - Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes). - drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state() (stable-fixes). - ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() (git-fixes). - i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes). - platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks (stable-fixes). - pinctrl: single: Fix incorrect type for error return variable (git-fixes). - i3c: fix refcount inconsistency in i3c_master_register (git-fixes). - staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing (stable-fixes). - staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser (stable-fixes). - USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes). - USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes). - USB: serial: option: add Foxconn T99W760 (stable-fixes). - USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes). - usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive (stable-fixes). - usb: dwc2: fix hang during shutdown if set as peripheral (git-fixes). - usb: xhci: limit run_graceperiod for only usb 3.0 devices (stable-fixes). - usb: typec: ucsi: Handle incorrect num_connectors capability (stable-fixes). - usbip: Fix locking bug in RT-enabled kernels (stable-fixes). - serial: sprd: Return -EPROBE_DEFER when uart clock is not ready (stable-fixes). - serial: add support of CPCI cards (stable-fixes). - char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes). - iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains (stable-fixes). - fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes). - via_wdt: fix critical boot hang due to unnamed resource allocation (stable-fixes). - ipmi: Fix __scan_channels() failing to rescan channels (stable-fixes). - ipmi: Fix the race between __scan_channels() and deliver_response() (stable-fixes). - reset: fix BIT macro reference (stable-fixes). - firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes). - HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen (stable-fixes). - mmc: sdhci-msm: Avoid early clock doubling during HS400 transition (stable-fixes). - ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes). - media: amphion: Remove vpu_vb_is_codecconfig (git-fixes). - media: verisilicon: Fix CPU stalls on G2 bus error (git-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes). - Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes). - wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (stable-fixes). - wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 (stable-fixes). - ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (stable-fixes). - ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes). - pinctrl: qcom: msm: Fix deadlock in pinmux configuration (stable-fixes). - platform/x86: acer-wmi: Ignore backlight event (stable-fixes). - platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list (stable-fixes). - platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally (stable-fixes). - platform/x86: huawei-wmi: add keys for HONOR models (stable-fixes). - HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes). - HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes). - HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list (stable-fixes). - drm/vmwgfx: Use kref in vmw_bo_dirty (stable-fixes). - spi: xilinx: increase number of retries before declaring stall (stable-fixes). - spi: imx: keep dma request disabled before dma transfer setup (stable-fixes). - ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes). - Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes). - media: amphion: Make some vpu_v4l2 functions static (stable-fixes). - usb: dwc2: disable platform lowlevel hw resources during shutdown (stable-fixes). - media: amphion: Add a frame flush mode for decoder (stable-fixes). - usb: ohci-nxp: Use helper function devm_clk_get_enabled() (stable-fixes). - drm/tilcdc: request and mapp iomem with devres (stable-fixes). - media: verisilicon: g2: Use common helpers to compute chroma and mv offsets (stable-fixes). - media: verisilicon: Store chroma and motion vectors offset (stable-fixes). - i3c: master: Inherit DMA masks and parameters from parent device (stable-fixes). - commit bc3be49 - supported.conf: mark ksmbd unsupported Based on discussion with Enzo Matsumiya it has tuned out that ksmbd module is unsupported but the supported.conf entry is incorrect. Fix that. - commit c800e3f - powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029). - commit daa4104 - Update patches.suse/1260-drm-amdkfd-Add-missing-gfx11-MQD-manager-callbacks.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54261 bsc#1255879). - Update patches.suse/ACPI-video-Fix-use-after-free-in-acpi_video_switch_b.patch (git-fixes CVE-2025-40211 bsc#1254126). - Update patches.suse/ALSA-dice-fix-buffer-overflow-in-detect_stream_forma.patch (git-fixes CVE-2025-68346 bsc#1255603). - Update patches.suse/ALSA-firewire-motu-add-bounds-check-in-put_user-loop.patch (git-fixes CVE-2025-68753 bsc#1256238). - Update patches.suse/ALSA-firewire-motu-fix-buffer-overflow-in-hwdep-read.patch (git-fixes CVE-2025-68347 bsc#1255706). - Update patches.suse/ALSA-hda-cs35l41-Fix-NULL-pointer-dereference-in-cs3-c34b04c.patch (git-fixes CVE-2025-68345 bsc#1255601). - Update patches.suse/ALSA-pcm-Fix-potential-data-race-at-PCM-memory-.patch (bsc#1012628 CVE-2023-54072 bsc#1256291). - Update patches.suse/ALSA-usb-audio-Fix-NULL-pointer-dereference-in-snd_u.patch (git-fixes CVE-2025-40275 bsc#1254829). - Update patches.suse/ALSA-usb-audio-Fix-potential-memory-leaks-at-error-p.patch (jsc#PED-6045 jsc#PED-6036 jsc#PED-6104 jsc#PED-6114 jsc#PED-6067 jsc#PED-6123 CVE-2023-54022 bsc#1255545). - Update patches.suse/ALSA-usb-audio-Fix-potential-overflow-of-PCM-transfe.patch (stable-fixes CVE-2025-40269 bsc#1255035). - Update patches.suse/ASoC-codecs-wcd-mbhc-v2-fix-resource-leaks-on-c.patch (bsc#1012628 CVE-2023-53842 bsc#1254690). - Update patches.suse/Bluetooth-6lowpan-reset-link-local-header-on-ipv6-re.patch (git-fixes CVE-2025-40282 bsc#1254850). - Update patches.suse/Bluetooth-ISO-fix-iso_conn-related-locking-and-.patch (bsc#1012628 CVE-2023-54164 bsc#1256071). - Update patches.suse/Bluetooth-MGMT-cancel-mesh-send-timer-when-hdev-remo.patch (git-fixes CVE-2025-40284 bsc#1254860). - Update patches.suse/Bluetooth-SCO-Fix-UAF-on-sco_conn_free.patch (stable-fixes CVE-2025-40309 bsc#1255065). - Update patches.suse/Bluetooth-bcsp-receive-data-only-if-registered.patch (stable-fixes CVE-2025-40308 bsc#1255064). - Update patches.suse/Bluetooth-btusb-reorder-cleanup-in-btusb_disconnect-.patch (git-fixes CVE-2025-40283 bsc#1254858). - Update patches.suse/Bluetooth-hci_conn-return-ERR_PTR-instead-of-NU.patch (bsc#1012628 CVE-2023-54038 bsc#1255540). - Update patches.suse/Bluetooth-hci_event-validate-skb-length-for-unknown-.patch (git-fixes CVE-2025-40301 bsc#1255193). - Update patches.suse/Bluetooth-hci_sock-Prevent-race-in-socket-write-iter.patch (git-fixes CVE-2025-68305 bsc#1255169). - Update patches.suse/Bluetooth-hci_sync-Avoid-use-after-free-in-dbg-.patch (bsc#1012628 CVE-2023-54210 bsc#1255955). - Update patches.suse/Bluetooth-hci_sync-Avoid-use-after-free-in-dbg-for-h.patch (git-fixes CVE-2023-53828 bsc#1254623). - Update patches.suse/Bluetooth-hci_sync-Fix-UAF-in-hci_disconnect_all_syn.patch (git-fixes CVE-2023-53762 bsc#1254606). - Update patches.suse/Bluetooth-hci_sync-fix-race-in-hci_cmd_sync_dequeue_.patch (git-fixes CVE-2025-40318 bsc#1254798). - Update patches.suse/FS-JFS-Check-for-read-only-mounted-filesystem-i.patch (bsc#1012628 CVE-2023-53766 bsc#1255005). - Update patches.suse/HID-hidraw-fix-data-race-on-device-refcount.patch (bsc#1012628 CVE-2023-53759 bsc#1254663). - Update patches.suse/HID-uclogic-Correct-devm-device-reference-for-hidinp.patch (git-fixes CVE-2023-54207 bsc#1255961). - Update patches.suse/HID-wacom-Use-ktime_t-rather-than-int-when-deal.patch (bsc#1012628 CVE-2023-53797 bsc#1254733). - Update patches.suse/Input-cros_ec_keyb-fix-an-invalid-memory-access.patch (stable-fixes CVE-2025-40263 bsc#1255077). - Update patches.suse/Input-imx_sc_key-fix-memory-corruption-on-unload.patch (git-fixes CVE-2025-40262 bsc#1254840). - Update patches.suse/Input-pegasus-notetaker-fix-potential-out-of-bounds-.patch (git-fixes CVE-2025-68217 bsc#1255221). - Update patches.suse/KVM-SVM-Get-source-vCPUs-from-source-VM-for-SEV-ES-i.patch (git-fixes CVE-2023-54296 bsc#1255793). - Update patches.suse/KVM-s390-pv-fix-index-value-of-replaced-ASCE.patch (bsc#1012628 CVE-2023-54092 bsc#1256370). - Update patches.suse/MIPS-KVM-Fix-NULL-pointer-dereference.patch (bsc#1012628 CVE-2023-54241 bsc#1255838). - Update patches.suse/NFSD-Fix-crash-in-nfsd4_read_release.patch (git-fixes CVE-2025-40324 bsc#1254791). - Update patches.suse/NFSD-free-copynotify-stateid-in-nfs4_free_ol_stateid.patch (git-fixes CVE-2025-40273 bsc#1254828). - Update patches.suse/PCI-DOE-Fix-destroy_work_on_stack-race.patch (git-fixes CVE-2023-54235 bsc#1255921). - Update patches.suse/PCI-Free-released-resource-after-coalescing.patch (git-fixes CVE-2023-53743 bsc#1254782). - Update patches.suse/PCI-IOV-Add-PCI-rescan-remove-locking-when-enabling-.patch (git-fixes CVE-2025-40219 bsc#1254518). - Update patches.suse/PCI-cadence-Check-for-the-existence-of-cdns_pcie-ops.patch (stable-fixes CVE-2025-68176 bsc#1255329). - Update patches.suse/RDMA-bnxt_re-Prevent-handling-any-completions-a.patch (bsc#1012628 CVE-2023-54048 bsc#1256395). - Update patches.suse/RDMA-efa-Fix-wrong-resources-deallocation-order.patch (git-fixes CVE-2023-54201 bsc#1255964). - Update patches.suse/RDMA-irdma-Fix-data-race-on-CQP-completion-stat.patch (bsc#1012628 CVE-2023-54302 bsc#1255792). - Update patches.suse/RDMA-irdma-Fix-data-race-on-CQP-request-done.patch (bsc#1012628 CVE-2023-54292 bsc#1255800). - Update patches.suse/Revert-IB-isert-Fix-incorrect-release-of-isert-conne.patch (git-fixes CVE-2023-54219 bsc#1256231). - Update patches.suse/accel-habanalabs-support-mapping-cb-with-vmalloc-bac.patch (stable-fixes CVE-2025-40311 bsc#1255068). - Update patches.suse/accel-qaic-Clean-up-integer-overflow-checking-.patch (bsc#1012628 CVE-2023-53778 bsc#1254761). - Update patches.suse/af_unix-Fix-data-race-around-unix_tot_inflight.patch (git-fixes CVE-2023-54006 bsc#1255591). - Update patches.suse/amba-bus-fix-refcount-leak.patch (git-fixes CVE-2023-54230 bsc#1255925). - Update patches.suse/amd-amdkfd-resolve-a-race-in-amdgpu_amdkfd_device_fi.patch (stable-fixes CVE-2025-40310 bsc#1255041). - Update patches.suse/amdgpu-validate-offset_in_bo-of-drm_amdgpu_gem_.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53819 bsc#1254712). - Update patches.suse/arm64-mm-fix-VA-range-sanity-check.patch (bsc#1012628 CVE-2023-53989 bsc#1256302). - Update patches.suse/arm64-set-__exception_irq_entry-with-__irq_entr.patch (bsc#1012628 CVE-2023-54322 bsc#1255763). - Update patches.suse/atm-fore200e-Fix-possible-data-race-in-fore200e_open.patch (git-fixes CVE-2025-68339 bsc#1255505). - Update patches.suse/audit-fix-possible-soft-lockup-in-__audit_inode_chil.patch (git-fixes CVE-2023-54045 bsc#1256285). - Update patches.suse/autofs-fix-memory-leak-of-waitqueues-in-autofs_catat.patch (git-fixes CVE-2023-54134 bsc#1256106). - Update patches.suse/backlight-led-bl-Add-devlink-to-supplier-LEDs.patch (git-fixes CVE-2025-68758 bsc#1255944). - Update patches.suse/bcache-fixup-btree_cache_wait-list-damage.patch (bsc#1012628 CVE-2023-54293 bsc#1255801). - Update patches.suse/binder-fix-memory-leak-in-binder_init.patch (bsc#1012628 CVE-2023-54005 bsc#1255629). - Update patches.suse/blk-cgroup-Fix-NULL-deref-caused-by-blkg_policy_data-being-installed-before-init.patch (bsc#1216062 CVE-2023-54271 bsc#1255902). - Update patches.suse/blk-cgroup-hold-queue_lock-when-removing-blkg-.patch (bsc#1012628 CVE-2023-54088 bsc#1256263). - Update patches.suse/blk-mq-fix-tags-leak-when-shrink-nr_hw_queues.patch (bsc#1216436 CVE-2023-54227 bsc#1255952). - Update patches.suse/block-fix-blktrace-debugfs-entries-leakage.patch (bsc#1012628 CVE-2023-54209 bsc#1255963). - Update patches.suse/block-rq_qos-protect-rq_qos-apis-with-a-new-loc.patch (bsc#1012628 CVE-2023-53823 bsc#1254691). - Update patches.suse/bpf-Address-KCSAN-report-on-bpf_lru_list.patch (bsc#1012628 CVE-2023-54283 bsc#1255809). - Update patches.suse/bpf-Disable-preemption-in-bpf_event_output.patch (bsc#1012628 CVE-2023-54173 bsc#1255996). - Update patches.suse/bpf-Disable-preemption-in-bpf_perf_event_outpu.patch (bsc#1012628 CVE-2023-54303 bsc#1255785). - Update patches.suse/bpf-Fix-issue-in-verifying-allow_ptr_leaks.patch (jsc#PED-6811 CVE-2023-54181 bsc#1255988). - Update patches.suse/bpf-Silence-a-warning-in-btf_type_id_size.patch (bsc#1012628 CVE-2023-54247 bsc#1255892). - Update patches.suse/bpf-bpf_sk_storage-Fix-invalid-wait-context-lockdep-.patch (jsc#PED-6811 CVE-2023-53857 bsc#1254648). - Update patches.suse/bpf-drop-unnecessary-user-triggerable-WARN_ONCE.patch (bsc#1012628 CVE-2023-54145 bsc#1256090). - Update patches.suse/bpf-sockmap-Fix-skb-refcnt-race-after-locking-change.patch (jsc#PED-6811 CVE-2023-53836 bsc#1254693). - Update patches.suse/btrfs-fix-incorrect-splitting-in-btrfs_drop_ex.patch (bsc#1012628 CVE-2023-54121 bsc#1256267). - Update patches.suse/btrfs-fix-lockdep-splat-and-potential-deadlock-after.patch (git-fixes CVE-2023-54224 bsc#1255951). - Update patches.suse/btrfs-fix-race-between-balance-and-cancel-pause.patch (bsc#1012628 CVE-2023-54023 bsc#1256301). - Update patches.suse/btrfs-fix-race-when-deleting-free-space-root-fr.patch (bsc#1012628 CVE-2023-54067 bsc#1256369). - Update patches.suse/btrfs-fix-race-when-deleting-quota-root-from-th.patch (bsc#1012628 CVE-2023-54032 bsc#1255617). - Update patches.suse/btrfs-fix-warning-when-putting-transaction-with.patch (bsc#1012628 CVE-2023-53865 bsc#1254762). - Update patches.suse/btrfs-release-path-before-inode-lookup-during-the-in.patch (git-fixes CVE-2023-54281 bsc#1255820). - Update patches.suse/btrfs-remove-BUG_ON-s-in-add_new_free_space.patch (bsc#1012628 CVE-2023-54185 bsc#1255984). - Update patches.suse/btrfs-set-page-extent-mapped-after-read_folio-in-rel.patch (git-fixes CVE-2023-54253 bsc#1255891). - Update patches.suse/btrfs-zoned-fix-memory-leak-after-finding-block.patch (bsc#1012628 CVE-2023-54297 bsc#1255795). - Update patches.suse/btrfs-zoned-skip-splitting-and-logical-rewriting-on-.patch (bsc#1223731 CVE-2024-26944 CVE-2023-54080 bsc#1256367). - Update patches.suse/can-gs_usb-gs_usb_xmit_callback-fix-handling-of-fail.patch (git-fixes CVE-2025-68307 bsc#1255146). - Update patches.suse/can-kvaser_usb-leaf-Fix-potential-infinite-loop-in-c.patch (git-fixes CVE-2025-68308 bsc#1255149). - Update patches.suse/cifs-fix-potential-oops-in-cifs_oplock_break.patch (bsc#1012628 CVE-2023-54258 bsc#1255886). - Update patches.suse/cifs-fix-session-state-check-in-reconnect-to-a.patch (bsc#1012628 CVE-2023-53794 bsc#1255163). - Update patches.suse/clk-clocking-wizard-Fix-Oops-in-clk_wzrd_regist.patch (bsc#1012628 CVE-2023-53807 bsc#1254724). - Update patches.suse/clk-imx93-fix-memory-leak-and-missing-unwind-go.patch (bsc#1012628 CVE-2023-54221 bsc#1255842). - Update patches.suse/comedi-c6xdigio-Fix-invalid-PNP-driver-unregistratio.patch (git-fixes CVE-2025-68332 bsc#1255483). - Update patches.suse/comedi-check-device-s-attached-status-in-compat-ioct.patch (git-fixes CVE-2025-68257 bsc#1255167). - Update patches.suse/comedi-multiq3-sanitize-config-options-in-multiq3_at.patch (git-fixes CVE-2025-68258 bsc#1255182). - Update patches.suse/comedi-pcl818-fix-null-ptr-deref-in-pcl818_ai_cancel.patch (git-fixes CVE-2025-68335 bsc#1255480). - Update patches.suse/crypto-api-Use-work-queue-in-crypto_destroy_instance.patch (git-fixes CVE-2023-53799 bsc#1254732). - Update patches.suse/crypto-aspeed-fix-double-free-caused-by-devm.patch (git-fixes CVE-2025-68172 bsc#1255253). - Update patches.suse/crypto-asymmetric_keys-prevent-overflow-in-asymmetri.patch (git-fixes CVE-2025-68724 bsc#1255550). - Update patches.suse/dccp-Fix-out-of-bounds-access-in-DCCP-error-handler.patch (bsc#1220419 CVE-2023-53782 bsc#1254758). - Update patches.suse/dccp-fix-data-race-around-dp-dccps_mss_cache.patch (bsc#1012628 CVE-2023-53839 bsc#1254655). - Update patches.suse/devlink-report-devlink_port_type_warn-source-de.patch (bsc#1012628 CVE-2023-53841 bsc#1255009). - Update patches.suse/dm-don-t-attempt-to-queue-IO-under-RCU-protection-a9ce.patch (jsc#PED-7514 CVE-2023-53860 bsc#1254626). - Update patches.suse/dm-fix-a-race-condition-in-retrieve_deps-f600.patch (jsc#PED-7514 CVE-2023-54324 bsc#1255759). - Update patches.suse/driver-soc-xilinx-use-_safe-loop-iterator-to-av.patch (bsc#1012628 CVE-2023-54101 bsc#1256153). - Update patches.suse/drm-amd-display-Check-NULL-before-accessing.patch (stable-fixes CVE-2025-68286 bsc#1255351). - Update patches.suse/drm-amd-display-Fix-NULL-deref-in-debugfs-odm_combin.patch (git-fixes CVE-2025-68180 bsc#1255252). - Update patches.suse/drm-amdgpu-Fix-NULL-pointer-dereference-in-VRAM-logi.patch (stable-fixes CVE-2025-40288 bsc#1255057). - Update patches.suse/drm-bridge-dw_hdmi-fix-connector-access-for-scd.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53784 bsc#1254765). - Update patches.suse/drm-client-Fix-memory-leak-in-drm_client_target.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54091 bsc#1256274). - Update patches.suse/drm-i915-Avoid-lock-inversion-when-pinning-to-GGTT-o.patch (git-fixes CVE-2025-68244 bsc#1255190). - Update patches.suse/drm-mediatek-Fix-device-use-after-free-on-unbind.patch (git-fixes CVE-2025-40316 bsc#1254797). - Update patches.suse/drm-msm-dp-Drop-aux-devices-together-with-DP-co.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53851 bsc#1254695). - Update patches.suse/drm-mxsfb-Disable-overlay-plane-in-mxsfb_plane_overl.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53864 bsc#1254754). - Update patches.suse/drm-nouveau-kms-nv50-init-hpd_irq_lock-for-PIOR.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54263 bsc#1255883). - Update patches.suse/drm-sched-Fix-deadlock-in-drm_sched_entity_kill_jobs.patch (git-fixes CVE-2025-40329 bsc#1254621). - Update patches.suse/drm-tegra-Add-call-to-put_pid.patch (git-fixes CVE-2025-68233 bsc#1255206). - Update patches.suse/drm-ttm-Don-t-leak-a-resource-on-eviction-error.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-54254 bsc#1255890). - Update patches.suse/drm-ttm-Don-t-leak-a-resource-on-swapout-move-e.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53844 bsc#1254649). - Update patches.suse/drm-vgem-fence-Fix-potential-deadlock-on-release.patch (git-fixes CVE-2025-68757 bsc#1255943). - Update patches.suse/drm-vmwgfx-Validate-command-header-size-against-SVGA.patch (git-fixes CVE-2025-40277 bsc#1254894). - Update patches.suse/erofs-kill-hooked-chains-to-avoid-loops-on-dedu.patch (bsc#1012628 CVE-2023-53777 bsc#1254749). - Update patches.suse/exfat-use-kvmalloc_array-kvfree-instead-of-kma.patch (bsc#1012628 CVE-2023-54194 bsc#1255974). - Update patches.suse/ext4-correct-grp-validation-in-ext4_mb_good_group.patch (bsc#1234163 CVE-2023-53861 bsc#1254678). - Update patches.suse/ext4-fix-BUG-in-ext4_mb_new_inode_pa-due-to-overflow.patch (bsc#1219165 CVE-2023-54069 bsc#1256371). - Update patches.suse/ext4-fix-rbtree-traversal-bug-in-ext4_mb_use_pr.patch (bsc#1012628 CVE-2023-53813 bsc#1254717). - Update patches.suse/ext4-turn-quotas-off-if-mount-failed-after-enab.patch (bsc#1012628 CVE-2023-54153 bsc#1256081). - Update patches.suse/f2fs-fix-to-do-sanity-check-on-direct-node-in-.patch (bsc#1012628 CVE-2023-53846 bsc#1254983). - Update patches.suse/fbcon-Set-fb_display-i-mode-to-NULL-when-the-mode-is.patch (stable-fixes CVE-2025-40323 bsc#1255094). - Update patches.suse/fbdev-Add-bounds-checking-in-bit_putcs-to-fix-vmallo.patch (stable-fixes CVE-2025-40304 bsc#1255034). - Update patches.suse/fbdev-bitblit-bound-check-glyph-index-in-bit_putcs.patch (stable-fixes CVE-2025-40322 bsc#1255092). - Update patches.suse/firmware-meson_sm-fix-to-avoid-potential-NULL-pointe.patch (git-fixes CVE-2023-54304 bsc#1255786). - Update patches.suse/firmware-stratix10-svc-fix-bug-in-saving-controller-.patch (git-fixes CVE-2025-68328 bsc#1255489). - Update patches.suse/fs-Protect-reconfiguration-of-sb-read-write-fr.patch (bsc#1012628 CVE-2023-54099 bsc#1256197). - Update patches.suse/fs-jfs-prevent-double-free-in-dbUnmount-after-failed-jfs_remount.patch (git-fixes CVE-2023-54127 bsc#1256119). - Update patches.suse/fs-ntfs3-Return-error-for-inconsistent-extende.patch (bsc#1012628 CVE-2023-54125 bsc#1256117). - Update patches.suse/fs-sysv-Null-check-to-prevent-null-ptr-deref-b.patch (bsc#1012628 CVE-2023-54264 bsc#1255872). - Update patches.suse/gpu-host1x-Fix-race-in-syncpt-alloc-free.patch (git-fixes CVE-2025-68732 bsc#1255688). - Update patches.suse/gtp-Fix-use-after-free-in-__gtp_encap_destroy.patch (bsc#1012628 CVE-2023-54142 bsc#1256095). - Update patches.suse/hfs-validate-record-offset-in-hfsplus_bmap_alloc.patch (git-fixes CVE-2025-40349 bsc#1255280). - Update patches.suse/hfsplus-fix-KMSAN-uninit-value-issue-in-__hfsplus_ext_cache_extent.patch (git-fixes CVE-2025-40244 bsc#1255033). - Update patches.suse/hfsplus-fix-KMSAN-uninit-value-issue-in-hfsplus_delete_cat.patch (git-fixes CVE-2025-40351 bsc#1255281). - Update patches.suse/hwrng-virtio-Fix-race-on-data_avail-and-actual-.patch (bsc#1012628 CVE-2023-53998 bsc#1255578). - Update patches.suse/iavf-use-internal-state-to-free-traffic-IRQs.patch (bsc#1012628 CVE-2023-53850 bsc#1254677). - Update patches.suse/ice-prevent-NULL-pointer-deref-during-reload.patch (bsc#1012628 CVE-2023-54037 bsc#1255557). - Update patches.suse/igb-clean-up-in-all-error-paths-when-enabling-SR-IOV.patch (jsc#PED-4866 CVE-2023-54070 bsc#1256364). - Update patches.suse/igc-Fix-Kernel-Panic-during-ndo_tx_timeout-call.patch (bsc#1012628 CVE-2023-54166 bsc#1256074). - Update patches.suse/iio-accel-bmc150-Fix-irq-assumption-regression.patch (stable-fixes CVE-2025-68330 bsc#1255493). - Update patches.suse/iio-adc-ina2xx-avoid-NULL-pointer-dereference-.patch (bsc#1012628 CVE-2023-53834 bsc#1254660). - Update patches.suse/iio-core-Prevent-invalid-memory-access-when-th.patch (bsc#1012628 CVE-2023-54027 bsc#1255579). - Update patches.suse/ima-Handle-error-code-returned-by-ima_filter_rule_ma.patch (git-fixes CVE-2025-68740 bsc#1255812). - Update patches.suse/ima-don-t-clear-IMA_DIGSIG-flag-when-setting-or-remo.patch (stable-fixes CVE-2025-68183 bsc#1255251). - Update patches.suse/io_uring-net-don-t-overflow-multishot-recv.patch (bsc#1215211 CVE-2023-54030 bsc#1255691). - Update patches.suse/iomap-Fix-possible-overflow-condition-in-iomap_write_delalloc_scan.patch (jsc#PED-5453 CVE-2023-54285 bsc#1255807). - Update patches.suse/iommufd-IOMMUFD_DESTROY-should-not-increase-the.patch (bsc#1012628 CVE-2023-53795 bsc#1254737). - Update patches.suse/iommufd-Set-end-correctly-when-doing-batch-carr.patch (bsc#1012628 CVE-2023-54060 bsc#1256379). - Update patches.suse/ionic-remove-WARN_ON-to-prevent-panic_on_warn.patch (bsc#1012628 CVE-2023-53994 bsc#1255570). - Update patches.suse/ip6_vti-fix-slab-use-after-free-in-decode_sess.patch (bsc#1012628 CVE-2023-53821 bsc#1254669). - Update patches.suse/ipmi-ssif-Fix-a-memory-leak-when-scanning-for-an-ada.patch (git-fixes CVE-2023-54064 bsc#1256375). - Update patches.suse/irqchip-mchp-eic-Fix-error-code-in-mchp_eic_domain_a.patch (git-fixes CVE-2025-68766 bsc#1255932). - Update patches.suse/isdn-mISDN-hfcsusb-fix-memory-leak-in-hfcsusb_probe.patch (git-fixes CVE-2025-68734 bsc#1255538). - Update patches.suse/jfs-Verify-inode-mode-when-loading-from-disk.patch (git-fixes CVE-2025-40312 bsc#1255046). - Update patches.suse/jfs-fix-uninitialized-waitqueue-in-transaction-manager.patch (git-fixes CVE-2025-68168 bsc#1255100). - Update patches.suse/kcm-Fix-error-handling-for-SOCK_DGRAM-in-kcm_sendmsg.patch (bsc#1220419 CVE-2023-53825 bsc#1254707). - Update patches.suse/kcm-Fix-memory-leak-in-error-path-of-kcm_sendmsg.patch (bsc#1220419 CVE-2023-54112 bsc#1256354). - Update patches.suse/keys-Fix-linking-a-duplicate-key-to-a-keyring-s.patch (bsc#1012628 CVE-2023-54170 bsc#1256045). - Update patches.suse/maple_tree-fix-potential-out-of-bounds-access-i.patch (bsc#1012628 CVE-2023-54135 bsc#1256107). - Update patches.suse/md-fix-warning-for-holder-mismatch-from-export_rdev.patch (git-fixes CVE-2023-53791 bsc#1254742). - Update patches.suse/md-raid5-cache-fix-a-deadlock-in-r5l_exit_log-a705.patch (jsc#PED-7542 CVE-2023-53848 bsc#1254753). - Update patches.suse/media-af9005-Fix-null-ptr-deref-in-af9005_i2c_xfer.patch (git-fixes CVE-2023-54314 bsc#1255776). - Update patches.suse/media-anysee-fix-null-ptr-deref-in-anysee_master_xfe.patch (git-fixes CVE-2023-54093 bsc#1256273). - Update patches.suse/media-dvb-usb-m920x-Fix-a-potential-memory-leak-in-m.patch (git-fixes CVE-2023-54266 bsc#1255875). - Update patches.suse/media-dvb-usb-v2-gl861-Fix-null-ptr-deref-in-gl861_i.patch (git-fixes CVE-2023-54066 bsc#1256373). - Update patches.suse/media-imon-make-send_packet-more-robust.patch (stable-fixes CVE-2025-68194 bsc#1255325). - Update patches.suse/media-mediatek-vcodec-fix-resource-leaks-in-vdec_msg.patch (git-fixes CVE-2023-54143 bsc#1256096). - Update patches.suse/media-tuners-qt1010-replace-BUG_ON-with-a-regular-er.patch (git-fixes CVE-2023-54282 bsc#1255810). - Update patches.suse/media-v4l2-core-Fix-a-potential-resource-leak-in-v4l.patch (git-fixes CVE-2023-54183 bsc#1255990). - Update patches.suse/misc-fastrpc-Fix-dma_buf-object-leak-in-fastrpc_map_.patch (git-fixes CVE-2025-68252 bsc#1255197). - Update patches.suse/misc-pci_endpoint_test-Free-IRQs-before-removin.patch (bsc#1012628 CVE-2023-54326 bsc#1255758). - Update patches.suse/mm-secretmem-fix-use-after-free-race-in-fault-handle.patch (git-fixes CVE-2025-40272 bsc#1254832). - Update patches.suse/mmc-sunplus-fix-return-value-check-of-mmc_add_.patch (bsc#1012628 CVE-2023-54204 bsc#1255967). - Update patches.suse/most-usb-Fix-use-after-free-in-hdm_disconnect.patch (git-fixes CVE-2025-40223 bsc#1254957). - Update patches.suse/most-usb-fix-double-free-on-late-probe-failure.patch (git-fixes CVE-2025-68290 bsc#1255154). - Update patches.suse/most-usb-hdm_probe-Fix-calling-put_device-before-dev.patch (git-fixes CVE-2025-68249 bsc#1255233). - Update patches.suse/mt76-mt7615-Fix-memory-leak-in-mt7615_mcu_wtbl_sta_a.patch (git-fixes CVE-2025-68765 bsc#1255931). - Update patches.suse/mt76-mt7921-don-t-assume-adequate-headroom-for-SDIO-.patch (git-fixes CVE-2023-53785 bsc#1254918). - Update patches.suse/mtd-rawnand-cadence-fix-DMA-device-NULL-pointer-dere.patch (git-fixes CVE-2025-68238 bsc#1255202). - Update patches.suse/mtd-rawnand-fsl_upm-Fix-an-off-by-one-test-in-.patch (bsc#1012628 CVE-2023-54104 bsc#1256145). - Update patches.suse/mtdchar-fix-integer-overflow-in-read-write-ioctls.patch (git-fixes CVE-2025-68237 bsc#1255203). - Update patches.suse/net-core-remove-unnecessary-frame_sz-check-in-.patch (bsc#1012628 CVE-2023-54155 bsc#1256083). - Update patches.suse/net-deal-with-integer-overflows-in-kmalloc_reserve.patch (bsc#1215146 CVE-2023-42752 CVE-2023-53752 bsc#1254613). - Update patches.suse/net-do-not-allow-gso_size-to-be-set-to-GSO_BY_.patch (bsc#1012628 CVE-2023-54051 bsc#1256394). - Update patches.suse/net-dsa-avoid-suspicious-RCU-usage-for-synced-V.patch (bsc#1012628 CVE-2023-54149 bsc#1256085). - Update patches.suse/net-dsa-ocelot-call-dsa_tag_8021q_unregister-u.patch (bsc#1012628 CVE-2023-53855 bsc#1254688). - Update patches.suse/net-ethernet-mtk_eth_soc-fix-possible-NULL-pointer-d.patch (git-fixes CVE-2023-54240 bsc#1255918). - Update patches.suse/net-hns3-fix-deadlock-issue-when-externel_lb-a.patch (bsc#1012628 CVE-2023-54000 bsc#1255564). - Update patches.suse/net-ipa-only-reset-hashed-tables-when-supported.patch (bsc#1012628 CVE-2023-54225 bsc#1256234). - Update patches.suse/net-ipv4-fix-one-memleak-in-__inet_del_ifa.patch (bsc#1220419 CVE-2023-53995 bsc#1255616). - Update patches.suse/net-mlx5-fix-potential-memory-leak-in-mlx5e_in.patch (bsc#1012628 CVE-2023-54106 bsc#1256358). - Update patches.suse/net-mlx5e-Move-representor-neigh-cleanup-to-pr.patch (bsc#1012628 CVE-2023-54148 bsc#1256084). - Update patches.suse/net-mlx5e-TC-Fix-internal-port-memory-leak.patch (bsc#1012628 CVE-2023-53999 bsc#1255621). - Update patches.suse/net-mlx5e-fix-memory-leak-in-mlx5e_ptp_open.patch (bsc#1012628 CVE-2023-54169 bsc#1256050). - Update patches.suse/net-mlx5e-xsk-Fix-invalid-buffer-access-for-le.patch (bsc#1012628 CVE-2023-54223 bsc#1256233). - Update patches.suse/net-openvswitch-reject-negative-ifindex.patch (bsc#1012628 CVE-2023-53843 bsc#1254705). - Update patches.suse/net-prevent-skb-corruption-on-frag-list-segment.patch (bsc#1012628 CVE-2023-54094 bsc#1256292). - Update patches.suse/net-read-sk-sk_family-once-in-sk_mc_loop.patch (bsc#1220419 CVE-2023-53831 bsc#1254701). - Update patches.suse/net-sched-taprio-Limit-TCA_TAPRIO_ATTR_SCHED_C.patch (bsc#1012628 CVE-2023-54251 bsc#1255888). - Update patches.suse/net-smc-use-smc_lgr_list.lock-to-protect-smc_lgr_lis.patch (git-fixes CVE-2023-54318 bsc#1255772). - Update patches.suse/net-usb-qmi_wwan-initialize-MAC-header-offset-in-qmi.patch (git-fixes CVE-2025-68192 bsc#1255246). - Update patches.suse/netfilter-nf_tables-fix-underflow-in-chain-refe.patch (bsc#1012628 CVE-2023-54035 bsc#1255563). - Update patches.suse/netlink-do-not-hard-code-device-address-lenth-i.patch (bsc#1012628 CVE-2023-53863 bsc#1254657). - Update patches.suse/nfp-clean-mc-addresses-in-application-firmware-.patch (bsc#1012628 CVE-2023-54133 bsc#1256104). - Update patches.suse/nfs4_setup_readdir-insufficient-locking-for-d_parent-d_inode-dereferencing.patch (git-fixes CVE-2025-68185 bsc#1255135). - Update patches.suse/nfsd-move-init-of-percpu-reply_cache_stats-coun.patch (bsc#1012628 CVE-2023-54276 bsc#1255907). - Update patches.suse/nilfs2-fix-WARNING-in-mark_buffer_dirty-due-to.patch (bsc#1012628 CVE-2023-54140 bsc#1256093). - Update patches.suse/nouveau-firmware-Add-missing-kfree-of-nvkm_falcon_fw.patch (git-fixes CVE-2025-68235 bsc#1255209). - Update patches.suse/nvme-core-fix-memory-leak-in-dhchap_ctrl_secret.patch (bsc#1012628 CVE-2023-53792 bsc#1254743). - Update patches.suse/nvme-core-fix-memory-leak-in-dhchap_secret_stor.patch (bsc#1012628 CVE-2023-53852 bsc#1254653). - Update patches.suse/nvme-fc-use-lock-accessing-port_state-and-rport-stat.patch (bsc#1245193 bsc#1247500 CVE-2025-40342 bsc#1255274). - Update patches.suse/nvme-multipath-fix-lockdep-WARN-due-to-partition-sca.patch (git-fixes bsc#1233640 CVE-2024-53093 CVE-2025-68218 bsc#1255245). - Update patches.suse/nvmet-fc-avoid-scheduling-association-deletion-twice.patch (bsc#1245193 bsc#1247500 CVE-2025-40343 bsc#1255276). - Update patches.suse/of-overlay-Call-of_changeset_init-early.patch (git-fixes CVE-2023-53856 bsc#1254661). - Update patches.suse/of-unittest-fix-null-pointer-dereferencing-in-of_uni.patch (git-fixes CVE-2023-54178 bsc#1255992). - Update patches.suse/opp-Fix-use-after-free-in-lazy_opp_tables-after.patch (bsc#1012628 CVE-2023-54026 bsc#1255549). - Update patches.suse/orangefs-fix-xattr-related-buffer-overflow.patch (git-fixes CVE-2025-40306 bsc#1255062). - Update patches.suse/ovl-fix-null-pointer-dereference-in-ovl_get_acl.patch (bsc#1012628 CVE-2023-54313 bsc#1255775). - Update patches.suse/pcmcia-rsrc_nonstatic-Fix-memory-leak-in-nonst.patch (bsc#1012628 CVE-2023-54115 bsc#1256121). - Update patches.suse/perf-tool-x86-Fix-perf_env-memory-leak.patch (bsc#1012628 CVE-2023-53793 bsc#1254739). - Update patches.suse/phy-tegra-xusb-Clear-the-driver-reference-in-us.patch (bsc#1012628 CVE-2023-54083 bsc#1256368). - Update patches.suse/pinctrl-at91-pio4-check-return-value-of-devm_ka.patch (bsc#1012628 CVE-2023-54319 bsc#1255760). - Update patches.suse/pinctrl-freescale-Fix-a-memory-out-of-bounds-wh.patch (bsc#1012628 CVE-2023-53750 bsc#1254611). - Update patches.suse/pinctrl-s32cc-fix-uninitialized-memory-in-s32_pinctr.patch (git-fixes CVE-2025-68222 bsc#1255218). - Update patches.suse/platform-x86-intel-punit_ipc-fix-memory-corruption.patch (git-fixes CVE-2025-68303 bsc#1255122). - Update patches.suse/posix-timers-Prevent-RT-livelock-in-itimer_dele.patch (bsc#1012628 CVE-2023-53815 bsc#1254715). - Update patches.suse/powerpc-64s-Fix-VAS-mm-use-after-free.patch (bsc#1012628 CVE-2023-54042 bsc#1255702). - Update patches.suse/powerpc-iommu-Fix-notifiers-being-shared-by-PCI-and-.patch (bsc#1065729 CVE-2023-54095 bsc#1256271). - Update patches.suse/powerpc-powernv-sriov-perform-null-check-on-iov.patch (bsc#1012628 CVE-2023-54315 bsc#1255769). - Update patches.suse/powerpc-pseries-Rework-lppaca_shared_proc-to-avoid-D.patch (bsc#1194869 CVE-2023-54267 bsc#1255899). - Update patches.suse/powerpc-pseries-fix-possible-memory-leak-in-ibmebus_.patch (bsc#1194869 CVE-2023-54017 bsc#1255605). - Update patches.suse/pstore-ram-Add-check-for-kstrdup.patch (bsc#1012628 CVE-2023-54189 bsc#1255978). - Update patches.suse/quota-fix-warning-in-dqgrab.patch (bsc#1012628 CVE-2023-54177 bsc#1255993). - Update patches.suse/rcu-dump-vmalloc-memory-info-safely.patch (git-fixes CVE-2023-54113 bsc#1256351). - Update patches.suse/rcuscale-Move-rcu_scale_writer-schedule_timeout_unin.patch (git-fixes CVE-2023-54246 bsc#1255915). - Update patches.suse/refscale-Fix-uninitalized-use-of-wait_queue_head_t.patch (git-fixes CVE-2023-54316 bsc#1255770). - Update patches.suse/regmap-irq-Fix-out-of-bounds-access-when-alloca.patch (bsc#1012628 CVE-2023-53768 bsc#1254599). - Update patches.suse/regmap-slimbus-fix-bus_context-pointer-in-regmap-ini.patch (git-fixes CVE-2025-40317 bsc#1254796). - Update patches.suse/regulator-core-Protect-regulator_supply_alias_list-w.patch (git-fixes CVE-2025-68354 bsc#1255553). - Update patches.suse/regulator-da9063-fix-null-pointer-deref-with-pa.patch (bsc#1012628 CVE-2023-53787 bsc#1254750). - Update patches.suse/rpmsg-glink-Add-check-for-kstrdup.patch (git-fixes CVE-2023-54049 bsc#1256396). - Update patches.suse/s390-dcssblk-fix-kernel-crash-with-list_add-corruption.patch (git-fixes bsc#1215344 CVE-2023-54117 bsc#1256348). - Update patches.suse/s390-vmem-split-pages-when-debug-pagealloc-is-.patch (bsc#1012628 CVE-2023-54278 bsc#1255911). - Update patches.suse/samples-bpf-Fix-buffer-overflow-in-tcp_basertt.patch (bsc#1012628 CVE-2023-54312 bsc#1255774). - Update patches.suse/sched-psi-use-kernfs-polling-functions-for-PSI-.patch (bsc#1012628 CVE-2023-54019 bsc#1255636). - Update patches.suse/scsi-qedf-Fix-NULL-dereference-in-error-handlin.patch (bsc#1012628 CVE-2023-54289 bsc#1255806). - Update patches.suse/scsi-qla2xxx-Array-index-may-go-out-of-bound.patch (bsc#1012628 CVE-2023-54179 bsc#1255994). - Update patches.suse/scsi-qla2xxx-Check-valid-rport-returned-by-fc_b.patch (bsc#1012628 CVE-2023-54014 bsc#1256300). - Update patches.suse/scsi-target-core-Fix-target_cmd_counter-leak.patch (bsc#1214847 CVE-2023-54154 bsc#1256082). - Update patches.suse/serial-8250-Fix-oops-for-port-pm-on-uart_chang.patch (bsc#1012628 CVE-2023-54220 bsc#1255949). - Update patches.suse/serial-sprd-Fix-DMA-buffer-leak-issue.patch (git-fixes CVE-2023-54136 bsc#1256099). - Update patches.suse/sfc-fix-crash-when-reading-stats-while-NIC-is-r.patch (bsc#1012628 CVE-2023-54156 bsc#1255704). - Update patches.suse/sh-dma-Fix-DMA-channel-offset-calculation.patch (bsc#1012628 CVE-2023-54255 bsc#1255884). - Update patches.suse/smb-client-fix-missed-ses-refcounting.patch (bsc#1012628 CVE-2023-54076 bsc#1256335). - Update patches.suse/smb-client-fix-potential-cfid-UAF-in-smb2_query_info_compound.patch (bsc#1248886 CVE-2025-40320 bsc#1254793). - Update patches.suse/soundwire-fix-enumeration-completion.patch (bsc#1012628 CVE-2023-54096 bsc#1256178). - Update patches.suse/spi-tegra210-quad-Fix-timeout-handling.patch (bsc#1253155 CVE-2025-68746 bsc#1255722). - Update patches.suse/staging-r8712-Fix-memory-leak-in-_r8712_init_xm.patch (bsc#1012628 CVE-2023-54001 bsc#1255628). - Update patches.suse/thermal-of-fix-double-free-on-unregistration.patch (bsc#1012628 CVE-2023-53997 bsc#1255632). - Update patches.suse/tpm-tpm_vtpm_proxy-fix-a-race-condition-in-dev-.patch (bsc#1012628 CVE-2023-54309 bsc#1255780). - Update patches.suse/tracing-Fix-memory-leak-of-iter-temp-when-readi.patch (bsc#1012628 CVE-2023-54171 bsc#1256034). - Update patches.suse/tracing-Fix-warning-in-trace_buffered_event_dis.patch (bsc#1012628 CVE-2023-54211 bsc#1255843). - Update patches.suse/tty-serial-samsung_tty-Fix-a-memory-leak-in-s3c.patch (bsc#1012628 CVE-2023-53858 bsc#1254704). - Update patches.suse/usb-cdns3-gadget-Use-after-free-during-failed-initia.patch (stable-fixes CVE-2025-40314 bsc#1255072). - Update patches.suse/usb-dwc3-Fix-race-condition-between-concurrent-dwc3_.patch (git-fixes CVE-2025-68287 bsc#1255152). - Update patches.suse/usb-gadget-f_eem-Fix-memory-leak-in-eem_unwrap.patch (git-fixes CVE-2025-68289 bsc#1255155). - Update patches.suse/usb-gadget-f_fs-Fix-epfile-null-pointer-access-after.patch (stable-fixes CVE-2025-40315 bsc#1255083). - Update patches.suse/usb-potential-integer-overflow-in-usbg_make_tpg.patch (stable-fixes CVE-2025-68750 bsc#1255814). - Update patches.suse/usb-storage-alauda-Fix-uninit-value-in-alauda_.patch (bsc#1012628 CVE-2023-53847 bsc#1254698). - Update patches.suse/usb-storage-sddr55-Reject-out-of-bound-new_pba.patch (stable-fixes CVE-2025-40345 bsc#1255279). - Update patches.suse/usb-typec-bus-verify-partner-exists-in-typec_altmode.patch (git-fixes CVE-2023-54299 bsc#1255789). - Update patches.suse/usb-uas-fix-urb-unmapping-issue-when-the-uas-device-.patch (git-fixes CVE-2025-68331 bsc#1255495). - Update patches.suse/usbnet-Prevents-free-active-kevent.patch (git-fixes CVE-2025-68312 bsc#1255171). - Update patches.suse/vdpa-Add-queue-index-attr-to-vdpa_nl_policy-fo.patch (bsc#1012628 CVE-2023-54031 bsc#1255583). - Update patches.suse/vduse-fix-NULL-pointer-dereference.patch (bsc#1012628 CVE-2023-54291 bsc#1255798). - Update patches.suse/vfio-type1-fix-cap_migration-information-leak (jsc#PED-7779 jsc#PED-7780 CVE-2023-54137 bsc#1256100). - Update patches.suse/virtio-vdpa-Fix-cpumask-memory-leak-in-virtio_.patch (bsc#1012628 CVE-2023-54215 bsc#1255957). - Update patches.suse/virtio_pmem-add-the-missing-REQ_OP_WRITE-for-flush-b.patch (git-fixes CVE-2023-54089 bsc#1256268). - Update patches.suse/virtio_vdpa-build-affinity-masks-conditionally.patch (git-fixes CVE-2023-54008 bsc#1255630). - Update patches.suse/wifi-ath11k-Add-missing-hw_ops-get_ring_selecto.patch (bsc#1012628 CVE-2023-54141 bsc#1256094). - Update patches.suse/wifi-ath11k-fix-peer-HE-MCS-assignment.patch (git-fixes CVE-2025-68380 bsc#1255580). - Update patches.suse/wifi-ath11k-fix-registration-of-6Ghz-only-phy-w.patch (bsc#1012628 CVE-2023-54229 bsc#1255924). - Update patches.suse/wifi-ath12k-Fix-memory-leak-in-rx_desc-and-tx_desc.patch (git-fixes CVE-2023-54016 bsc#1256279). - Update patches.suse/wifi-ath9k-avoid-referencing-uninit-memory-in-a.patch (bsc#1012628 CVE-2023-54300 bsc#1255790). - Update patches.suse/wifi-brcmfmac-fix-crash-while-sending-Action-Frames-.patch (git-fixes CVE-2025-40321 bsc#1254795). - Update patches.suse/wifi-cfg80211-ocb-don-t-leave-if-not-joined.patch (git-fixes CVE-2023-53992 bsc#1256058). - Update patches.suse/wifi-mt76-mt7921-fix-skb-leak-by-txs-missing-i.patch (bsc#1012628 CVE-2023-54052 bsc#1256387). - Update patches.suse/wifi-mwifiex-fix-memory-leak-in-mwifiex_histogram_re.patch (git-fixes CVE-2023-53808 bsc#1254723). - Update patches.suse/wifi-rsi-Do-not-configure-WoWlan-in-shutdown-ho.patch (bsc#1012628 CVE-2023-54025 bsc#1255558). - Update patches.suse/wifi-rtl818x-Fix-potential-memory-leaks-in-rtl8180_i.patch (git-fixes CVE-2025-68759 bsc#1255934). - Update patches.suse/wifi-rtl818x-rtl8187-Fix-potential-buffer-underflow-.patch (git-fixes CVE-2025-68362 bsc#1255611). - Update patches.suse/x86-CPU-AMD-Add-RDSEED-fix-for-Zen5.patch (git-fixes CVE-2025-68313 bsc#1255415). - Update patches.suse/x86-CPU-AMD-Add-missing-terminator-for-zen5_rdseed_microco.patch (git-fixes CVE-2025-68195 bsc#1255259). - Update patches.suse/x86-hyperv-Disable-IBT-when-hypercall-page-lac.patch (bsc#1012628 CVE-2023-54172 bsc#1256033). - Update patches.suse/x86-sev-Make-enc_dec_hypercall-accept-a-size-instead-of-npages (bsc#1214635 CVE-2023-53996 bsc#1255618). - Update patches.suse/xen-speed-up-grant-table-reclaim.patch (bsc#1012628 CVE-2023-54081 bsc#1256361). - Update patches.suse/xfrm-also-call-xfrm_state_delete_tunnel-at-destroy-time-fo.patch (CVE-2025-40215 bsc#1254959 CVE-2025-40256 bsc#1254851). - commit c2db288 - Update patches.suse/exfat-fix-refcount-leak-in-exfat_find.patch (CVE-2025-40287 bsc#1255030 CVE-2025-68351 bsc#1255567). - Update patches.suse/net-enetc-fix-the-deadlock-of-enetc_mdio_lock.patch (CVE-2025-40337 bsc#1255081 CVE-2025-40347 bsc#1255262). - commit 8022326 ++++ kernel-firmware: - Update AMD ucode to 20251203 (bsc#1256483) ++++ net-snmp: - Fix snmptrapd buffer overflow (bsc#1255491, CVE-2025-68615). Add net-snmp-5.9.4-fix-out-of-bounds-trapOid-access.patch ------------------------------------------------------------------ ------------------ 2026-1-11 - Jan 11 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - docs: ABI: sysfs-devices-soc: Fix swapped sample values (git-fixes). - commit 208252e ++++ util-linux-systemd: - Fix heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666, CVE-2025-14104, util-linux-CVE-2025-14104-1.patch, util-linux-CVE-2025-14104-2.patch). ++++ util-linux: - Fix heap buffer overread in setpwnam() when processing 256-byte usernames (bsc#1254666, CVE-2025-14104, util-linux-CVE-2025-14104-1.patch, util-linux-CVE-2025-14104-2.patch). ++++ libzypp: - zypp.conf: follow the UAPI configuration file specification (PED-14658) In short terms it means we will no longer ship an /etc/zypp/zypp.conf, but store our own defaults in /usr/etc/zypp/zypp.conf. The systems administrator may choose to keep a full copy in /etc/zypp/zypp.conf ignoring our config file settings completely, or - the preferred way - to overwrite specific settings via /etc/zypp/zypp.conf.d/*.conf overlay files. See the ZYPP.CONF(5) man page for details. - cmake: correctly detect rpm6 (fixes #689) - Use 'zypp.tmp' as temp directory component to ease setting up SELinux policies (bsc#1249435) - zyppng: Update Provider to current MediaCurl2 download approach, drop Metalink ( fixes #682 ) - version 17.38.0 (35) ------------------------------------------------------------------ ------------------ 2026-1-10 - Jan 10 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - gpio: rockchip: mark the GPIO controller as sleeping (git-fixes). - drm/pl111: Fix error handling in pl111_amba_probe (git-fixes). - crypto: qat - fix duplicate restarting msg during AER error (git-fixes). - commit db7c5b1 ------------------------------------------------------------------ ------------------ 2026-1-9 - Jan 9 2026 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fixed ramdisk sysroot generator Do not use a custom _dev name and stick with the UUID representation of the disk image in RAM after deployment. Former versions of udev did not create a by-uuid device representation which now seems to have changed. This then leads to the device name RamDisk_rootfs not being created the and respective .device unit times out. In addition the timer unit for the standard device representation changed to infinity. This fixes bsc#1254116 ++++ kernel-default: - cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082, CVE-2025-40268). - commit 1547549 - ext4: wait for ongoing I/O to complete before freeing blocks (bsc#1256366). - commit 73f54be - selftests/bpf: Add test to verify freeing the special fields in pcpu maps (CVE-2025-68744 bsc#1255709). - commit 7a07150 - bpf: Free special fields when update [lru_,]percpu_hash maps (CVE-2025-68744 bsc#1255709). - commit 5246440 - pmdomain: arm: scmi: Fix genpd leak on provider registration failure (CVE-2025-68204 bsc#1255224). - commit 51ed7f6 - wifi: mac80211: restore non-chanctx injection behaviour (git-fixes). - pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping (git-fixes). - wifi: avoid kernel-infoleak from struct iw_point (git-fixes). - atm: Fix dma_free_coherent() size (git-fixes). - net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes). - net: wwan: iosm: Fix memory leak in ipc_mux_deinit() (git-fixes). - HID: quirks: work around VID/PID conflict for appledisplay (git-fixes). - ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4i_spdif_quirks (git-fixes). - ALSA: ac97: fix a double free in snd_ac97_controller_register() (git-fixes). - commit 31818ae - binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272 CVE-2025-68239). - commit 40d7043 - fs/proc: fix uaf in proc_readdir_de() (bsc#1255297 CVE-2025-40271). - commit e033d9a - ext4: refresh inline data size before write operations (bsc#1255380 CVE-2025-68264). - commit eb0de51 - ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623 CVE-2025-40190). - commit 7ad9fff - KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (CVE-2025-68259 bsc#1255199). - commit bca135e ++++ libtasn1: - Security fix: [bsc#1256341, CVE-2025-13151] * Stack-based buffer overflow. The function asn1_expend_octet_string() fails to validate the size of input data resulting in a buffer overflow. * Add libtasn1-CVE-2025-13151.patch ------------------------------------------------------------------ ------------------ 2026-1-8 - Jan 8 2026 ------------------- ------------------------------------------------------------------ ++++ SL-Micro-release: - fix issue generator.conf bsc#1256098 ++++ gpg2: - Security fix: [bsc#1255715, CVE-2025-68973] (gpg.fail/memcpy) * gpg: Fix possible memory corruption in the armor parser [T7906] * Add gnupg-CVE-2025-68973.patch - Security fix: [bsc#1256246] (gpg.fail/sha1) * gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures [T7904] * Add gnupg-gpg-Avoid-potential-downgrade-to-SHA1-in-3rd-party-keysig.patch - Security fix: [bsc#1256244] (gpg.fail/detached) * gpg: Error out on unverified output for non-detached signatures [T7903] * Add gnupg-gpg-Error-out-on-unverified-output-for-non-detached-signatures.patch - Security fix: [bsc#1256243] * gpg2 agent: Fix a memory leak * Add patch gnupg-agent-memleak.patch - Security fix: [bsc#1256390] (gpg.fail/notdash) * gpg2: Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG * Add patch gnupg-notdash-escape.patch ++++ kernel-default: - smb: client: introduce close_cached_dir_locked() (git-fixes). - commit f4f985c - smb: client: fix potential UAF in smb2_close_cached_fid() (CVE-2025-40328 bsc#1254624). - commit e0eb1d9 - cifs: after disabling multichannel, mark tcon for reconnect (git-fixes). - Refresh patches.suse/cifs-cifs_chan_is_iface_active-should-be-called-with-chan_lock-held.patch. - Refresh patches.suse/cifs-handle-cases-where-multiple-sessions-share-connection.patch. - Refresh patches.suse/smb-client-fix-UAF-in-smb2_reconnect_server-.patch. - commit 5105d2e - cifs: fix a pending undercount of srv_count (git-fixes). - Refresh patches.suse/cifs-make-sure-that-channel-scaling-is-done-only-once.patch. - commit f2eddbf - cifs: fix lock ordering while disabling multichannel (git-fixes). - commit 897a8e5 - arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (CVE-2025-40346 bsc#1255318) - commit 24256b7 - net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (CVE-2025-40278 bsc#1254825). - commit 34ab5ba - bpf: Fix stackmap overflow check in __bpf_get_stackid() (CVE-2025-68378 bsc#1255614). - commit f957faa - bpf: Refactor stack map trace depth calculation into helper function (CVE-2025-68378 bsc#1255614). - commit 89dceec ++++ libsodium: - Security fix: [bsc#1256070, CVE-2025-15444, bsc#1255764, CVE-2025-69277] * check Y==Z in addition to X==0 * Add patch libsodium-CVE-2025-15444.patch ++++ libsoup: - Refresh libsoup-CVE-2025-14523.patch: Follow the update of upstream (bsc#1254876, CVE-2025-14523, glgo#GNOME/libsoup!491). ------------------------------------------------------------------ ------------------ 2026-1-7 - Jan 7 2026 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fix: [bsc#1256105, CVE-2025-14017] * call ldap_init() before setting the options * Add patch curl-CVE-2025-14017.patch ++++ kernel-default: - cifs: make sure server interfaces are requested only for SMB3+ (git-fixes). - Refresh patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch. - commit 850b9c8 - iommufd: Don't overflow during division for dirty tracking (CVE-2025-40293 bsc#1255179). - commit 8fb40bc ++++ rust-keylime: - Use tmpfiles.d for /var directories (PED-14736) + tmpfiles.keylime renamed to rust-keylime.conf and extended - Update to version 0.2.8+96: * build(deps): bump wiremock from 0.6.4 to 0.6.5 * build(deps): bump actions/checkout from 5 to 6 * build(deps): bump chrono from 0.4.41 to 0.4.42 * packit: Get coverage from Fedora 43 runs * Fix issues pointed out by clippy * Replace mutex unwraps with proper error handling in TPM library * Remove unused session request methods from StructureFiller * Fix config panic on missing ek_handle in push model agent * build(deps): bump tempfile from 3.21.0 to 3.23.0 * build(deps): bump actions/upload-artifact from 4 to 6 (#1163) * Fix clippy warnings project-wide * Add KEYLIME_DIR support for verifier TLS certificates in push model agent * Thread privileged resources and use MeasurementList for IMA reading * Add privileged resource initialization and privilege dropping to push model agent * Fix privilege dropping order in run_as() * add documentation on FQDN hostnames * Remove confusing logs for push mode agent * Set correct default Verifier port (8891->8881) (#1159) * Add verifier_url to reference configuration file (#1158) * Add TLS support for Registrar communication (#1139) * Fix agent handling of 403 registration responses (#1154) * Add minor README.md rephrasing (#1151) * build(deps): bump actions/checkout from 5 to 6 (#1153) * ci: update spec files for packit COPR build * docs: improve challenge encoding and async TPM documentation * refactor: improve middleware and error handling * feat: add authentication client with middleware integration * docker: Include keylime_push_model_agent binary * Include attestation_interval configuration (#1146) * Persist payload keys to avoid attestation failure on restart * crypto: Implement the load or generate pattern for keys * Use simple algorithm specifiers in certification_keys object (#1140) * tests: Enable more tests in CI * Fix RSA2048 algorithm reporting in keylime agent * Remove disabled_signing_algorithms configuration * rpm: Fix metadata patches to apply to current code * workflows/rpm.yml: Use more strict patching * build(deps): bump uuid from 1.17.0 to 1.18.1 * Fix ECC algorithm selection and reporting for keylime agent * Improve logging consistency and coherency * Implement minimal RFC compliance for Location header and URI parsing (#1125) * Use separate keys for payload mechanism and mTLS * docker: update rust to 1.81 for distroless Dockerfile * Ensure UEFI log capabilities are set to false * build(deps): bump http from 1.1.0 to 1.3.1 * build(deps): bump log from 0.4.27 to 0.4.28 * build(deps): bump cfg-if from 1.0.1 to 1.0.3 * build(deps): bump actix-rt from 2.10.0 to 2.11.0 * build(deps): bump async-trait from 0.1.88 to 0.1.89 * build(deps): bump trybuild from 1.0.105 to 1.0.110 * Accept evidence handling structures null entries * workflows: Add test to check if RPM patches still apply * CI: Enable test add-agent-with-malformed-ek-cert * config: Fix singleton tests * FSM: Remove needless lifetime annotations (#1105) * rpm: Do not remove wiremock which is now available in Fedora * Use latest Fedora httpdate version (1.0.3) * Enhance coverage with parse_retry_after test * Fix issues reported by CI regarding unwrap() calls * Reuse max retries indicated to the ResilientClient * Include limit of retries to 5 for Retry-After * Add policy to handle Retry-After response headers * build(deps): bump wiremock from 0.6.3 to 0.6.4 * build(deps): bump serde_json from 1.0.140 to 1.0.143 * build(deps): bump pest_derive from 2.8.0 to 2.8.1 * build(deps): bump syn from 2.0.90 to 2.0.106 * build(deps): bump tempfile from 3.20.0 to 3.21.0 * build(deps): bump thiserror from 2.0.12 to 2.0.16 * rpm: Fix patches to apply to current master code * build(deps): bump anyhow from 1.0.98 to 1.0.99 * state_machine: Automatically clean config override during tests * config: Implement singleton and factory pattern * testing: Support overriding configuration during tests * feat: implement standalone challenge-response authentication module * structures: rename session structs for clarity and fix typos * tpm: refactor certify_credential_with_iak() into a more generic function * Add Push Model Agent Mermaid FSM chart (#1095) * Add state to avoid exiting on wrong attestation (#1093) * Add 6 alphanumeric lowercase X-Request-ID header * Enhance Evidence Handling response parsing * build(deps): bump quote from 1.0.35 to 1.0.40 * build(deps): bump libc from 0.2.172 to 0.2.175 * build(deps): bump glob from 0.3.2 to 0.3.3 * build(deps): bump actix-web from 4.10.2 to 4.11.0 ++++ selinux-policy: - Update to version 20241031+git17.66062d7a5: * rsync: add rsync_exec_commands boolean and enable it by default (bsc#1231494, bsc#1255372) ------------------------------------------------------------------ ------------------ 2026-1-6 - Jan 6 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251 bsc#1254856). - commit 07d80e9 - Refresh patches.suse/cifs-do-not-disable-interface-polling-on-failure.patch. - Refresh patches.suse/cifs-make-sure-server-interfaces-are-requested-only-for-SMB3-.patch. - commit 4e4929f - cifs: reset iface weights when we cannot find a candidate (git-fixes). - commit a4fc567 - cifs: make cifs_chan_update_iface() a void function (git-fixes). - Refresh patches.suse/cifs-reduce-warning-log-level-for-server-not-advertising-interfaces.patch. - commit d2b9424 - smb: client: fix warning when reconnecting channel (git-fixes). - commit 87ea733 - cifs: do not disable interface polling on failure (git-fixes). - commit 40cfdea - cifs: deal with the channel loading lag while picking channels (git-fixes). - commit 979af19 - cifs: handle when server stops supporting multichannel (git-fixes). - Refresh patches.suse/cifs-cifs_chan_is_iface_active-should-be-called-with-chan_lock-held.patch. - Refresh patches.suse/cifs-handle-cases-where-multiple-sessions-share-connection.patch. - Refresh patches.suse/smb-client-fix-UAF-in-smb2_reconnect_server-.patch. - Refresh patches.suse/smb-client-get-rid-of-nlsc-param-in-cifs_tree_connect-.patch. - commit c8dfa59 - cifs: make sure that channel scaling is done only once (git-fixes). - commit 3175d69 - cifs: handle when server starts supporting multichannel (git-fixes). - commit cc5563a - cifs: dns resolution is needed only for primary channel (git-fixes). - commit b750bd0 - cifs: update dstaddr whenever channel iface is updated (git-fixes). - commit 87415ee - cifs: reset connections for all channels when reconnect requested (git-fixes). - commit 506f274 - mptcp: fix race condition in mptcp_schedule_work() (CVE-2025-40258 bsc#1254843). - commit 664f157 ++++ libsoup: - Add libsoup-CVE-2025-14523.patch: Reject duplicated Host in headers (bsc#1254876, CVE-2025-14523, glgo#GNOME/libsoup!490). ------------------------------------------------------------------ ------------------ 2026-1-5 - Jan 5 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - bs-upload-kernel: Fix cve branch uploads - commit 2716d28 - team: Move team device type change at the end of team_port_add (CVE-2025-68340 bsc#1255507). - net/mlx5: Clean up only new IRQ glue on request_irq() failure (CVE-2025-40250 bsc#1254854). - net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (CVE-2025-40252 bsc#1254849). - net: enetc: fix the deadlock of enetc_mdio_lock (CVE-2025-40337 bsc#1255081). - net: stmmac: Correctly handle Rx checksum offload errors (CVE-2025-40337 bsc#1255081). - commit 3ae940f - staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (CVE-2025-68255 bsc#1255395). - commit d962eb4 - ASoC: Intel: avs: Do not share the name pointer between components (CVE-2025-40338 bsc#1255273). - commit 968173c - drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (CVE-2025-40289 bsc#1255042). - commit ff414f2 - scripts: teaapi: Add paging - commit dfea5bd - scrits: teaapi: Add list_repos - commit 83fa609 - net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (CVE-2025-40279 bsc#1254846). - commit 9f73fa4 - scripts: bs-upload-kernel: do not create the IGNORE-KABI-BADNESS file There is a tar-up option that creates it. bs-upload-kernel should only set the ignore_kabi_badness macro in prjconf. - commit 1bc75ca - usb: phy: isp1301: fix non-OF device reference imbalance (git-fixes). - usb: gadget: lpc32xx_udc: fix clock imbalance in error path (git-fixes). - commit 4724dd4 - platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic (git-fixes). - platform/x86: msi-laptop: add missing sysfs_remove_group() (git-fixes). - platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names (git-fixes). - wifi: mac80211: do not use old MBSSID elements (git-fixes). - wifi: cfg80211: sme: store capped length in __cfg80211_connect_result() (git-fixes). - wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() (git-fixes). - wifi: rtw88: limit indirect IO under powered off for RTL8822CS (git-fixes). - smc91x: fix broken irq-context in PREEMPT_RT (git-fixes). - usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe (git-fixes). - USB: lpc32xx_udc: Fix error handling in probe (git-fixes). - usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc() (git-fixes). - usb: dwc3: keep susphy enabled during exit to avoid controller faults (git-fixes). - spi: fsl-cpm: Check length parity before switching to 16 bit mode (git-fixes). - PM: runtime: Do not clear needs_force_resume with enabled runtime PM (git-fixes). - nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() (git-fixes). - commit 29120de - sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240 bsc#1254869). - commit 7732dc5 - net: rose: fix invalid array index in rose_kill_by_device() (git-fixes). - net: usb: sr9700: fix incorrect command used to write single register (git-fixes). - net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write (git-fixes). - net: usb: rtl8150: fix memory leak on usb_submit_urb() failure (git-fixes). - net: mdio: aspeed: add dummy read to avoid read-after-write issue (git-fixes). - Input: ti_am335x_tsc - fix off-by-one error in wire_order validation (git-fixes). - Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes). - mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig (git-fixes). - commit 0ed2427 - drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer (git-fixes). - drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb (git-fixes). - Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes). - idr: fix idr_alloc() returning an ID out of range (git-fixes). - genalloc.h: fix htmldocs warning (git-fixes). - crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (git-fixes). - firewire: nosy: Fix dma_free_coherent() size (git-fixes). - drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes). - ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes). - ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path (git-fixes). - ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes). - hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes). - hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes). - drm/panel: sony-td4353-jdi: Enable prepare_prev_first (git-fixes). - ACPI: PCC: Fix race condition by removing static qualifier (git-fixes). - ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes). - can: j1939: make j1939_sk_bind() fail if device is no longer registered (git-fixes). - can: gs_usb: gs_can_open(): fix error handling (git-fixes). - broadcom: b44: prevent uninitialized value usage (git-fixes). - commit bf82bcb ++++ libpcap: - Security fix: [bsc#1255765, CVE-2025-11961] * Fix out-of-bound-write and out-of-bound-read in pcap_ether_aton() due to missing validation of provided MAC-48 address string * Add libpcap-CVE-2025-11961.patch ------------------------------------------------------------------ ------------------ 2026-1-3 - Jan 3 2026 ------------------- ------------------------------------------------------------------ ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to version 580.126.09 (boo#1255858) ------------------------------------------------------------------ ------------------ 2026-1-2 - Jan 2 2026 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fixes: * [bsc#1255731, CVE-2025-14524] if redirected, require permission to use bearer * [bsc#1255734, CVE-2025-15224] require private key or user-agent for public key auth * [bsc#1255732, CVE-2025-14819] toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache * [bsc#1255733, CVE-2025-15079] set both knownhosts options to the same file * Add patches: - curl-CVE-2025-14524.patch - curl-CVE-2025-15224.patch - curl-CVE-2025-14819.patch - curl-CVE-2025-15079.patch ++++ kernel-default: - exfat: validate cluster allocation bits of the allocation bitmap (CVE-2025-40307 bsc#1255039). - commit 61971f7 - exfat: using hweight instead of internal logic (git-fixes). - commit 18b7ccc - powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496). - commit 8505ec5 ------------------------------------------------------------------ ------------------ 2026-1-1 - Jan 1 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Branch maintainers was auto-merged from SLE15-SP6-LTSS. Restore to SP7 maintainers per ML discussion at: https://mailman.suse.de/mlarch/SuSE/kernel/2025/kernel.2025.12/msg00127.html https://mailman.suse.de/mlarch/SuSE/kernel/2025/kernel.2025.12/msg00134.html - commit ca6d40d ------------------------------------------------------------------ ------------------ 2025-12-31 - Dec 31 2025 ------------------- ------------------------------------------------------------------ ++++ fde-tools: - Add fde-tools.conf to create /var/log/fde with tmpfiles.d (jsc#PED-14754) ++++ kernel-default: - tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (CVE-2025-40042 bsc#1252861). - commit ee6a745 ------------------------------------------------------------------ ------------------ 2025-12-30 - Dec 30 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - README.BRANCH: SLE15-SP6 became LTSS, update maintainers - commit f86184e ------------------------------------------------------------------ ------------------ 2025-12-29 - Dec 29 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026). - commit 2c42ea1 - fs: dlm: allow to F_SETLKW getting interrupted (bsc#1255025). - commit c5ce147 - selftests/bpf: Add test case for different expected_attach_type (CVE-2025-40123 bsc#1253365). - commit a20378c - kABI workaround for bpf: Enforce expected_attach_type for tailcall compatibility (CVE-2025-40123 bsc#1253365). - commit b3b5837 - bpf: Enforce expected_attach_type for tailcall compatibility (CVE-2025-40123 bsc#1253365). Refresh patches.kabi/bpf-struct-bpf_map-workaround.patch. - commit 4229239 ------------------------------------------------------------------ ------------------ 2025-12-23 - Dec 23 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - exfat: fix refcount leak in exfat_find (CVE-2025-40287 bsc#1255030). - commit 8d74fe6 - exfat: fix improper check of dentry.stream.valid_size (CVE-2025-40287 bsc#1255030). - commit 6d6e321 - exfat: add a check for invalid data size (git-fixes). - commit 2af7089 - selftests/bpf: Test widen_imprecise_scalars() with different stack depth (CVE-2025-68208 bsc#1255227). - commit 7bc82c5 - bpf: account for current allocated stack depth in widen_imprecise_scalars() (CVE-2025-68208 bsc#1255227). - commit 59eb6d6 - gfs2: Fix unlikely race in gdlm_put_lock (CVE-2025-40242 bsc#1255075). - commit c371711 ++++ capstone: - fix bsc#1255309 (CVE-2025-67873) Patch added: * fix-unchecked-lenght-cbef76.patch ------------------------------------------------------------------ ------------------ 2025-12-22 - Dec 22 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - selftests/bpf: Skip timer cases when bpf_timer is not supported (git-fixes). - commit c865cf8 - bpf: Reject bpf_timer for PREEMPT_RT (git-fixes). - commit 4c49578 - bpf: Sync pending IRQ work before freeing ring buffer (CVE-2025-40319 bsc#1254794). - commit d39f398 - netfilter: nft_ct: add seqadj extension for natted connections (CVE-2025-68206 bsc#1255142). - commit 85cf637 - sctp: Prevent TOCTOU out-of-bounds write (CVE-2025-40331 bsc#1254615). - commit a261090 - net: bridge: fix use-after-free due to MST port state bypass (CVE-2025-40297 bsc#1255187). - commit 551613c ++++ qemu: - More spec file cleanup: * [openSUSE][RPM} spec: delete old specfile constructs ------------------------------------------------------------------ ------------------ 2025-12-21 - Dec 21 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ocfs2: clear extent cache after moving/defragmenting extents (CVE-2025-40233 bsc#1254813). - commit 2e6aaae - net: use dst_dev_rcu() in sk_setup_caps() (CVE-2025-40170 bsc#1253413). - commit 7607c99 - ipv6: use RCU in ip6_output() (CVE-2025-40158 bsc#1253402). - ipv6: use RCU in ip6_xmit() (CVE-2025-40135 bsc#1253342). - ipv6: use RCU in ip6_output() (CVE-2025-40158 bsc#1253402). - ipv6: use RCU in ip6_xmit() (CVE-2025-40135 bsc#1253342). - commit c7716e0 ------------------------------------------------------------------ ------------------ 2025-12-19 - Dec 19 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tipc: Fix use-after-free in tipc_mon_reinit_self() (CVE-2025-40280 bsc#1254847). - commit 293c735 - virtio-net: fix received length check in big packets (bsc#1255175, CVE-2025-40292). - commit 640f7af - vsock: Ignore signal/timeout on connect() if already established (CVE-2025-40248, bsc#1254864). - commit 76e0cd6 - vsock: fix lock inversion in vsock_assign_transport() (CVE-2025-40231, bsc#1254815). - commit f20ceef - xen/events: Return -EEXIST for bound VIRQs (CVE-2025-40160, bsc#1253400). - commit a401c8b - xen/events: Cleanup find_virq() return codes (CVE-2025-40160, bsc#1253400). - commit 3a48f4b ++++ capstone: - Fix bsc#1255310 (CVE-2025-68114) Patch added: * fix-buffer-overflow-2c7797.patch ------------------------------------------------------------------ ------------------ 2025-12-18 - Dec 18 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added (CVE-2025-40215 bsc#1254959). - commit ae22a6c - xfrm: delete x->tunnel as we delete x (CVE-2025-40215 bsc#1254959). - commit 13f0f1f - kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959 CVE-2025-40215). - commit 63a872c - cifs: Fix copy offload to flush destination region (bsc#1252511). - commit 5ef1ba0 ++++ python311-core: - Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400, CVE-2025-13836) to prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length. - Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic behavior in node ID cache clearing (CVE-2025-12084, bsc#1254997). - Add CVE-2025-13837-plistlib-mailicious-length.patch protect against OOM when loading malicious content (CVE-2025-13837, bsc#1254401). ++++ python311: - Add CVE-2025-13836-http-resp-cont-len.patch (bsc#1254400, CVE-2025-13836) to prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length. - Add CVE-2025-12084-minidom-quad-search.patch prevent quadratic behavior in node ID cache clearing (CVE-2025-12084, bsc#1254997). - Add CVE-2025-13837-plistlib-mailicious-length.patch protect against OOM when loading malicious content (CVE-2025-13837, bsc#1254401). ++++ qemu: - We *always* want a display driver in x86 too: * [openSUSE][RPM] spec: require qemu-hw-display-virtio-gpu-pci for x86 too ------------------------------------------------------------------ ------------------ 2025-12-17 - Dec 17 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - cifs: Fix flushing, invalidation and file size with copy_file_range() (bsc#1252511). - commit 957492b - KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (CVE-2025-40274, bsc#1254830). - commit 539aace ------------------------------------------------------------------ ------------------ 2025-12-16 - Dec 16 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Move upstreamed ath12k patch into sorted section - commit fa80682 - Move upstreamed SCSI patches into sorted section - commit 8ea340d - futex: Prevent use-after-free during requeue-PI (CVE-2025-39977 bsc#1252046). - commit 3062182 ++++ qemu: - Bug and CVE fixes: * [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286) * net: pad packets to minimum length in qemu_receive_packet() (bsc#1253002, CVE-2025-12464) ++++ rsync: - Security update (CVE-2025-10158, bsc#1254441): rsync: Out of bounds array access via negative index - Add rsync-CVE-2025-10158.patch ++++ selinux-policy: - Update to version 20241031+git15.e32e86fd5: * Add a new type for systemd-ssh-issue PID files (bsc#1254889) * Label /usr/lib/systemd/systemd-ssh-issue with systemd_ssh_issue_exec_t (bsc#1254889) ++++ shim: - shim-install: Add ca_string for SL Micro to update fallback loader The fallback loader, /boot/efi/EFI/BOOT/bootaa64.efi or bootx64.efi, cannot be upgraded by shim-install on SL Micro. The issue case is SL Micro 6.0. It causes that system gets regression bug because it's fallback to a old shim. So this patch adds ca_string to SL Micro. (bsc#1254336) ------------------------------------------------------------------ ------------------ 2025-12-15 - Dec 15 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE (git-fixes). - commit 808d009 - usb: typec: ucsi: psy: Set max current to zero when disconnected (git-fixes). - commit de6f0cd - USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes). - USB: serial: option: add Quectel RG255C (stable-fixes). - USB: serial: option: add UNISOC UIS7720 (stable-fixes). - usb: dwc3: Abort suspend on soft disconnect failure (git-fixes). - usb: chipidea: udc: limit usb request length to max 16KB (stable-fixes). - commit 15d4d36 - usb: raw-gadget: do not limit transfer length (git-fixes). - usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes). - usb: typec: tipd: Clear interrupts first (git-fixes). - usb: udc: Add trace event for usb_gadget_set_state (stable-fixes). - usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes). - commit c4f787c - Correct USB typec tcpm patches In upstream backports, changes were applied to wrong places (sink instead of source). In the stable upstream, it was corrected in a commit d967f6ae3149, but we fold the corrections in each patch, instead. Refreshed: patches.suse/usb-typec-tcpm-fix-use-after-free-case-in-tcpm_regis.patch patches.suse/usb-typec-tcpm-unregister-existing-source-caps-befor.patch - commit 55aaa8f - x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap() (git-fixes). - commit 4dc2ee9 ++++ systemd: - Import commit 9ecd16228492f44212e2771bec11ec78245b4094 9ecd162284 timer: rebase last_trigger timestamp if needed cd4a9103ef timer: rebase the next elapse timestamp only if timer didn't already run c3f4407e97 timer: don't run service immediately after restart of a timer (bsc#1254563) 05bcfe3295 test: check the next elapse timer timestamp after deserialization fe8f656975 test: restarting elapsed timer shouldn't trigger the corresponding service e4dd315b6c units: don't force the loading of the loop and dm_mod modules in systemd-repart.service (bsc#1248356) b58e72215a units: add dep on systemd-logind.service by user@.service 97ceca445c detect-virt: add bare-metal support for GCE (bsc#1244449 - Sync systemd-update-helper with the version shipped in Base:System This includes the following changes: - systemd-update-helper: do not stop or disable services when they are migrated to other packages. This can occur during package renaming or splitting. - systemd-update-helper: Fix invalid use of "break" in case statement - systemd-update-helper: fix regression introduced when support for package renaming/splitting was added (bsc#1245551) - systemd-update-helper: backport commit 2d0af8bc354f4a1429ce Since user@.service has `Type=notify-reload` (making the reloading process synchronous) and reloading implies reexecuting with `ReloadSignal=RTMIN+25`, reexecuting user managers synchronously can be achieved with `systemctl reload user@*.service" now. ++++ python-tornado6: - Add security patches: * CVE-2025-67724.patch (bsc#1254903) * CVE-2025-67725.patch (bsc#1254905) * CVE-2025-67726.patch (bsc#1254904) ++++ shim: - Add DER format certificate files for the pretrans script to verify that the necessary certificate is in the UEFI db - openSUSE Secure Boot CA, 2013-2035 openSUSE_Secure_Boot_CA_2013.crt - SUSE Linux Enterprise Secure Boot CA, 2013-2035 SUSE_Linux_Enterprise_Secure_Boot_CA_2013.crt - Microsoft Corporation UEFI CA 2011, 2011-2026 Microsoft_Corporation_UEFI_CA_2011.crt - Microsoft UEFI CA 2023, 2023-2038 Microsoft_UEFI_CA_2023.crt - shim.spec: Add a pretrans script to verify that the necessary certificate is in the UEFI db. - Always put SUSE Linux Enterprise Secure Boot CA to target array. (bsc#1254679) ------------------------------------------------------------------ ------------------ 2025-12-14 - Dec 14 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() (git-fixes). - drm/mgag200: Fix big-endian support (git-fixes). - drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes). - drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes). - rtc: gamecube: Check the return value of ioremap() (git-fixes). - commit 4a0695a ------------------------------------------------------------------ ------------------ 2025-12-13 - Dec 13 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes). - ASoC: ak5558: Disable regulator when error happens (git-fixes). - ASoC: ak4458: Disable regulator when error happens (git-fixes). - ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes). - ALSA: uapi: Fix typo in asound.h comment (git-fixes). - ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes). - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() (git-fixes). - commit 203c44f ------------------------------------------------------------------ ------------------ 2025-12-12 - Dec 12 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458 CVE-2025-40167). - commit 18e6218 - ext4: align max orphan file size with e2fsprogs limit (bsc#1253442 CVE-2025-40179). - commit 7ae82ce - ext4: free orphan info with kvfree (bsc#1253442 CVE-2025-40179). - commit a10c019 - ext4: verify orphan file size is not too big (bsc#1253442 CVE-2025-40179). - commit 6c1724d - Revert "ipmi: fix msg stack when IPMI is disconnected" (bsc#1253622 CVE-2025-40192) - commit 33bdbac ++++ shim: - Update to 16.1 - RPMs shim-16.1-150300.4.31.1.x86_64.rpm shim-debuginfo-16.1-150300.4.31.1.x86_64.rpm shim-debugsource-16.1-150300.4.31.1.x86_64.rpm shim-16.1-150300.4.31.1.aarch64.rpm shim-debuginfo-16.1-150300.4.31.1.aarch64.rpm shim-debugsource-16.1-150300.4.31.1.aarch64.rpm - submitreq: https://build.suse.de/request/show/395247 - repo: https://build.suse.de/package/show/SUSE:Maintenance:39913/shim.SUSE_SLE-15-SP3_Update - Patches (git log --oneline --reverse 16.0..16.1) 4040ec4 shim_start_image(): fix guid/handle pairing when uninstalling protocols 39c0aa1 str2ip6(): parsing of "uncompressed" ipv6 addresses 3133d19 test-mock-variables: make our filter list entries safer. d44405e mock-variables: remove unused variable 0e8459f Update CI to use ubuntu-24.04 instead of ubuntu-20.04 d16a5a6 SbatLevel_Variable.txt: minor typo fix. 32804cf Realloc() needs one more byte for sprintf() 431d370 IPv6: Add more check to avoid multiple double colon and illegal char 5e4d93c Loader Proto: make freeing of bprop.buffer conditional. 33deac2 Prepare to move things from shim.c to verify.c 030e7df Move a bunch of stuff from shim.c to verify.c f3ddda7 handle_image(): make verification conditional 774f226 Cache sections of a loaded image and sub-images from them. eb0d20b loader-protocol: handle sub-section loading for UKIs 2f64bb9 loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages 1abc7ca loader-protocol: NULL output variable in load_image on failure fb77b44 Generate Authenticode for the entire PE file b86b909 README: mention new loader protocol and interaction with UKIs 8522612 ci: add mkosi configuration and CI 9ebab84 mkosi workflow: fix the branch name for main. 72a4c41 shim: change automatically enable MOK_POLICY_REQUIRE_NX a2f0dfa This is an organizational patch to move some things around in mok.c 54b9946 Update to the shim-16.1 branch of gnu-efi to get AsciiSPrint() a5a6922 get_max_var_sz(): add more debugging for apple platforms 77a2922 Add a "VariableInfo" variable to mok-variables. efc71c9 build: Avoid passing *FLAGS to sub-make 7670932 Fixes for 'make TOPDIR=... clean' 13ab598 add SbatLevel entry 2025051000 for PSA-2025-00012-1 617aed5 Update version to 16.1~rc1 d316ba8 format_variable_info(): fix wrong size test. f5fad0e _do_sha256_sum(): Fix missing error check. 3a9734d doc: add howto for running mkosi locally ced5f71 mkosi: remove spurious slashes from script 0076155 ci: update mkosi commit 5481105 fix http boot 121cddf loader-protocol: Handle UnloadImage after StartImage properly 6a1d1a9 loader-protocol: Fix memory leaks 27a5d22 gitignore: add more mkosi dirs and vscode dir 346ed15 mkosi: disable repository key check on Fedora afc4955 Update version to 16.1 - 16.1 release note https://github.com/rhboot/shim/releases shim_start_image(): fix guid/handle pairing when uninstalling protocols by @vathpela in #738 Fix uncompressed ipv6 netboot by @hrvach in #742 fix test segfaults caused by uninitialized memory by @Fabian-Gruenbichler in #739 Update CI to use ubuntu-24.04 instead of ubuntu-20.04 by @vathpela in #749 SbatLevel_Variable.txt: minor typo fix. by @vathpela in #751 Realloc() needs to allocate one more byte for sprintf() by @dennis-tseng99 in #746 IPv6: Add more check to avoid multiple double colon and illegal char by @dennis-tseng99 in #753 Loader proto v2 by @vathpela in #748 loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages by @bluca in #750 Generate Authenticode for the entire PE file by @esnowberg in #604 README: mention new loader protocol and interaction with UKIs by @bluca in #755 ci: add mkosi configuration and CI by @bluca in #764 shim: change automatically enable MOK_POLICY_REQUIRE_NX by @vathpela in #761 Save var info by @vathpela in #763 build: Avoid passing *FLAGS to sub-make by @rosslagerwall in #758 Fixes for 'make TOPDIR=... clean' by @bluca in #762 add SbatLevel entry 2025051000 for PSA-2025-00012-1 by @Fabian-Gruenbichler in #766 Coverity fixes 20250804 by @vathpela in #767 ci: fixlets and docs for mkosi workflow by @bluca in #768 fix http boot by @jsetje in #770 Fix double free and leak in the loader protocol by @rosslagerwall in #769 gitignore: add more mkosi dirs and vscode dir by @bluca in #771 - Drop upstreamed patch: The following patches are merged to 16.1 - shim-alloc-one-more-byte-for-sprintf.patch - 32804cf5d9 Realloc() needs one more byte for sprintf() [16.1] - shim-change-automatically-enable-MOK_POLICY_REQUIRE_NX.patch (bsc#1205588) - 72a4c41877 shim: change automatically enable MOK_POLICY_REQUIRE_NX [16.1] - Building MokManager.efi and fallback.efi with POST_PROCESS_PE_FLAGS=-n (bsc#1205588) - Building with the latest version of gcc in the codebase: - The gcc13 can workaround dxe_get_mem_attrs() hsi_status problem - We prefer that building shim with the latest version of gcc in codebase. - Set the minimum version is gcc-13. (bsc#1247432) - SLE shim should includes vendor-dbx-sles.esl instead of vendor-dbx-opensuse.esl. Fixed it in shim.spec. ++++ supportutils: - Changes to version 3.2.12 + Optimized lsof usage and honors OPTION_OFILES (bsc#1232351, PR#274) + Run in containers without errors (bsc#1245667, PR#272) + Removed pmap PID from memory.txt (bsc#1246011, PR#263) + Added missing /proc/pagetypeinfo to memory.txt (bsc#1246025, PR#264) + Improved database perforce with kGraft patching (bsc#1249657, PR#273) + Using last boot for journalctl for optimization (bsc#1250224, PR#287) + Fixed extraction failures (bsc#1252318, PR#275) + Update supportconfig.conf path in docs (bsc#1254425, PR#281) + drm_sub_info: Catch error when dir doesn't exist (PR#265) + Replace remaining `egrep` with `grep -E` (PR#261, PR#266) + Add process affinity to slert logs (PR#269) + Reintroduce cgroup statistics (and v2) (PR#270) + Minor changes to basic-health-check: improve information level (PR#271) + Collect important machine health counters (PR#276) + powerpc: collect hot-pluggable PCI and PHB slots (PR#278) + podman: collect podman disk usage (PR#279) + Exclude binary files in crondir (PR#282) + kexec/kdump: collect everything under /sys/kernel/kexec dir (PR#284) + Use short-iso for journalctl (PR#288) ------------------------------------------------------------------ ------------------ 2025-12-11 - Dec 11 2025 ------------------- ------------------------------------------------------------------ ++++ glib2: - Add CVE fixes: + glib2-CVE-2025-13601-1.patch, glib2-CVE-2025-13601-2.patch (bsc#1254297 CVE-2025-13601 glgo#GNOME/glib#3827). + glib2-CVE-2025-14087-1.patch, glib2-CVE-2025-14087-2.patch, glib2-CVE-2025-14087-3.patch (bsc#1254662 CVE-2025-14087 glgo#GNOME/glib#3834). + glib2-CVE-2025-14512.patch (bsc#1254878 CVE-2025-14512 glgo#GNOME/glib#3845). ++++ kernel-default: - kABI workaround for HCI_LE_ADV_0 addition (git-fixes). - commit 90a4a45 - Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes). - commit 02e48bb ++++ nvidia-open-driver-G06-signed: - readded kernel-6.18.patch still needed for cuda driver version 580.105.08 - update non-CUDA variant to version 580.119.02 (boo#1254801) ------------------------------------------------------------------ ------------------ 2025-12-10 - Dec 10 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes (git-fixes). - commit 8914d15 - i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes). - i2c: i2c.h: fix a bad kernel-doc line (git-fixes). - platform/x86: asus-wmi: use brightness_set_blocking() for kbd led (git-fixes). - commit 9bd979e ------------------------------------------------------------------ ------------------ 2025-12-9 - Dec 9 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256, CVE-2025-38728). - commit 8caf30e - spi: tegra210-quad: Check hardware status on timeout (bsc#1253155) - commit d031559 - spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155) - commit 82f1192 - spi: tegra210-quad: Fix timeout handling (bsc#1253155) - commit bd1de03 - spi: tegra210-qspi: Remove cache operations (git-fixes) - commit a5fab01 - spi: tegra210-quad: Add support for internal DMA (git-fixes) - commit 8c1e0cc - spi: tegra210-quad: Update dummy sequence configuration (git-fixes) - commit 8db7584 - Delete patches.suse/spi-tegra210-quad-Fix-timeout-handling.patch. It will reinserted as part of bsc#1253155 update request. - commit aed40ae - smb: Log an error when close_all_cached_dirs fails (bsc#1246328, CVE-2025-38321). - commit a8a838a - arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes) - commit 056601e - arm64: zynqmp: Fix usb node drive strength and slew rate (git-fixes) - commit 10b4884 - wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (CVE-2025-39890 bsc#1250334). - commit 51d9ba6 - dm-verity: fix unreliable memory allocation (git-fixes). - commit 811cec6 - ipmi: Fix handling of messages with provided receive message pointer (git-fixes). - commit 2e987f2 - ipmi: Rework user message limit handling (git-fixes). - commit 4cbb961 - mm/hugetlb: fix folio is still mapped when deleted (CVE-2025-40006 bsc#1252342). - commit e2e7e3b - hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes). - pinctrl: stm32: fix hwspinlock resource leak in probe function (git-fixes). - phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe() (git-fixes). - phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes). - commit 2f1faf6 - mm: hugetlb: avoid soft lockup when mprotect to large memory area (CVE-2025-40153 bsc#1253408). - commit 03b4aee ------------------------------------------------------------------ ------------------ 2025-12-8 - Dec 8 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/64s/slb: Fix SLB multihit issue during SLB preload (bac#1236022 ltc#211187). - commit 1a4723e - i3c: master: svc: Prevent incomplete IBI transaction (git-fixes). - clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes). - clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes). - clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes). - clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes). - commit 4cf8a99 ------------------------------------------------------------------ ------------------ 2025-12-7 - Dec 7 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - staging: fbtft: core: fix potential memory leak in fbtft_probe_common() (git-fixes). - usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt (git-fixes). - USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes). - USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes). - usb: phy: Initialize struct usb_phy list_head (git-fixes). - usb: dwc2: fix hang during suspend if set as peripheral (git-fixes). - usb: chaoskey: fix locking for O_NONBLOCK (git-fixes). - USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes). - intel_th: Fix error handling in intel_th_output_open (git-fixes). - comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() (git-fixes). - comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes). - comedi: check device's attached status in compat ioctls (git-fixes). - comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes). - firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes). - iio: core: Clean up device correctly on iio_device_alloc() failure (git-fixes). - iio: core: add missing mutex_destroy in iio_dev_release() (git-fixes). - iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes). - firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes). - uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe (git-fixes). - fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes). - fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing (git-fixes). - fbdev: tcx.c fix mem_map to correct smem_start offset (git-fixes). - watchdog: wdat_wdt: Fix ACPI table leak in probe function (git-fixes). - rpmsg: glink: fix rpmsg device leak (git-fixes). - iio: accel: bmc150: Fix irq assumption regression (stable-fixes). - usb: storage: sddr55: Reject out-of-bound new_pba (stable-fixes). - USB: serial: option: add support for Rolling RW101R-GL (stable-fixes). - USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes). - usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes). - usb: dwc3: pci: add support for the Intel Nova Lake -S (stable-fixes). - thunderbolt: Add support for Intel Wildcat Lake (stable-fixes). - drm/amd/display: Check NULL before accessing (stable-fixes). - ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes). - commit a6f8c1f ------------------------------------------------------------------ ------------------ 2025-12-6 - Dec 6 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - soc: amlogic: canvas: fix device leak on lookup (git-fixes). - soc: qcom: smem: fix hwspinlock resource leak in probe error paths (git-fixes). - soc: qcom: ocmem: fix device leak on lookup (git-fixes). - firmware: imx: scu-irq: fix OF node leak in (git-fixes). - soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes). - commit 67bcab6 ------------------------------------------------------------------ ------------------ 2025-12-5 - Dec 5 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 (git-fixes). - PCI: keystone: Exit ks_pcie_probe() for invalid mode (git-fixes). - PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition (git-fixes). - PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes). - power: supply: apm_power: only unset own apm_get_power_status (git-fixes). - power: supply: wm831x: Check wm831x_set_bits() return value (git-fixes). - power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges() (git-fixes). - power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges() (git-fixes). - power: supply: cw2015: Check devm_delayed_work_autocancel() return code (git-fixes). - mfd: mt6358-irq: Fix missing irq_domain_remove() in error path (git-fixes). - mfd: mt6397-irq: Fix missing irq_domain_remove() in error path (git-fixes). - mfd: max77620: Fix potential IRQ chip conflict when probing two devices (git-fixes). - platform/x86: intel: chtwc_int33fe: don't dereference swnode args (git-fixes). - spi: bcm63xx: drop wrong casts in probe() (git-fixes). - spi: tegra210-quad: Fix timeout handling (git-fixes). - regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex (git-fixes). - regulator: core: disable supply if enabling main regulator fails (git-fixes). - mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors (git-fixes). - mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove (git-fixes). - mtd: nand: relax ECC parameter validation check (git-fixes). - Revert "mtd: rawnand: marvell: fix layouts" (git-fixes). - mtd: lpddr_cmds: fix signed shifts in lpddr_cmds (git-fixes). - mtd: maps: pcmciamtd: fix potential memory leak in pcmciamtd_detach() (git-fixes). - pwm: bcm2835: Make sure the channel is enabled after pwm_request() (git-fixes). - platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver (git-fixes). - commit 6ae74c9 - mfd: da9055: Fix missing regmap_del_irq_chip() in error path (git-fixes). - mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup (git-fixes). - media: rc: st_rc: Fix reset control resource leak (git-fixes). - media: videobuf2: Fix device reference leak in vb2_dc_alloc error path (git-fixes). - media: vpif_display: fix section mismatch (git-fixes). - media: vpif_capture: fix section mismatch (git-fixes). - media: samsung: exynos4-is: fix potential ABBA deadlock on init (git-fixes). - media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled (git-fixes). - media: amphion: Cancel message work before releasing the VPU core (git-fixes). - media: verisilicon: Protect G2 HEVC decoder against invalid DPB index (git-fixes). - media: v4l2-mem2mem: Fix outdated documentation (git-fixes). - media: cec: Fix debugfs leak on bus_register() failure (git-fixes). - media: vidtv: initialize local pointers upon transfer of memory ownership (git-fixes). - media: pvrusb2: Fix incorrect variable used in trace message (git-fixes). - media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread() (git-fixes). - media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() (git-fixes). - media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe (git-fixes). - media: i2c: adv7842: Remove redundant cancel_delayed_work in probe (git-fixes). - media: TDA1997x: Remove redundant cancel_delayed_work in probe (git-fixes). - media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() (git-fixes). - commit 0f91c8f - Documentation: hid-alps: Fix packet format section headings (git-fixes). - HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() (git-fixes). - HID: logitech-dj: Remove duplicate error logging (git-fixes). - backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes). - backlight: led-bl: Add devlink to supplier LEDs (git-fixes). - leds: netxbig: Fix GPIO descriptor leak in error paths (git-fixes). - leds: leds-lp50xx: Enable chip before any communication (git-fixes). - leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs (git-fixes). - leds: leds-lp50xx: Allow LED 0 to be added to module bank (git-fixes). - hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes). - hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes). - hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes). - ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes). - ASoC: stm32: sai: fix OF node leak on probe (git-fixes). - ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes). - ASoC: stm32: sai: fix device leak on probe (git-fixes). - ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes). - ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes). - ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes). - ALSA: dice: fix buffer overflow in detect_stream_formats() (git-fixes). - ASoC: fsl_xcvr: clear the channel status control memory (git-fixes). - drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma (git-fixes). - drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() (git-fixes). - drm/nouveau: restrict the flush page to a 32-bit address (git-fixes). - drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse() (git-fixes). - drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue (git-fixes). - drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes). - drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers (git-fixes). - drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes). - drm/msm/dpu: Remove dead-code in dpu_encoder_helper_reset_mixers() (git-fixes). - drm/vgem-fence: Fix potential deadlock on release (git-fixes). - drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg() (git-fixes). - gpu: host1x: Fix race in syncpt alloc/free (git-fixes). - commit 7fcfbe3 ++++ libpng16: - security update - added patches CVE-2025-66293 [bsc#1254480], LIBPNG out-of-bounds read in png_image_read_composite * libpng16-CVE-2025-66293-1.patch * libpng16-CVE-2025-66293-2.patch ------------------------------------------------------------------ ------------------ 2025-12-4 - Dec 4 2025 ------------------- ------------------------------------------------------------------ ++++ fde-tools: - Build with distro flags ++++ kernel-default: - RDMA/irdma: Remove unused struct irdma_cq fields (git-fixes) Refresh patches.suse/RDMA-irdma-Set-irdma_cq-cq_num-field-during-CQ-creat.patch - commit acb152c - wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line warning (git-fixes). - wifi: ieee80211: correct FILS status codes (git-fixes). - mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() (git-fixes). - wifi: mt76: Fix DTS power-limits on little endian systems (git-fixes). - wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (git-fixes). - wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() (git-fixes). - wifi: mac80211: fix CMAC functions not handling errors (git-fixes). - net: phy: adin1100: Fix software power-down ready condition (git-fixes). - wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper() (git-fixes). - wifi: ath11k: fix peer HE MCS assignment (git-fixes). - wifi: ath11k: restore register window after global reset (git-fixes). - lib/vsprintf: Check pointer before dereferencing in time_and_date() (git-fixes). - Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes). - Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes). - docs: w1: fix w1-netlink invalid URL (git-fixes). - crypto: ccree - Correctly handle return of sg_nents_for_len (git-fixes). - crypto: iaa - Fix incorrect return value in save_iaa_wq() (git-fixes). - crypto: rockchip - drop redundant crypto_skcipher_ivsize() calls (git-fixes). - crypto: hisilicon/qm - restore original qos values (git-fixes). - crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (git-fixes). - crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes). - ima: Handle error code returned by ima_filter_rule_match() (git-fixes). - KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes). - KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes). - commit 912d691 - btrfs: make sure extent and csum paths are always released in scrub_raid56_parity_stripe() (git-fixes). - commit 6dcb53c ------------------------------------------------------------------ ------------------ 2025-12-3 - Dec 3 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() (git-fixes). - ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 (git-fixes). - efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes). - efi/libstub: Describe missing 'out' parameter in efi_load_initrd (git-fixes). - commit 242aae6 ++++ nvidia-open-driver-G06-signed: - kernel-6.18.patch * fixed build against kernel 6.18 ------------------------------------------------------------------ ------------------ 2025-12-2 - Dec 2 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Input: cros_ec_keyb - fix an invalid memory access (stable-fixes). - Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes). - drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes). - drm/amd/display: Increase DPCD read retries (stable-fixes). - drm/amd/display: Move sleep into each retry for retrieve_link_cap() (stable-fixes). - kconfig/nconf: Initialize the default locale at startup (stable-fixes). - kconfig/mconf: Initialize the default locale at startup (stable-fixes). - Input: goodix - add support for ACPI ID GDX9110 (stable-fixes). - commit 7011d30 ------------------------------------------------------------------ ------------------ 2025-12-1 - Dec 1 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - orangefs: fix xattr related buffer overflow.. (git-fixes). - commit f97ca07 - rpm/mkspec: Exclude azure from kernel-syms dependencies Similar to rt azure was initially a separate kernel variant, and not all KMPs are built for it. kernel-azure-devel should be included as explicit build depedency to get a KMP for this kernel flavor. - commit c174e9b ------------------------------------------------------------------ ------------------ 2025-11-29 - Nov 29 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors (git-fixes). - spi: bcm63xx: fix premature CS deassertion on RX-only transactions (git-fixes). - firmware: stratix10-svc: fix bug in saving controller data (git-fixes). - iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes). - iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields (git-fixes). - iio: accel: fix ADXL355 startup race condition (git-fixes). - iio:common:ssp_sensors: Fix an error handling path ssp_probe() (git-fixes). - iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes). - most: usb: fix double free on late probe failure (git-fixes). - slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves (git-fixes). - serial: amba-pl011: prefer dma_mapping_error() over explicit address checking (git-fixes). - usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors (git-fixes). - USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes). - usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (git-fixes). - usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (git-fixes). - xhci: dbgtty: fix device unregister (git-fixes). - usb: gadget: f_eem: Fix memory leak in eem_unwrap (git-fixes). - drivers/usb/dwc3: fix PCI parent check (git-fixes). - usb: storage: Fix memory leak in USB bulk transport (git-fixes). - usb: cdns3: Fix double resource release in cdns3_pci_probe (git-fixes). - mailbox: mailbox-test: Fix debugfs_create_dir error checking (git-fixes). - drm: sti: fix device leaks at component probe (git-fixes). - drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes). - commit 17705d7 - net: dlink: handle copy_thresh allocation failure (CVE-2025-40053 bsc#1252808) - commit 975011b ------------------------------------------------------------------ ------------------ 2025-11-28 - Nov 28 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - pid: Add a judgment for ns null in pid_nr_ns (CVE-2025-40178 bsc#1253463) - commit ce07984 - net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (CVE-2025-40187 bsc#1253647) - commit e8a76b4 - can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling (git-fixes). - can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs (git-fixes). - can: sja1000: fix max irq loop handling (git-fixes). - can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes). - net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs (git-fixes). - atm/fore200e: Fix possible data race in fore200e_open() (git-fixes). - Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes). - Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes). - net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY (git-fixes). - platform/x86: intel: punit_ipc: fix memory corruption (git-fixes). - atm: idt77252: Add missing `dma_map_error()` (stable-fixes). - commit 2366cbf ++++ libpng16: - security update - added patches CVE-2025-64505 [bsc#1254157], heap buffer over-read in `png_do_quantize` via malformed palette index * libpng16-CVE-2025-64505.patch CVE-2025-64506 [bsc#1254158], heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled * libpng16-CVE-2025-64506.patch CVE-2025-64720 [bsc#1254159], buffer overflow in `png_image_read_composite` via incorrect palette premultiplication * libpng16-CVE-2025-64720.patch CVE-2025-65018 [bsc#1254160], heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` * libpng16-CVE-2025-65018.patch ++++ sqlite3: - Update to version 3.51.1: * Fix incorrect results from nested EXISTS queries caused by the optimization in item 6b in the 3.51.0 release. * Fix a latent bug in fts5vocab virtual table, exposed by new optimizations in the 3.51.0 release - Changes in version 3.51.0: * New macros in sqlite3.h: - SQLITE_SCM_BRANCH → the name of the branch from which the source code is taken. - SQLITE_SCM_TAGS → space-separated list of tags on the source code check-in. - SQLITE_SCM_DATETIME → ISO-8601 date and time of the source code check-in. * Two new JSON functions, jsonb_each() and jsonb_tree() work the same as the existing json_each() and json_tree() functions except that they return JSONB for the "value" column when the "type" is 'array' or 'object'. * The carray and percentile extensions are now built into the amalgamation, though they are disabled by default and must be activated at compile-time using the -DSQLITE_ENABLE_CARRAY and/or -DSQLITE_ENABLE_PERCENTILE options, respectively. * Enhancements to TCL Interface: - Add the -asdict flag to the eval command to have it set the row data as a dict instead of an array. - User-defined functions may now break to return an SQL NULL. * CLI enhancements: - Increase the precision of ".timer" to microseconds. - Enhance the "box" and "column" formatting modes to deal with double-wide characters. - The ".imposter" command provides read-only imposter tables that work with VACUUM and do not require the --unsafe-testing option. - Add the --ifexists option to the CLI command-line option and to the .open command. - Limit columns widths set by the ".width" command to 30,000 or less, as there is not good reason to have wider columns, but supporting wider columns provides opportunity to malefactors. * Performance enhancements: - Use fewer CPU cycles to commit a read transaction. - Early detection of joins that return no rows due to one or more of the tables containing no rows. - Avoid evaluation of scalar subqueries if the result of the subquery does not change the result of the overall expression. - Faster window function queries when using "BETWEEN :x FOLLOWING AND :y FOLLOWING" with a large :y. * Add the PRAGMA wal_checkpoint=NOOP; command and the SQLITE_CHECKPOINT_NOOP argument for sqlite3_wal_checkpoint_v2(). * Add the sqlite3_set_errmsg() API for use by extensions. * Add the sqlite3_db_status64() API, which works just like the existing sqlite3_db_status() API except that it returns 64-bit results. * Add the SQLITE_DBSTATUS_TEMPBUF_SPILL option to the sqlite3_db_status() and sqlite3_db_status64() interfaces. * In the session extension add the sqlite3changeset_apply_v3() interface. * For the built-in printf() and the format() SQL function, omit the leading '-' from negative floating point numbers if the '+' flag is omitted and the "#" flag is present and all displayed digits are '0'. Use '%#f' or similar to avoid outputs like '-0.00' and instead show just '0.00'. * Improved error messages generated by FTS5. * Enforce STRICT typing on computed columns. * Improved support for VxWorks * JavaScript/WASM now supports 64-bit WASM. The canonical builds continue to be 32-bit but creating one's own 64-bit build is now as simple as running "make". * Improved resistance to database corruption caused by an application breaking Posix advisory locks using close(). ++++ runc: - Update to runc v1.3.4. Upstream changelog is available from . bsc#1254362 ------------------------------------------------------------------ ------------------ 2025-11-27 - Nov 27 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (CVE-2025-40033 bsc#1252824) - commit 2054391 - dm: fix NULL pointer dereference in __dm_suspend() (CVE-2025-40134 bsc#1253386) - commit 1e5953d - dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386) - commit bd1d198 - KVM: arm64: Prevent access to vCPU events before init (CVE-2025-40102 bsc#1252919) - commit 104fba7 - perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (CVE-2025-40081 bsc#1252776) - commit f1cab17 - Add dtb-spacemit SpacemiT boards include MilkV-Jupiter, Banana Pi F3 and Orange Pi RV2. - commit f2f396d - scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119). - scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119). - scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119). - scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119). - scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119). - scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119). - scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119). - scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119). - scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119). - scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119). - commit bfcfc18 - nvme-multipath: fix lockdep WARN due to partition scan work (git-fixes bsc#1233640 CVE-2024-53093). - commit 28a7b7d - dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes). - commit a7bb416 - nvme: Use non zero KATO for persistent discovery connections (git-fixes). - commit 4d9eece - ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes). - commit 74497c6 ------------------------------------------------------------------ ------------------ 2025-11-26 - Nov 26 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - nfsd: fix return error codes for nfsd_map_name_to_id (bsc#1232223). - commit 24071c5 - vhost: Take a reference on the task in struct vhost_task (CVE-2025-40024 bsc#1252686) - commit fc81dc2 - nfsd: do not defer requests during idmap lookup in v4 compound decode (bsc#1232223). - commit 4b41b11 - tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (CVE-2025-40149 bsc#1253355). - commit c8fb6ed - smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (CVE-2025-40168 bsc#1253427). - commit 0f10629 - smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (CVE-2025-40139 bsc#1253409). - commit a7ae1b3 - smc: Fix use-after-free in __pnet_find_base_ndev() (CVE-2025-40064 bsc#1252845). - commit 2971b90 - tcp_metrics: use dst_dev_net_rcu() (CVE-2025-40075 bsc#1252795). - commit fcb52d9 - Update patches.suse/ASoC-Intel-bytcr_rt5640-Fix-invalid-quirk-input-mapp.patch (git-fixes CVE-2025-40154 bsc#1253431). - Update patches.suse/ASoC-Intel-bytcr_rt5651-Fix-invalid-quirk-input-mapp.patch (git-fixes CVE-2025-40121 bsc#1253367). - Update patches.suse/Bluetooth-ISO-Fix-possible-UAF-on-iso_conn_free.patch (git-fixes CVE-2025-40141 bsc#1253352). - Update patches.suse/EDAC-i10nm-Skip-DIMM-enumeration-on-a-disabled-memor.patch (git-fixes CVE-2025-40157 bsc#1253423). - Update patches.suse/PM-devfreq-mtk-cci-Fix-potential-error-pointer-deref.patch (git-fixes CVE-2025-40156 bsc#1253428). - Update patches.suse/Squashfs-reject-negative-file-sizes-in-squashfs_read_inode.patch (git-fixes CVE-2025-40200 bsc#1253448). - Update patches.suse/accel-qaic-Treat-remaining-0-as-error-in-find_and_ma.patch (git-fixes CVE-2025-40172 bsc#1253424). - Update patches.suse/bpf-Fix-metadata_dst-leak-__bpf_redirect_neigh_v-4-6.patch (git-fixes CVE-2025-40183 bsc#1253441). - Update patches.suse/btrfs-avoid-potential-out-of-bounds-in-btrfs_encode_.patch (git-fixes CVE-2025-40205 bsc#1253456). - Update patches.suse/can-hi311x-fix-null-pointer-dereference-when-resumin.patch (stable-fixes CVE-2025-40107 bsc#1253018). - Update patches.suse/cpufreq-intel_pstate-Fix-object-lifecycle-issue-in-update_qos_request.patch (stable-fixes git-fixes CVE-2025-40194 bsc#1253445). - Update patches.suse/crypto-rng-Ensure-set_ent-is-always-present.patch (git-fixes CVE-2025-40109 bsc#1253176). - Update patches.suse/drm-vmwgfx-Fix-Use-after-free-in-validation.patch (git-fixes CVE-2025-40111 bsc#1253362). - Update patches.suse/drm-vmwgfx-Fix-a-null-ptr-access-in-the-cursor-snoop.patch (git-fixes CVE-2025-40110 bsc#1253275). - Update patches.suse/ext4-avoid-potential-buffer-over-read-in-parse_apply.patch (git-fixes CVE-2025-40198 bsc#1253453). - Update patches.suse/hwrng-ks-sa-fix-division-by-zero-in-ks_sa_rng_init.patch (git-fixes CVE-2025-40127 bsc#1253369). - Update patches.suse/mailbox-zynqmp-ipi-Fix-out-of-bounds-access-in-mailb.patch (git-fixes CVE-2025-40180 bsc#1253440). - Update patches.suse/media-v4l2-subdev-Fix-alloc-failure-check-in-v4l2_su.patch (git-fixes CVE-2025-40207 bsc#1253395). - Update patches.suse/net-usb-Remove-disruptive-netif_wake_queue-in-rtl815.patch (git-fixes CVE-2025-40140 bsc#1253349). - Update patches.suse/net-usb-asix-hold-PM-usage-ref-to-avoid-PM-MDIO-RTNL.patch (git-fixes CVE-2025-40120 bsc#1253360). - Update patches.suse/nvmet-fc-move-lsop-put-work-to-nvmet_fc_ls_req_op.patch (bsc#1245193 bsc#1247500 CVE-2025-40171 bsc#1253412). - Update patches.suse/pwm-berlin-Fix-wrong-register-in-suspend-resume.patch (git-fixes CVE-2025-40188 bsc#1253449). - Update patches.suse/scsi-mpt3sas-Fix-crash-in-transport-port-remove-by-using-i.patch (git-fixes CVE-2025-40115 bsc#1253318). - Update patches.suse/scsi-pm80xx-Fix-array-index-out-of-of-bounds-on-rmmod.patch (git-fixes CVE-2025-40118 bsc#1253363). - Update patches.suse/sunrpc-fix-null-pointer-dereference-on-zero-length-checksum.patch (git-fixes CVE-2025-40129 bsc#1253472). - Update patches.suse/tcp-Don-t-call-reqsk_fastopen_remove-in-tcp_conn_request.patch (git-fixes CVE-2025-40186 bsc#1253438). - Update patches.suse/usb-host-max3421-hcd-Fix-error-pointer-dereference-i.patch (git-fixes CVE-2025-40116 bsc#1253324). - Update patches.suse/usbnet-Fix-using-smp_processor_id-in-preemptible-cod.patch (git-fixes CVE-2025-40164 bsc#1253407). - commit d8d3cd1 ++++ openvswitch: - OpenvSwitch upstream bugfix updates: * https://www.openvswitch.org/releases/NEWS-3.1.7.txt * v3.1.7 - Bug fixes - OVS validated with DPDK 22.11.7. * v3.1.6 - Bug fixes - OVS validated with DPDK 22.11.6. * v3.1.5 - Bug fixes - OVS validated with DPDK 22.11.5. * v3.1.4 - Bug fixes - Fixed vulnerabilities CVE-2023-3966 (bsc#1219465) and CVE-2023-5366 (bsc#1216002). - OVS validated with DPDK 22.11.4. * v3.1.3 - Bug fixes * v3.1.2 - Bug fixes * v3.1.1 - Bug fixes - Fixed vulnerability CVE-2023-1668 (bsc#1210054) - Remove included patches: CVE-2023-1668.patch - OVN upstream bugfix updates: * https://github.com/ovn-org/ovn/blob/branch-23.03/NEWS - Fix CVE-2025-0650 (bsc#1236353) ovn: egress ACLs may be bypassed via specially crafted UDP packet (CVE-2025-0650.patch) * v23.03.3 - Bug fixes - Add "garp-max-timeout-sec" config option to vswitchd external-ids to cap the time between when ovn-controller sends gARP packets. - Security: Fixed vulnerability CVE-2024-2182 (bsc#1255435). - Updated patches install-ovsdb-tools.patch * v23.03.2 - Bug fixes * v23.03.1 - Bug fixes - CT entries are not flushed by default anymore whenever a load balancer backend is removed. A new, per-LB, option 'ct_flush' can be used to restore the previous behavior. Disabled by default. - Always allow IPv6 Router Discovery, Neighbor Discovery, and Multicast Listener Discovery protocols, regardless of ACLs defined. - Send ICMP Fragmentation Needed packets back to offending ports when communicating with multichassis ports using frames that don't fit through a tunnel. This is done only for logical switches that are attached to a physical network via a localnet port, in which case multichassis ports may have an effective MTU different from regular ports and hence may need this mechanism to maintain connectivity with other peers in the network. - ECMP routes use L4_SYM dp-hash by default if the datapath supports it. Existing sessions might get re-hashed to a different ECMP path when OVN detects the algorithm support in the datapath during an upgrade or restart of ovn-controller. - Add CoPP for the svc_monitor_mac. This addresses CVE-2023-3153 (bsc#1212125). - Remove included patches: CVE-2023-3152.patch ------------------------------------------------------------------ ------------------ 2025-11-25 - Nov 25 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - cifs: Fix uncached read into ITER_KVEC iterator (bsc#1245449). - commit caf12ec - ipv4: start using dst_dev_rcu() (CVE-2025-40074 bsc#1252794). - commit d58640c - kabi: hide dst_entry::dev_rcu (CVE-2025-40074 bsc#1252794). - commit 7047515 - net: dst: introduce dst->dev_rcu (CVE-2025-40074 bsc#1252794). - commit bc25dd4 - net: Add locking to protect skb->dev access in ip_output (CVE-2025-40074 bsc#1252794). - commit ba856a3 - ipv6: ip6_mc_input() and ip6_mr_input() cleanups (CVE-2025-40074 bsc#1252794). - commit 74e34e6 - ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers (CVE-2025-40074 bsc#1252794). - commit bef51be - ipv6: adopt dst_dev() helper (CVE-2025-40074 bsc#1252794). - refresh patches.suse/net-ip6_tunnel-Prevent-perpetual-tunnel-growth.patch - commit 7eda2f1 - ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu] (CVE-2025-40074 bsc#1252794). - commit 172fe2b - net: dst: add four helpers to annotate data-races around dst->dev (CVE-2025-40074 bsc#1252794). - commit d644653 - net: dst: annotate data-races around dst->output (CVE-2025-40074 bsc#1252794). - commit a54672b - net: dst: annotate data-races around dst->input (CVE-2025-40074 bsc#1252794). - commit ffc43da - net: dst: annotate data-races around dst->lastuse (CVE-2025-40074 bsc#1252794). - commit 8826356 - net: dst: annotate data-races around dst->expires (CVE-2025-40074 bsc#1252794). - commit 2c55499 - net: dst: annotate data-races around dst->obsolete (CVE-2025-40074 bsc#1252794). - commit 2ab42e2 - net: ipv4: ipmr: ipmr_queue_xmit(): Drop local variable `dev' (CVE-2025-40074 bsc#1252794). - commit 3c39f8c - net: gro: convert four dev_net() calls (CVE-2025-40074 bsc#1252794). - commit cf41694 - tcp: convert to dev_net_rcu() (CVE-2025-40074 bsc#1252794). - commit 2fe0b75 - net: dst_cache: annotate data-races around dst_cache->reset_ts (CVE-2025-40074 bsc#1252794). - commit 5a73952 - Refresh patches.suse/ALSA-usb-audio-Fix-potential-overflow-of-PCM-transfe.patch Fix the missing mutex unlock at the error path - commit f1238c1 - rpm/kernel-obs-build.spec.in: Add xt_addrtype module for docker Needed by docker meanwhile. - commit 1cd2f7d - x86/amd_nb: Add new PCI IDs for AMD family 0x1a (stable-fixes). - Refresh patches.suse/x86-amd_nb-Add-new-PCI-IDs-for-AMD-family-1Ah-model-60h.patch. - commit 5a88cd1 - ALSA: hda: Fix missing pointer check in hda_component_manager_init function (git-fixes). - commit 39c22db - tools: lib: thermal: don't preserve owner in install (stable-fixes). - watchdog: s3c2410_wdt: Fix max_timeout being calculated larger (stable-fixes). - usb: gadget: f_fs: Fix epfile null pointer access after ep enable (stable-fixes). - usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (stable-fixes). - usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (stable-fixes). - usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget (stable-fixes). - usb: gadget: f_hid: Fix zero length packet transfer (stable-fixes). - usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (stable-fixes). - wifi: ath12k: Increase DP_REO_CMD_RING_SIZE to 256 (stable-fixes). - wifi: ath10k: Fix connection after GTK rekeying (stable-fixes). - wifi: rtw88: sdio: use indirect IO for device registers before power-on (stable-fixes). - wifi: mt76: mt7996: Temporarily disable EPCS (stable-fixes). - wifi: mt76: mt7921: Add 160MHz beamformee capability for mt7922 device (stable-fixes). - wifi: mac80211: Fix HE capabilities element check (stable-fixes). - video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (stable-fixes). - commit 7dad19b - tools: lib: thermal: use pkg-config to locate libnl3 (stable-fixes). - phy: rockchip: phy-rockchip-inno-csidphy: allow writes to grf register 0 (stable-fixes). - thunderbolt: Use is_pciehp instead of is_hotplug_bridge (stable-fixes). - soc/tegra: fuse: Add Tegra114 nvmem cells and fuse lookups (stable-fixes). - soc: qcom: smem: Fix endian-unaware access of num_entries (stable-fixes). - soc: aspeed: socinfo: Add AST27xx silicon IDs (stable-fixes). - pinctrl: single: fix bias pull up/down handling in pin_config_set (stable-fixes). - power: supply: qcom_battmgr: handle charging state change notifications (stable-fixes). - power: supply: sbs-charger: Support multiple devices (stable-fixes). - power: supply: qcom_battmgr: add OOI chemistry (stable-fixes). - spi: rpc-if: Add resume support for RZ/G3E (stable-fixes). - spi: loopback-test: Don't use %pK through printk (stable-fixes). - commit 47c8f1c - NFS4: Fix state renewals missing after boot (git-fixes). - commit 1f41fdb - NFS: check if suid/sgid was cleared after a write as needed (git-fixes). - commit 6f2e3ba - nfs4_setup_readdir(): insufficient locking for - >d_parent->d_inode dereferencing (git-fixes). - commit cbc0708 - PCI: cadence: Check for the existence of cdns_pcie::ops before using it (stable-fixes). - PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes). - PCI: dwc: Verify the single eDMA IRQ in dw_pcie_edma_irq_verify() (stable-fixes). - PCI/PM: Skip resuming to D0 if device is disconnected (stable-fixes). - PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (stable-fixes). - PCI: Disable MSI on RDC PCI to PCIe bridges (stable-fixes). - phy: cadence: cdns-dphy: Enable lower resolutions in dphy (stable-fixes). - phy: renesas: r8a779f0-ether-serdes: add new step added to latest datasheet (stable-fixes). - net: phy: clear link parameters on admin link down (stable-fixes). - net: phy: marvell: Fix 88e1510 downshift counter errata (stable-fixes). - net: nfc: nci: Increase NCI_DATA_TIMEOUT to 3000 ms (stable-fixes). - net: phy: fixed_phy: let fixed_phy_unregister free the phy_device (stable-fixes). - media: redrat3: use int type to store negative error codes (stable-fixes). - media: ov08x40: Fix the horizontal flip control (stable-fixes). - media: i2c: og01a1b: Specify monochrome media bus format instead of Bayer (stable-fixes). - media: adv7180: Only validate format in querystd (stable-fixes). - media: adv7180: Do not write format to device in set_fmt (stable-fixes). - media: adv7180: Add missing lock in suspend callback (stable-fixes). - media: fix uninitialized symbol warnings (stable-fixes). - media: imon: make send_packet() more robust (stable-fixes). - media: i2c: Kconfig: Ensure a dependency on HAVE_CLK for VIDEO_CAMERA_SENSOR (stable-fixes). - media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes). - mfd: madera: Work around false-positive -Wininitialized warning (stable-fixes). - mfd: da9063: Split chip variant reading in two bus transactions (stable-fixes). - mfd: stmpe-i2c: Add missing MODULE_LICENSE (stable-fixes). - mfd: stmpe: Remove IRQ domain upon removal (stable-fixes). - mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (stable-fixes). - memstick: Add timeout to prevent indefinite waiting (stable-fixes). - mmc: host: renesas_sdhi: Fix the actual clock (stable-fixes). - commit 8c57bbb - NFSv4.1: fix mount hang after CREATE_SESSION failure (git-fixes). - commit c832cc2 - NFSv4: handle ERR_GRACE on delegation recalls (git-fixes). - commit aaacda9 - ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (stable-fixes). - iio: adc: imx93_adc: load calibrated values even calibration failed (stable-fixes). - iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (stable-fixes). - hwmon: (dell-smm) Add support for Dell OptiPlex 7040 (stable-fixes). - hwmon: (asus-ec-sensors) increase timeout for locking ACPI mutex (stable-fixes). - hwmon: sy7636a: add alias (stable-fixes). - hwmon: (sbtsi_temp) AMD CPU extended temperature range support (stable-fixes). - hwmon: (k10temp) Add device ID for Strix Halo (stable-fixes). - hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (stable-fixes). - commit f501af0 - jfs: fix uninitialized waitqueue in transaction manager (git-fixes). - commit 0b36ea1 - jfs: Verify inode mode when loading from disk (git-fixes). - commit 475a90c - extcon: adc-jack: Cleanup wakeup source only if it was enabled (git-fixes). - commit 5b8d1e6 - drm/amd/display: Disable VRR on DCE 6 (stable-fixes). - commit d98de00 - drm/amd/display: ensure committing streams is seamless (stable-fixes). - commit 0def0fa - exfat: limit log print for IO error (git-fixes). - commit 1fa4a3d - drm/amd/display: Fix black screen with HDMI outputs (git-fixes). - fbcon: Set fb_display[i]->mode to NULL when the mode is released (stable-fixes). - fbdev: bitblit: bound-check glyph index in bit_putcs* (stable-fixes). - fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (stable-fixes). - HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (stable-fixes). - drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (stable-fixes). - drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (stable-fixes). - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (stable-fixes). - extcon: adc-jack: Fix wakeup source leaks on device unbind (stable-fixes). - char: misc: Does not request module for miscdevice with dynamic minor (stable-fixes). - char: misc: Make misc_register() reentry for miscdevice who wants dynamic minor (stable-fixes). - drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes). - drm/amdgpu: reject gang submissions under SRIOV (stable-fixes). - drm/amd/display: Fix DVI-D/HDMI adapters (stable-fixes). - drm/amd: Avoid evicting resources at S5 (stable-fixes). - drm/amdgpu: Use memdup_array_user in amdgpu_cs_wait_fences_ioctl (stable-fixes). - drm/msm: make sure to not queue up recovery more than once (stable-fixes). - drm/msm/dsi/phy_7nm: Fix missing initial VCO rate (stable-fixes). - drm/msm/dsi/phy: Toggle back buffer resync after preparing PLL (stable-fixes). - drm/amdgpu: don't enable SMU on cyan skillfish (stable-fixes). - drm/amdgpu: add support for cyan skillfish gpu_info (stable-fixes). - drm/amd: add more cyan skillfish PCI ids (stable-fixes). - drm/amdgpu: Allow kfd CRIU with no buffer objects (stable-fixes). - drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (stable-fixes). - drm/amdkfd: fix vram allocation failure for a special case (stable-fixes). - drm/amdkfd: Handle lack of READ permissions in SVM mapping (stable-fixes). - drm/amdkfd: return -ENOTTY for unsupported IOCTLs (stable-fixes). - drm/amdgpu/jpeg: Hold pg_lock before jpeg poweroff (stable-fixes). - drm/amd/pm: Use cached metrics data on arcturus (stable-fixes). - drm/amd/pm: Use cached metrics data on aldebaran (stable-fixes). - drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes). - drm/amd/display: add more cyan skillfish devices (stable-fixes). - drm/amd/display: Increase AUX Intra-Hop Done Max Wait Duration (stable-fixes). - drm/bridge: display-connector: don't set OP_DETECT for DisplayPorts (stable-fixes). - drm/tidss: Set crtc modesetting parameters with adjusted mode (stable-fixes). - drm/bridge: cdns-dsi: Don't fail on MIPI_DSI_MODE_VIDEO_BURST (stable-fixes). - drm/bridge: cdns-dsi: Fix REG_WAKEUP_TIME value (stable-fixes). - drm/tidss: Use the crtc_* timings when programming the HW (stable-fixes). - commit 304e918 - tcp: correct handling of extreme memory squeeze (bsc#1253779 CVE-2025-21710 bsc#1237888). - commit bba09b0 - net: tcp: send zero-window ACK when no memory (bsc#1253779). - commit f54e913 - ACPI: property: Return present device nodes only on fwnode interface (stable-fixes). - commit 7bfc861 - ACPI: PRM: Skip handlers with NULL handler_address or NULL VA (stable-fixes). - commit d4e809a - ACPI: scan: Add Intel CVS ACPI HIDs to acpi_ignore_dep_ids (stable-fixes). - commit cea477f - ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes). - commit 47d058d - ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (stable-fixes). - commit a383be8 - tools/cpupower: Fix incorrect size in cpuidle_state_disable() (stable-fixes). - commit 2d1aa96 - tools/cpupower: fix error return value in cpupower_write_sysfs() (stable-fixes). - commit c9d6e6c - tools/power x86_energy_perf_policy: Prefer driver HWP limits (stable-fixes). - commit e772bc7 - tools/power x86_energy_perf_policy: Enhance HWP enable (stable-fixes). - commit 1133dff - tools/power x86_energy_perf_policy: Fix incorrect fopen mode usage (stable-fixes). - commit 23d6e42 - Update patches.suse/net-smc-Remove-validation-of-reserved-bits-in-CLC-Decline-.patch (bsc#1252353). - commit d9fe289 - crypto: aspeed - fix double free caused by devm (git-fixes). - dmaengine: dw-edma: Set status for callback_result (stable-fixes). - dmaengine: mv_xor: match alloc_wc and free_wc (stable-fixes). - crypto: qat - use kcalloc() in qat_uclo_map_objs_from_mof() (stable-fixes). - drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (stable-fixes). - char: misc: restrict the dynamic range to exclude reserved minors (stable-fixes). - crypto: aspeed-acry - Convert to platform remove callback returning void (stable-fixes). - commit 89d05dd - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (stable-fixes). - ALSA: usb-audio: don't log messages meant for 1810c when initializing 1824c (git-fixes). - ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (stable-fixes). - ASoC: meson: aiu-encoder-i2s: fix bit clock polarity (stable-fixes). - Bluetooth: SCO: Fix UAF on sco_conn_free (stable-fixes). - Bluetooth: bcsp: receive data only if registered (stable-fixes). - Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (stable-fixes). - amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw (stable-fixes). - accel/habanalabs/gaudi2: read preboot status after recovering from dirty state (stable-fixes). - accel/habanalabs: support mapping cb with vmalloc-backed coherent memory (stable-fixes). - accel/habanalabs/gaudi2: fix BMON disable configuration (stable-fixes). - accel/habanalabs: return ENOMEM if less than requested pages were pinned (stable-fixes). - ASoC: tlv320aic3x: Fix class-D initialization for tlv320aic3007 (stable-fixes). - ASoC: stm32: sai: manage context in set_sysclk callback (stable-fixes). - ALSA: usb-audio: add mono main switch to Presonus S1824c (stable-fixes). - ASoC: qcom: sc8280xp: explicitly set S16LE format in sc8280xp_be_hw_params_fixup() (stable-fixes). - ALSA: serial-generic: remove shared static buffer (stable-fixes). - ALSA: usb-audio: apply quirk for MOONDROP Quark2 (stable-fixes). - ALSA: usb-audio: Add validation of UAC2/UAC3 effect units (stable-fixes). - commit d6deb82 ++++ salt: - Add minimum_auth_version to enforce security (CVE-2025-62349) - Backport security fixes for vendored tornado * BDSA-2024-3438 * BDSA-2024-3439 * BDSA-2024-9026 - Junos module yaml loader fix (CVE-2025-62348) - Require Python dependencies only for used Python version - Fix TLS and x509 modules for OSes with older cryptography module - Require python-legacy-cgi only for Python > 3.12 - Builds with py >=3.13 require python-legacy-cgi - Fix Salt for Python > 3.11 (bsc#1252285) (bsc#1252244) - * Use external tornado on Python > 3.11 - * Make tls and x509 to use python-cryptography - * Remove usage of spwd - Fix payload signature verification on Tumbleweed (bsc#1251776) - Fix broken symlink on migration to Leap 16.0 (bsc#1250755) - Use versioned python interpreter for salt-ssh - Fix known_hosts error on gitfs (bsc#1250520) (bsc#1227207) - Add python3.11 as preferable for salt-ssh to avoid tests fails - Make test_pillar_timeout test more reliable - Modify README and other doc files for openSUSE - Set python-CherryPy as required for python-salt-testsuite (#115) - Revert require M2Crypto >= 0.44.0 for SUSE Family distros - This reverts commit aa40615dcf7a15325ef71bbc09a5423ce512491d. - Improve SL Micro 6.2 detection with grains - Fix functional.states.test_user for SLES 16 and Micro systems - Fix the tests failing on AlmaLinux 10 and other clones - Add `minion_legacy_req_warnings` option to avoid noisy warnings - Require M2Crypto >= 0.44.0 for SUSE Family distros - Added: * backport-3006.17-security-fixes-739.patch * fix-tls-and-x509-modules-for-older-cryptography-modu.patch * fix-salt-for-python-3.11.patch * do-not-break-signature-verification-on-latest-m2cryp.patch * use-versioned-python-interpreter-for-salt-ssh.patch * allow-libgit2-to-guess-sysdir-homedir-successfully-b.patch * add-python3.11-as-preferable-for-salt-ssh-to-avoid-t.patch * even-more-reliable-pillar-timeout-test.patch * modify-readme-for-opensuse-728.patch * improve-sl-micro-6.2-detection-with-grains.patch * fix-functional.states.test_user-for-sles-16-and-micr.patch * fix-the-tests-failing-on-almalinux-10-and-other-clon.patch * add-minion_legacy_req_warnings-option-to-avoid-noisy.patch ------------------------------------------------------------------ ------------------ 2025-11-24 - Nov 24 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Delete workflows conflicting with upstream ++++ gnutls: - Security fix bsc#1254132 CVE-2025-9820 * Fix buffer overflow in gnutls_pkcs11_token_init * Added gnutls-CVE-2025-9820.patch ++++ kernel-default: - kernel-binary: Only skip brp-strip when debuginfo is enabled Fixes: 4fc8f912b4f2 ("kernel-binary: Do not change debuginfo config during build") - commit cd9963e - octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (CVE-2025-39944 bsc#1251120) - commit f5c6371 - ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (CVE-2025-39859 bsc#1250252) - commit b475528 - x86/bugs: Fix reporting of LFENCE retpoline (git-fixes). - commit 879f123 - x86/vmscape: Add old Intel CPUs to affected list (git-fixes). - commit 3042143 - net: macb: fix unregister_netdev call order in macb_remove() (CVE-2025-39805 bsc#1249982) - commit 8a9576d - x86/bugs: Report correct retbleed mitigation status (git-fixes). - commit 11da480 - x86/CPU/AMD: Add additional fixed RDSEED microcode revisions (git-fixes). - commit 265ca5a - x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode (git-fixes). - commit 0a4b156 - net/ip6_tunnel: Prevent perpetual tunnel growth (CVE-2025-40173 bsc#1253421). - commit 2d9c02f - net/smc: Remove validation of reserved bits in CLC Decline message (bsc#1253779). - commit 6b0f67d - kernel-binary: Support building gendwarfksyms on SLE/Leap 15 - commit 940a186 - cramfs: Verify inode mode when loading from disk (git-fixes). - commit 593324b - minixfs: Verify inode mode when loading from disk (git-fixes). - commit a428067 - Add missing bugzilla reference to net fix (bsc#1250237 CVE-2025-40206 bsc#1253393) - commit 9ef65cb ------------------------------------------------------------------ ------------------ 2025-11-23 - Nov 23 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Input: imx_sc_key - fix memory corruption on unload (git-fixes). - Input: pegasus-notetaker - fix potential out-of-bounds access (git-fixes). - Input: atmel_mxt_ts - allow reset GPIO to sleep (stable-fixes). - commit a07d058 ------------------------------------------------------------------ ------------------ 2025-11-22 - Nov 22 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (CVE-2025-40001 bsc#1252303). - commit 2c846dd - Disable CONFIG_CPU5_WDT The cpu5wdt driver doesn't implement a proper watchdog interface and has many code issues. It only handles obscure and obsolete hardware. Stop building and supporting this driver (jsc#PED-14062). - commit 5170874 - pinctrl: s32cc: initialize gpio_pin_config::list after kmalloc() (git-fixes). - pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc (git-fixes). - nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot (git-fixes). - Revert "drm/tegra: dsi: Clear enable register if powered by bootloader" (git-fixes). - drm/tegra: Add call to put_pid() (git-fixes). - drm/tegra: dc: Fix reference leak in tegra_dc_couple() (git-fixes). - commit 401121e ------------------------------------------------------------------ ------------------ 2025-11-21 - Nov 21 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tls: wait for pending async decryptions if tls_strp_msg_hold fails (CVE-2025-40176 bsc#1253425). - commit 411c26e - series.conf: reorder misplaced patches from kABI section Fix misplaced patches in the kABI section by restoring correct order. - commit f6506b9 - platform/x86/intel/speed_select_if: Convert PCIBIOS_* return codes to errnos (git-fixes). - commit e814a2b - vfs: Don't leak disconnected dentries on umount (CVE-2025-40105 bsc#1252928). - commit 29d6b54 ++++ libmicrohttpd: - Fix for the following bugs: * bsc#1253177 CVE-2025-59777 * bsc#1253178 CVE-2025-62689 - Add patch: * CVE-2025-59777.patch * this same patch fixes both CVEs * git commit ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b ------------------------------------------------------------------ ------------------ 2025-11-20 - Nov 20 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes). - commit f6f6b8f - KVM: VMX: Fix check for valid GVA on an EPT violation (git-fixes). - commit dab0856 - KVM: x86: Don't treat ENTER and LEAVE as branches, because they aren't (git-fixes). - commit 4d07448 - HID: uclogic: Fix potential memory leak in error path (git-fixes). - HID: hid-ntrig: Prevent memory leak in ntrig_report_version() (git-fixes). - HID: amd_sfh: Stop sensor before starting (git-fixes). - HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (git-fixes). - commit 98129db ------------------------------------------------------------------ ------------------ 2025-11-19 - Nov 19 2025 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fix: [bsc#1253757, CVE-2025-11563] * curl: wcurl path traversal with percent-encoded slashes * Add curl-CVE-2025-11563.patch ++++ kernel-default: - scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267). - uio_hv_generic: Let userspace take care of interrupt mask (git-fixes CVE-2025-40048 bsc#1252862). - net/mana: fix warning in the writer of client oob (git-fixes). - uio_hv_generic: Query the ringbuffer size for device (git-fixes). - Drivers: hv: vmbus: Add utility function for querying ring size (git-fixes). - commit 0473d84 - sctp: Fix MAC comparison to be constant-time (CVE-2025-40204 bsc#1253436). - commit 53f522f - tracing: dynevent: Add a missing lockdown check on dynevent (CVE-2025-40021 bsc#1252681). - commit c113400 - Update patches.suse/netfilter-nft_objref-validate-objref-and-objrefmap-e.patch (bsc#1250237 CVE-2025-40206). Inserted series, updated CVE reference and mainline - commit 617e07d - selftests/bpf: Close fd in error path in drop_on_reuseport (git-fixes). - commit 9eacaa7 - selftests/bpf: Close obj in error path in xdp_adjust_tail (git-fixes). - commit 32804dc - selftests/bpf: Use pid_t consistently in test_progs.c (git-fixes). - commit 12adc35 - bpf: Reject negative offsets for ALU ops (CVE-2025-40169 bsc#1253416). - commit 004bd79 ++++ kmod: - man: modprobe.d: document the config file order handling (bsc#1253741) * man-modprobe.d-document-the-config-file-order-handling.patch ------------------------------------------------------------------ ------------------ 2025-11-18 - Nov 18 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kernel-binary: Require libdw in Factory Libdw is required for gendwarfksyms - commit 0d3f66b - mtd: onenand: Pass correct pointer to IRQ handler (git-fixes). - mtd: rawnand: cadence: fix DMA device NULL pointer dereference (git-fixes). - mtdchar: fix integer overflow in read/write ioctls (git-fixes). - commit fd43643 ++++ libsoup: - Add libsoup-CVE-2025-12105.patch: fix use after free caused by 'finishing' queue item twice (bsc#1252555 CVE-2025-12105 glgo#GNOME/libsoup!481). ++++ sssd: - Install file in krb5.conf.d to include sssd krb5 config snippets; (bsc#1244325); - Disable Kerberos localauth an2ln plugin for AD; (CVE-2025-11561); (bsc#1251827); Add patch 0005-krb5-disable-Kerberos-localauth-an2ln-plugin-for-AD-.patch ------------------------------------------------------------------ ------------------ 2025-11-17 - Nov 17 2025 ------------------- ------------------------------------------------------------------ ++++ dpdk: - Upstream bugfix update: - Version 22.11.10 - net/mlx5: fix out-of-order completions in ordinary Rx burst (CVE-2025-23259, bsc#1254161) - Version 22.11.9 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id24 - Version 22.11.8 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id21 - Version 22.11.7 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id18 - Remove included fix dpdk-CVE-2024-11614.patch - Version 22.11.6 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id15 - Version 22.11.5 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id12 - Version 22.11.4 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id8 - Version 22.11.3 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id4 Remove included fixes: - 0001-kni-fix-build-with-Linux-6.3.patch - Version 22.11.2 https://doc.dpdk.org/guides-22.11/rel_notes/release_22_11.html#id2 - Fix [bsc#1214724], SUSE provided DPDK modules taint the kernel as unsupported + Add kernel support flag for rte_kni.ko ++++ python-kiwi: - Fixed spec file requires The package requirement for binutils was set to TW (>=1650) only but is also required for SLES16/Leap16 which is 1600 This commit fixes the condition to match with all required distributions and fixes bsc#1253637 ++++ kernel-default: - net/sched: sch_qfq: Fix null-deref in agg_dequeue (CVE-2025-40083 bsc#1252912). - commit 517474e - mm/secretmem: fix use-after-free race in fault handler (git-fixes). - commit 8bf2ad9 - mm/mm_init: fix hash table order logging in alloc_large_system_hash() (git-fixes). - commit fdeb2e0 - xsk: Harden userspace-supplied xdp_desc validation (CVE-2025-40159 bsc#1253403). - commit 7cd1a7d ++++ freetype2: - update to 2.14.1: * The auto-hinter got new abilities. It can now better separate diacritic glyphs from base glyphs at small sizes by artificially moving diacritics up (or down) if necessary * Tilde accent glyphs get vertically stretched at small sizes so that they don't degenerate to horizontal lines. * Diacritics directly attached to a base glyph (like the ogonek in character 'ę') no longer distort the shape of the base glyph * The TrueType instruction interpreter was optimized to produce a 15% gain in the glyph loading speed. * Handling of Variation Fonts is now considerably faster * TrueType and CFF glyph loading speed has been improved by 5-10% on modern 64-bit platforms as a result of better handling of fixed-point multiplication. * The BDF driver now loads fonts 75% faster. ------------------------------------------------------------------ ------------------ 2025-11-16 - Nov 16 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - selftests/bpf: Fix missing ARRAY_SIZE() definition in bench.c (git-fixes). - commit f67cafa - selftests/bpf: Fix missing UINT_MAX definitions in benchmarks (git-fixes). - commit 172ead3 - selftests/bpf: Fix missing BUILD_BUG_ON() declaration (git-fixes). - commit 67585df ------------------------------------------------------------------ ------------------ 2025-11-15 - Nov 15 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (git-fixes). - mmc: sdhci-of-dwcmshc: Change DLL_STRBIN_TAPNUM_DEFAULT to 0x4 (git-fixes). - acpi,srat: Fix incorrect device handle check for Generic Initiator (git-fixes). - spi: Try to get ACPI GPIO IRQ earlier (git-fixes). - regulator: fixed: fix GPIO descriptor leak on register failure (git-fixes). - ASoC: codecs: va-macro: fix resource leak in probe error path (git-fixes). - ASoC: cs4271: Fix regulator leak on probe failure (git-fixes). - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (git-fixes). - crypto: hisilicon/qm - Fix device reference leak in qm_get_qos_value (git-fixes). - commit c9e8681 ------------------------------------------------------------------ ------------------ 2025-11-14 - Nov 14 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - s390/mm: Fix in_atomic() handling in do_secure_storage_access() (git-fixes CVE-2025-38359 bsc#1247076). - s390/mm,fault: simplify kfence fault handling (bsc#1247076). - commit 5eab67b - kernel-binary: Do not change debuginfo config during build Historically when debuginfo build was disabled in OBS kernel was configured to not generate the debuginfo at all saving space during build and making the build faster. More and more kernel features depend on debuginfo, and disabling it changes the kernel significantly disabling functionality that is otherwise available and causing ABI breakage. Recently genksyms was rewritten as gendwarfksyms to support more features but requires debuginfo to operate. With that kernel builds without deuginfo are not very useful anymore. Even if rpm eventually trashes the debuginfo it needs to be always generated. - commit 4fc8f91 - Bluetooth: L2CAP: export l2cap_chan_hold for modules (stable-fixes). - commit 0d1ed96 - ACPI: CPPC: Limit perf ctrs in PCC check only to online CPUs (git-fixes). - ACPI: CPPC: Perform fast check switch only for online CPUs (git-fixes). - ACPI: CPPC: Check _CPC validity for only the online CPUs (git-fixes). - wifi: mwl8k: inject DSSS Parameter Set element into beacons if missing (git-fixes). - wifi: mac80211: skip rate verification for not captured PSDUs (git-fixes). - wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (git-fixes). - wifi: mac80211: reject address change while connecting (git-fixes). - Bluetooth: 6lowpan: add missing l2cap_chan_lock() (git-fixes). - Bluetooth: 6lowpan: Don't hold spin lock over sleeping functions (git-fixes). - Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (git-fixes). - Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (git-fixes). - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (git-fixes). - Bluetooth: MGMT: cancel mesh send timer when hdev removed (git-fixes). - strparser: Fix signed/unsigned mismatch bug (git-fixes). - commit 22e4e84 ------------------------------------------------------------------ ------------------ 2025-11-13 - Nov 13 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - bpf: make sure skb->len != 0 when redirecting to a tunneling device (CVE-2022-50253 bsc#1249912) - commit 9d76bea - scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (CVE-2025-39788 bsc#1249547) - commit 8ecb142 - drm/amd/display: Check dce_hwseq before dereferencing it (CVE-2025-38361 bsc#1247079) - commit c29726d - NFSD: Skip close replay processing if XDR encoding fails (git-fixes). - commit a56f52a - NFSD: Never cache a COMPOUND when the SEQUENCE operation fails (git-fixes). - commit bd549b4 - NFSD: free copynotify stateid in nfs4_free_ol_stateid() (git-fixes). - commit e5427cd ++++ python311-core: - Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple quadratic complexity vulnerabilities of os.path.expandvars() (CVE-2025-6075, bsc#1252974). - Readjusted patches: - CVE-2023-52425-libexpat-2.6.0-backport.patch - CVE-2023-52425-remove-reparse_deferral-tests.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch ++++ unbound: - Fix CVE-2025-11411 (possible domain hijacking attack). Since this minimal patch interferes with most of the unit tests, the '%check' section has been removed from the spec file. [CVE-2025-11411, bsc#1252525, unbound-1.22-CVE-2025-11411.patch] ++++ nvidia-open-driver-G06-signed: - introduced extra %gfx_aarch64_version and appropriate tarball/pci_id file in the hope that build service will no longer complain - update CUDA variant to 580.105.08 ++++ python311: - Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple quadratic complexity vulnerabilities of os.path.expandvars() (CVE-2025-6075, bsc#1252974). - Readjusted patches: - CVE-2023-52425-libexpat-2.6.0-backport.patch - CVE-2023-52425-remove-reparse_deferral-tests.patch - fix_configure_rst.patch - skip_if_buildbot-extend.patch ++++ qemu: - Bugfixes: * io: fix use after free in websocket handshake code (bsc#1250984, CVE-2025-11234) * io: move websock resource release to close method (bsc#1250984, CVE-2025-11234) * io: release active GSource in TLS channel finalizer (bsc#1250984, CVE-2025-11234) * block/curl: fix curl internal handles handling (bsc#1252768, CVE-2025-11234) ------------------------------------------------------------------ ------------------ 2025-11-12 - Nov 12 2025 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix CVE-2025-54771 (bsc#1252931) * 0001-kern-file-Call-grub_dl_unref-after-fs-fs_close.patch - Fix CVE-2025-54770 (bsc#1252930) * 0002-net-net-Unregister-net_set_vlan-command-on-unload.patch - Fix CVE-2025-61662 (bsc#1252933) * 0003-gettext-gettext-Unregister-gettext-command-on-module.patch - Fix CVE-2025-61663 (bsc#1252934) - Fix CVE-2025-61664 (bsc#1252935) * 0004-normal-main-Unregister-commands-on-module-unload.patch * 0005-tests-lib-functional_test-Unregister-commands-on-mod.patch - Fix CVE-2025-61661 (bsc#1252932) * 0006-commands-usbtest-Use-correct-string-length-field.patch * 0007-commands-usbtest-Ensure-string-length-is-sufficient-.patch - Bump upstream SBAT generation to 6 ++++ kernel-default: - perf script: add --addr2line option (bsc#1247509). - commit b555487 - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() (bsc#1251786 CVE-2023-53676). - commit 9f54767 - crypto: iaa - Do not clobber req->base.data (git-fixes). - commit 5feccb5 - btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fixes). - commit 065dd63 - btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes). - commit c42dda1 - KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 (git-fixes). - commit 187ad0b - KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest (git-fixes). - commit ce2cf8f - KVM: x86: Add helper to retrieve current value of user return MSR (git-fixes). - commit aaea082 - KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest (git-fixes). - commit 6c43180 - btrfs: tree-checker: fix the wrong output of data backref objectid (git-fix). - commit b216859 - btrfs: fix COW handling in run_delalloc_nocow() (git-fix). - commit 1ee428c - btrfs: avoid page_lockend underflow in btrfs_punch_hole_lock_range() (git-fix). - commit 0febf2a - btrfs: run btrfs_error_commit_super() early (git-fix). - commit 8643309 - btrfs: tree-checker: add dev extent item checks (git-fix). - commit 48bfe9b - btrfs: tree-checker: reject BTRFS_FT_UNKNOWN dir type (git-fix). - commit 4308950 - btrfs: avoid using fixed char array size for tree names (git-fix). - commit f141f17 - btrfs: tree-checker: validate dref root and objectid (git-fix). - commit 3243d37 - btrfs: make btrfs_clear_delalloc_extent() free delalloc reserve (git-fix). - commit 36065ed - btrfs: qgroup: correctly model root qgroup rsv in convert (git-fix). - commit 9e4469e - btrfs: tree-checker: add type and sequence check for inline backrefs (git-fix). - commit d1d2092 - btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fix). - commit ee165a1 ------------------------------------------------------------------ ------------------ 2025-11-11 - Nov 11 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Alt-commit updates - Refresh patches.suse/drm-amd-display-Fix-brightness-level-not-retained-ov.patch. - Refresh patches.suse/drm-amdkfd-Don-t-call-mmput-from-MMU-notifier-callba.patch. - Refresh patches.suse/drm-i915-dsi-Use-TRANS_DDI_FUNC_CTL-s-own-port-width.patch. - Refresh patches.suse/drm-panel-simple-Update-timings-for-AUO-G101EVN010.patch. - Refresh patches.suse/drm-sched-Add-locking-to-drm_sched_entity_modify_sch.patch. - commit 1d2b5d5 - KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs (git-fixes). - commit baa92d8 - KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter (git-fixes). - commit 508e295 - btrfs: set inode flag BTRFS_INODE_COPY_EVERYTHING when logging new name (git-fixes). - commit c373962 - btrfs: simplify error handling logic for btrfs_link() (git-fixes). - commit 5e3a1fc - btrfs: fix inode leak on failure to add link to inode (git-fixes). - commit 5155c3a - btrfs: abort transaction on failure to add link to inode (git-fixes). - commit 91c4075 - btrfs: rename err to ret in btrfs_link() (git-fixes). - commit 4d5a044 - btrfs: send: fix duplicated rmdir operations when using extrefs (git-fixes). - commit 2c08529 - KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported (git-fixes). - commit 78a2926 - KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag (git-fixes). - commit d3c0a38 - KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes). - commit b58dbd2 - Delete patches.kabi/KVM-x86-Snapshot-the-host-s-DEBUGCTL-in-common-x86.patch. Now that kabi/severities is amended to ignore xfer_to_guest_mode_handle_work(), drop the unneeded kABI workaround. - commit 27b5996 ------------------------------------------------------------------ ------------------ 2025-11-10 - Nov 10 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: mark dirty extent range for out of bound prealloc extents (git-fixes). - commit d11dc7c - btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (git-fixes). - commit 0e43958 - usb/core/quirks: Add Huawei ME906S to wakeup quirk (git-fixes). - commit add9d74 - kABI fix for KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes) (git-fixes). - commit 10ade44 - pds_core: remove write-after-free of client_id (CVE-2025-37916 bsc#1243474) - commit 40805a0 - coresight: Fix incorrect handling for return value of devm_kzalloc (CVE-2025-40059 bsc#1252809) - commit f7e7b0e - ocfs2: fix double free in user_cluster_connect() (CVE-2025-40055 bsc#1252821) - commit 9897d8a - pinctrl: check the return value of pinmux_ops::get_function_name() (CVE-2025-40030 bsc#1252773). - commit 060cddf - KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes). - commit 0701a3a - pps: fix warning in pps_register_cdev when register device fail (CVE-2025-40070 bsc#1252836). - commit 98a58ce - KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes). - commit 15e0a05 - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (CVE-2025-40098 bsc#1252917). - commit 8b9eeeb - rtc: rx8025: fix incorrect register reference (git-fixes). - drm/amd: Fix suspend failure with secure display TA (git-fixes). - drm/amd/display: Fix NULL deref in debugfs odm_combine_segments (git-fixes). - drm/i915: Fix conversion between clock ticks and nanoseconds (git-fixes). - drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (git-fixes). - drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb (git-fixes). - Documentation: ACPI: i2c-muxes: fix I2C device references (git-fixes). - ACPI: SBS: Fix present test in acpi_battery_read() (git-fixes). - lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC (git-fixes). - wifi: mac80211_hwsim: Limit destroy_on_close radio removal to netgroup (git-fixes). - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (git-fixes). - isdn: mISDN: hfcsusb: fix memory leak in hfcsusb_probe() (git-fixes). - Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2() (git-fixes). - Bluetooth: hci_event: validate skb length for unknown CC opcode (git-fixes). - wifi: zd1211rw: fix potential memory leak in __zd_usb_enable_rx() (git-fixes). - Revert "wifi: ath10k: avoid unnecessary wait for service ready message" (git-fixes). - media: uvcvideo: Use heuristic to find stream entity (git-fixes). - xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event (git-fixes). - xhci: dbc: Avoid event polling busyloop if pending rx transfers are inactive (git-fixes). - xhci: dbc: Improve performance by removing delay in transfer event polling (stable-fixes). - xhci: dbc: Allow users to modify DbC poll interval via sysfs (stable-fixes). - xhci: dbc: poll at different rate depending on data transfer activity (stable-fixes). - commit 6309683 ------------------------------------------------------------------ ------------------ 2025-11-9 - Nov 9 2025 ------------------- ------------------------------------------------------------------ ++++ containerd: - Update to containerd v1.7.29. Upstream release notes: * CVE-2024-25621 bsc#1253126 * CVE-2025-64329 bsc#1253132 - Rebase patches: * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch ------------------------------------------------------------------ ------------------ 2025-11-7 - Nov 7 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/CPU/AMD: Do the common init on future Zens too (git-fixes). - Refresh patches.suse/x86-CPU-AMD-Add-RDSEED-fix-for-Zen5.patch. - Refresh patches.suse/x86-CPU-AMD-Clear-virtualized-VMLOAD-VMSAVE-on-Zen4-client. - commit d7ef23e - x86/CPU/AMD: Add RDSEED fix for Zen5 (git-fixes). - commit 85fd0b8 - fs/smb: Fix inconsistent refcnt update (bsc#1250176, CVE-2025-39819). - commit 966a58e - kabi/severities: drop xfer_to_guest_mode_handle_work This is part of KVM, and it is already ignored in SL-16.0. The function only takes a pointer to a KVM struct and feeds it back to the KVM subsystem. - commit dc5bb81 - net/9p: fix double req put in p9_fd_cancelled (CVE-2025-40027 bsc#1252763). - commit bff03bd - KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (CVE-2025-40038 bsc#1252817). - commit d00fe85 - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705). - commit fd68ed6 ++++ openssh: - Add openssh-cve-2025-61984-username-validation.patch (bsc#1251198, CVE-2025-61984). - Add openssh-cve-2025-61985-nul-url-encode.patch (bsc#1251199, CVE-2025-61985). ------------------------------------------------------------------ ------------------ 2025-11-6 - Nov 6 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: libfc: Prevent integer overflow in fc_fcp_recv_data() (git-fixes). - scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (git-fixes). - scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (git-fixes). - scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (git-fixes). - md: fix mssing blktrace bio split events (git-fixes). - md/raid1: fix data lost for writemostly rdev (git-fixes). - scsi: core: sysfs: Correct sysfs attributes access rights (git-fixes). - block: fix kobject double initialization in add_disk (git-fixes). - block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (git-fixes). - scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans (git-fixes). - scsi: aacraid: Stop using PCI_IRQ_AFFINITY (git-fixes). - commit 59aa14f - nexthop: Forbid FDB status change while nexthop is in a group (CVE-2025-39980 bsc#1252063). - commit 44a7e79 - mm/ksm: fix flag-dropping behavior in ksm_madvise (CVE-2025-40040 bsc#1252780). - commit ff8401e - serial: 8250_mtk: Enable baud clock and manage in runtime PM (git-fixes). - serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 (git-fixes). - PCI: j721e: Fix incorrect error message in probe() (git-fixes). - PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes). - commit c2ea229 - media: atomisp: Prefix firmware paths with "intel/ipu/" (bsc#1252973). - media: atomisp: Remove firmware_name module parameter (bsc#1252973). - commit 903670f ------------------------------------------------------------------ ------------------ 2025-11-5 - Nov 5 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - selftests/bpf: Fix string read in strncmp benchmark (git-fixes). - commit 0165696 - selftests/bpf: Mitigate sockmap_ktls disconnect_after_delete failure (git-fixes). - commit 2116607 - selftests/bpf: fix signedness bug in redir_partial() (git-fixes). - commit b261c17 - nbd: restrict sockets to TCP and UDP (bsc#1252774 CVE-2025-40080). - commit a7c3e39 - KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes). - commit 6f9b1c9 - KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes). - commit b83e48d - KVM: SVM: WARN if an invalid posted interrupt IRTE entry is added (git-fixes). - commit 2982d0e - iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (git-fixes). - commit 5cc1fcc - KVM: SVM: Track per-vCPU IRTEs using kvm_kernel_irqfd structure (git-fixes). - commit 9e70f85 - KVM: Pass new routing entries and irqfd when updating IRTEs (git-fixes). - commit 2630cbd - Refresh patches.suse/Revert-KVM-VMX-Move-LOAD_IA32_PERF_GLOBAL_CTRL-errat.patch. Fix whitespace (patch was using spaces). - commit 04dc661 - kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930). - commit 0f034b6 - RDMA/bnxt_re: Don't fail destroy QP and cleanup debugfs earlier (git-fixes) - commit c7164d9 - RDMA/hns: Fix wrong WQE data when QP wraps around (git-fixes) - commit ff60916 - RDMA/hns: Fix the modification of max_send_sge (git-fixes) - commit e73e586 - RDMA/hns: Fix recv CQ and QP cache affinity (git-fixes) - commit 80efef8 - RDMA/irdma: Set irdma_cq cq_num field during CQ create (git-fixes) - commit 8445b54 - RDMA/irdma: Fix SD index calculation (git-fixes) - commit 05d9bdd - RDMA/bnxt_re: Fix a potential memory leak in destroy_gsi_sqp (git-fixes) - commit 3c9a931 ++++ runc: - Update to runc v1.3.3. Upstream changelog is available from . bsc#1252232 * CVE-2025-31133 * CVE-2025-52565 * CVE-2025-52881 - Remove upstreamed patches for bsc#1252232: - 2025-11-05-CVEs.patch ------------------------------------------------------------------ ------------------ 2025-11-4 - Nov 4 2025 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 059+suse.641.g906a3d31: * fix(kernel-modules-extra): remove stray \ before / (bsc#1253029) ++++ kernel-default: - Delete patches.kabi/KVM-x86-pmu-Allow-programming-events-that-match-unsu.patch. This avoids a kbuild error in check-patchrv. This patch is not needed anyway since 4f5efb71e1f4. - commit 624b1b2 - vhost: vringh: Modify the return value check (CVE-2025-40051 bsc#1252858). - commit 80d9f20 - btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() (git-fixes). - commit 91a9728 ++++ nvidia-open-driver-G06-signed: - back to 580.95.05 on aarch64, since userspace drivers have not been updated for this platform ------------------------------------------------------------------ ------------------ 2025-11-3 - Nov 3 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: x86: Introduce kvm_x86_call() to simplify static calls of kvm_x86_ops (git-fixes). - Refresh patches.suse/KVM-x86-Don-t-inject-PV-async-PF-if-SEND_ALWAYS-0-an.patch. - Refresh patches.suse/KVM-x86-Exit-to-userspace-if-fastpath-triggers-one-o.patch. - Refresh patches.suse/KVM-x86-Introduce-kvm_set_mp_state.patch. - Refresh patches.suse/KVM-x86-Route-non-canonical-checks-in-emulator-throu.patch. - Refresh patches.suse/KVM-x86-model-canonical-checks-more-precisely.patch. - commit 3454959 - KVM: x86: Replace static_call_cond() with static_call() (git-fixes). - commit 6bb685c - Update patches.suse/ACPI-x86-s2idle-Catch-multiple-ACPI_TYPE_PACKAGE-obj.patch (git-fixes CVE-2023-53708 bsc#1252537). - Update patches.suse/ALSA-usb-audio-Fix-NULL-pointer-deference-in-try_to_.patch (git-fixes CVE-2025-40085 bsc#1252873). - Update patches.suse/ALSA-usb-audio-fix-race-condition-to-UAF-in-snd_usbm.patch (git-fixes CVE-2025-39997 bsc#1252056). - Update patches.suse/ASoC-qcom-audioreach-fix-potential-null-pointer-dere.patch (git-fixes CVE-2025-40013 bsc#1252348). - Update patches.suse/Bluetooth-MGMT-Fix-possible-UAFs.patch (git-fixes CVE-2025-39981 bsc#1252060). - Update patches.suse/Bluetooth-hci_event-Fix-UAF-in-hci_acl_create_conn_s.patch (git-fixes CVE-2025-39982 bsc#1252083). - Update patches.suse/HID-amd_sfh-Fix-for-shift-out-of-bounds.patch (bsc#1012628 CVE-2023-53703 bsc#1252553). - Update patches.suse/Input-uinput-zero-initialize-uinput_ff_upload_compat.patch (git-fixes CVE-2025-40035 bsc#1252866). - Update patches.suse/NFS-Fix-a-potential-data-corruption.patch (git-fixes CVE-2023-53711 bsc#1252536). - Update patches.suse/NFSD-Define-a-proc_layoutcommit-for-the-FlexFiles-layout-type.patch (git-fixes CVE-2025-40087 bsc#1252909). - Update patches.suse/PCI-endpoint-pci-epf-test-Add-NULL-check-for-DMA-cha.patch (git-fixes CVE-2025-40032 bsc#1252841). - Update patches.suse/RDMA-rxe-Fix-race-in-do_task-when-draining.patch (git-fixes CVE-2025-40061 bsc#1252849). - Update patches.suse/Squashfs-fix-uninit-value-in-squashfs_get_parent.patch (git-fixes CVE-2025-40049 bsc#1252822). - Update patches.suse/USB-gadget-Fix-the-memory-leak-in-raw_gadget-dr.patch (bsc#1012628 CVE-2023-53693 bsc#1252489). - Update patches.suse/afs-Fix-potential-null-pointer-dereference-in-afs_put_server.patch (git-fixes CVE-2025-40010 bsc#1252332). - Update patches.suse/arm64-csum-Fix-OoB-access-in-IP-checksum-code-for-ne.patch (git-fixes CVE-2023-53726 bsc#1252565). - Update patches.suse/arm64-sme-Use-STR-P-to-clear-FFR-context-field-.patch (bsc#1012628 CVE-2023-53713 bsc#1252559). - Update patches.suse/blk-iocost-use-spin_lock_irqsave-in-adjust_inus.patch (bsc#1012628 CVE-2023-53730 bsc#1252495). - Update patches.suse/bus-fsl-mc-Check-return-value-of-platform_get_resour.patch (git-fixes CVE-2025-40029 bsc#1252772). - Update patches.suse/can-etas_es58x-populate-ndo_change_mtu-to-prevent-bu.patch (git-fixes CVE-2025-39988 bsc#1252074). - Update patches.suse/can-hi311x-populate-ndo_change_mtu-to-prevent-buffer.patch (git-fixes CVE-2025-39987 bsc#1252079). - Update patches.suse/can-mcba_usb-populate-ndo_change_mtu-to-prevent-buff.patch (git-fixes CVE-2025-39985 bsc#1252082). - Update patches.suse/can-peak_usb-fix-shift-out-of-bounds-issue.patch (git-fixes CVE-2025-40020 bsc#1252679). - Update patches.suse/can-sun4i_can-populate-ndo_change_mtu-to-prevent-buf.patch (git-fixes CVE-2025-39986 bsc#1252078). - Update patches.suse/clk-imx-clk-imx8mp-improve-error-handling-in-im.patch (bsc#1012628 CVE-2023-53704 bsc#1252490). - Update patches.suse/clocksource-drivers-cadence-ttc-Fix-memory-leak.patch (bsc#1012628 CVE-2023-53725 bsc#1252492). - Update patches.suse/crypto-essiv-Check-ssize-for-decryption-and-in-place.patch (git-fixes CVE-2025-40019 bsc#1252678). - Update patches.suse/crypto-hisilicon-qm-set-NULL-to-qm-debug.qm_diff_reg.patch (git-fixes CVE-2025-40062 bsc#1252850). - Update patches.suse/drm-amdgpu-Fix-integer-overflow-in-amdgpu_cs_p.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53707 bsc#1252632). - Update patches.suse/drm-gma500-Fix-null-dereference-in-hdmi-teardown.patch (git-fixes CVE-2025-40011 bsc#1252336). - Update patches.suse/drm-sched-Fix-potential-double-free-in-drm_sched_job.patch (git-fixes CVE-2025-40096 bsc#1252902). - Update patches.suse/fbcon-fix-integer-overflow-in-fbcon_do_set_font.patch (git-fixes CVE-2025-39967 bsc#1252033). - Update patches.suse/fs-udf-fix-OOB-read-in-lengthAllocDescs-handling.patch (git-fixes CVE-2025-40044 bsc#1252785). - Update patches.suse/hfsplus-fix-slab-out-of-bounds-read-in-hfsplus_strcasecmp.patch (git-fixes CVE-2025-40088 bsc#1252904). - Update patches.suse/hfsplus-fix-slab-out-of-bounds-read-in-hfsplus_uni2asc_followup.patch (git-fixes CVE-2025-40082 bsc#1252775). - Update patches.suse/iommu-vt-d-Disallow-dirty-tracking-if-incoherent-pag.patch (git-fixes CVE-2025-40058 bsc#1252854). - Update patches.suse/md-raid1-fix-potential-OOB-in-raid1_remove_disk-8b04.patch (jsc#PED-7542 CVE-2023-53722 bsc#1252499). - Update patches.suse/media-b2c2-Fix-use-after-free-causing-by-irq_check_w.patch (git-fixes CVE-2025-39996 bsc#1252065). - Update patches.suse/media-i2c-tc358743-Fix-use-after-free-bugs-caused-by.patch (git-fixes CVE-2025-39995 bsc#1252064). - Update patches.suse/media-rc-fix-races-with-imon_disconnect.patch (git-fixes CVE-2025-39993 bsc#1252070). - Update patches.suse/media-tuner-xc5000-Fix-use-after-free-in-xc5000_rele.patch (git-fixes CVE-2025-39994 bsc#1252072). - Update patches.suse/media-uvcvideo-Mark-invalid-entities-with-id-UVC_INV.patch (git-fixes CVE-2025-40016 bsc#1252346). - Update patches.suse/misc-fastrpc-fix-possible-map-leak-in-fastrpc_put_ar.patch (git-fixes CVE-2025-40036 bsc#1252865). - Update patches.suse/net-nfc-nci-Add-parameter-validation-for-packet-data.patch (git-fixes CVE-2025-40043 bsc#1252787). - Update patches.suse/net-sched-cls_u32-Undo-tcf_bind_filter-if-u32_r.patch (bsc#1012628 CVE-2023-53733 bsc#1252685). - Update patches.suse/net-sched-fq_pie-avoid-stalls-in-fq_pie_timer.patch (bsc#1220419 CVE-2023-53727 bsc#1252566). - Update patches.suse/netlink-fix-potential-deadlock-in-netlink_set_e.patch (bsc#1012628 CVE-2023-53731 bsc#1252481). - Update patches.suse/nvdimm-Fix-memleak-of-pmu-attr_groups-in-unregister_-85ae.patch (jsc#PED-5853 CVE-2023-53697 bsc#1252534). - Update patches.suse/posix-timers-Ensure-timer-ID-search-loop-limit-.patch (bsc#1012628 CVE-2023-53728 bsc#1252668). - Update patches.suse/ring-buffer-Do-not-swap-cpu_buffer-during-resi.patch (bsc#1012628 CVE-2023-53718 bsc#1252564). - Update patches.suse/riscv-move-memblock_allow_resize-after-linear-m.patch (bsc#1012628 CVE-2023-53699 bsc#1252550). - Update patches.suse/smb-client-fix-crypto-buffers-in-non-linear-memory.patch (bsc#1250491 boo#1239206 CVE-2025-40052 bsc#1252851). - Update patches.suse/soc-qcom-qmi_encdec-Restrict-string-length-in-decode.patch (git-fixes CVE-2023-53729 bsc#1252496). - Update patches.suse/tty-n_gsm-Don-t-block-input-queue-by-waiting-MSC.patch (git-fixes CVE-2025-40071 bsc#1252797). - Update patches.suse/wifi-ath11k-fix-NULL-dereference-in-ath11k_qmi_m3_lo.patch (git-fixes CVE-2025-39991 bsc#1252075). - Update patches.suse/wifi-ath12k-Fix-a-NULL-pointer-dereference-in-ath12k.patch (git-fixes CVE-2023-53721 bsc#1252561). - Update patches.suse/xfrm-xfrm_alloc_spi-shouldn-t-use-0-as-SPI.patch (CVE-2025-39797 bsc#1249608 CVE-2025-39965 bsc#1251967). - Update patches.suse/xsk-fix-refcount-underflow-in-error-path.patch (bsc#1012628 CVE-2023-53698 bsc#1252479). - commit 9042362 - coresight: trbe: Return NULL pointer for allocation failures (CVE-2025-40060 bsc#1252848). - commit 4543e34 ------------------------------------------------------------------ ------------------ 2025-11-2 - Nov 2 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - regulator: bd718x7: Fix voltages scaled by resistor divider (git-fixes). - regmap: slimbus: fix bus_context pointer in regmap init calls (git-fixes). - commit 20abe4b - scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers (git-fixes). - Refresh patches.suse/scsi-mpi3mr-Serialize-admin-queue-BAR-writes-on-32-bit-sys.patch. - commit 0321942 ------------------------------------------------------------------ ------------------ 2025-11-1 - Nov 1 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: mpt3sas: Correctly handle ATA device errors (git-fixes). - scsi: mpi3mr: Correctly handle ATA device errors (git-fixes). - commit 237fed8 - drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes). - drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89 (git-fixes). - drm/etnaviv: fix flush sequence logic (git-fixes). - drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes). - drm/msm/a6xx: Fix GMU firmware parser (git-fixes). - drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Iceland (git-fixes). - drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji (git-fixes). - drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes). - drm/mediatek: Fix device use-after-free on unbind (git-fixes). - ASoC: fsl_sai: fix bit order for DSD format (git-fixes). - ASoC: Intel: avs: Unprepare a stream when XRUN occurs (git-fixes). - ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes). - ALSA: usb-audio: fix control pipe direction (git-fixes). - commit acb4ea2 ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to version 580.105.08 (boo#1252978) ------------------------------------------------------------------ ------------------ 2025-10-31 - Oct 31 2025 ------------------- ------------------------------------------------------------------ ++++ glib2: - Add glib2-CVE-2025-7039.patch: fix computation of temporary file name (bsc#1249055 CVE-2025-7039 glgo#GNOME/glib#3716). ++++ kernel-default: - smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886). - commit 5e5239d - vhost: vringh: Fix copy_to_iter return value check (CVE-2025-40056 bsc#1252826) - commit 4efa16a - btrfs: do not assert we found block group item when creating free space tree (bsc#1252918 CVE-2025-40100). - commit 327502f - btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (git-fixes). - commit f5ef369 - btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (git-fixes). - commit 8cb68fe - KVM: x86/mmu: Prevent installing hugepages when mem attributes are changing (git-fixes). - commit 37d594a - selftests/bpf: Fix a fd leak in error paths in open_netns (git-fixes). - commit 51d3745 - selftests/bpf: Fix umount cgroup2 error in test_sockmap (git-fixes). - commit 24ba5aa - selftests/bpf: Use bpf_link__destroy in fill_link_info tests (git-fixes). - commit 9809b14 - ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (git-fixes). - ACPI: button: Call input_free_device() on failing input device registration (git-fixes). - fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes). - fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (git-fixes). - net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes). - net: usb: asix_devices: Check return value of usbnet_get_endpoints (git-fixes). - Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset (git-fixes). - Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (git-fixes). - usbnet: Prevents free active kevent (git-fixes). - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (git-fixes). - wifi: ath12k: free skb during idr cleanup callback (git-fixes). - wifi: ath11k: Add missing platform IDs for quirk table (git-fixes). - wifi: ath10k: Fix memory leak on unsupported WMI command (git-fixes). - wifi: mac80211: reset FILS discovery and unsol probe resp intervals (git-fixes). - commit cc1ca5e ------------------------------------------------------------------ ------------------ 2025-10-30 - Oct 30 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - bpf: Explicitly check accesses to bpf_sock_addr (CVE-2025-40078 bsc#1252789). - commit 6edd4b3 - KVM: x86: Take irqfds.lock when adding/deleting IRQ bypass producer (git-fixes). - commit fdfcdff - KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes). - commit cb2e3ab - kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939). - commit 7cb788c - Revert "KVM: VMX: Move LOAD_IA32_PERF_GLOBAL_CTRL errata handling out of setup_vmcs_config()" (git-fixes). - commit 769724a - hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes). - commit 40898e0 - hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() (git-fixes). - commit a2e4db9 - hfs: validate record offset in hfsplus_bmap_alloc (git-fixes). - commit 693ef92 - hfsplus: return EIO when type of hidden directory mismatch in hfsplus_fill_super() (git-fixes). - commit 6aec9cc ------------------------------------------------------------------ ------------------ 2025-10-29 - Oct 29 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ARM: tegra: Use I/O memcpy to write to IRAM (CVE-2025-39794 bsc#1249595) - commit ad8d355 - ipvs: Defer ip_vs_ftp unregister during netns cleanup (CVE-2025-40018 bsc#1252688). - commit d48a123 - NFSD: Fix crash in nfsd4_read_release() (git-fixes). - commit 1a326b8 - Fix Git-commit for patches.suse/cxl-downgrade-a-warning-message-to-debug-level-in-cxl.patch. - commit 31a5035 ------------------------------------------------------------------ ------------------ 2025-10-28 - Oct 28 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364). - commit 82fd58d - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (git-fixes). - commit fceae30 - octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (CVE-2025-39978 bsc#1252069). - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (CVE-2025-39955 bsc#1251804). - commit 0468786 - Revert "e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898" This reverts commit df2ae2c1bd0dd998b7e23e3d49e90e95ada467f0. - commit 79fa523 - i40e: add max boundary check for VF filters (CVE-2025-39968 bsc#1252047). - i40e: fix validation of VF state in get resources (CVE-2025-39969 bsc#1252044). - i40e: fix idx validation in i40e_validate_queue_map (CVE-2025-39972 bsc#1252039). - i40e: add validation for ring_len param (CVE-2025-39973 bsc#1252035). - ice: fix Rx page leak on multi-buffer frames (CVE-2025-39948 bsc#1251233). - qed: Don't collect too many protection override GRC elements (CVE-2025-39949 bsc#1251177). - commit 2c4293d - Delete patches.suse/cpuidle-menu-Avoid-discarding-useful-information.patch. - commit c2e3ac6 - Delete patches.suse/cpuidle-governors-menu-Avoid-using-invalid-recent-intervals-data.patch. - commit b1a47b7 - nvme/tcp: handle tls partially sent records in write_space() (git-fixes). - nvme-multipath: Skip nr_active increments in RETRY disposition (git-fixes). - nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk (git-fixes). - commit 4b35633 - ACPI: battery: Add synchronization between interface updates (git-fixes). - locking/mutex: Mark devm_mutex_init() as __must_check (stable-fixes). - ACPI: battery: Check for error code from devm_mutex_init() call (git-fixes). - ACPI: battery: initialize mutexes through devm_ APIs (stable-fixes). - accel/ivpu: Add missing MODULE_FIRMWARE metadata (git-fixes). - locking/mutex: Introduce devm_mutex_init() (stable-fixes). - commit 7bacc8f ++++ libgcrypt: - Fix running the test suite in FIPS mode [bsc#1246934] * Add libgcrypt-fix-pkcs12-test-in-FIPS-mode.patch * Rebase libgcrypt-FIPS-SLI-kdf-leylength.patch ------------------------------------------------------------------ ------------------ 2025-10-27 - Oct 27 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Enable SELinux in default daemon.json config (--selinux-enabled). This has no practical impact on non-SELinux systems. bsc#1252290 ++++ kernel-default: - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (CVE-2025-40000 bsc#1252062). - commit b7a479d - sched/fair: set_load_weight() must also call reweight_task() (git-fixes) - commit b185921 - misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes). - Refresh patches.suse/misc-fastrpc-Skip-reference-for-DMA-handles.patch. - commit b472422 - most: usb: hdm_probe: Fix calling put_device() before device initialization (git-fixes). - most: usb: Fix use-after-free in hdm_disconnect (git-fixes). - misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup (git-fixes). - serial: 8250_dw: handle reset control deassert error (git-fixes). - xhci: dbc: enable back DbC in resume if it was enabled before suspend (git-fixes). - spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes). - net: usb: rtl8150: Fix frame padding (git-fixes). - HID: multitouch: fix name of Stylus input devices (git-fixes). - HID: hid-input: only ignore 0 battery events for digitizers (git-fixes). - r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H (git-fixes). - rtc: interface: Ensure alarm irq is enabled when UIE is enabled (stable-fixes). - rtc: interface: Fix long-standing race when setting alarm (stable-fixes). - PCI: j721e: Fix programming sequence of "strap" settings (git-fixes). - PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release (git-fixes). - PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes). - phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes). - phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling (git-fixes). - phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes). - mtd: rawnand: fsmc: Default to autodetect buswidth (stable-fixes). - wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 (stable-fixes). - media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (git-fixes). - mmc: core: SPI mode remove cmd7 (stable-fixes). - lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older (stable-fixes). - PM: runtime: Add new devm functions (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (stable-fixes). - PCI: Add PCI_VDEVICE_SUB helper macro (stable-fixes). - PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() (stable-fixes). - PCI: j721e: Enable ACSPCIE Refclk if "ti,syscon-acspcie-proxy-ctrl" exists (stable-fixes). - misc: fastrpc: Add missing dev_err newlines (stable-fixes). - commit 9f99f4e - firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode (git-fixes). - drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (git-fixes). - drm/rockchip: vop2: use correct destination rectangle height check (git-fixes). - drm/bridge: lt9211: Drop check for last nibble of version register (git-fixes). - drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes). - drm/amdgpu: use atomic functions with memory barriers for vm fault info (git-fixes). - drm/i915/guc: Skip communication warning on reset in progress (git-fixes). - drm/amd: Check whether secure display TA loaded successfully (stable-fixes). - drm/exynos: exynos7_drm_decon: properly clear channels during bind (stable-fixes). - drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions (stable-fixes). - commit 110d102 - can: netlink: can_changelink(): allow disabling of automatic restart (git-fixes). - can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes). - ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit (git-fixes). - ASoC: nau8821: Generalize helper to clear IRQ status (git-fixes). - ASoC: nau8821: Cancel jdet_work before handling jack ejection (git-fixes). - ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec (git-fixes). - ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card (git-fixes). - ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (git-fixes). - accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() (git-fixes). - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes). - ACPI: property: Add code comments explaining what is going on (stable-fixes). - ACPI: property: Disregard references in data-only subnode lists (stable-fixes). - ACPICA: Allow to skip Global Lock initialization (stable-fixes). - ACPI: battery: allocate driver data through devm_ APIs (stable-fixes). - drm/msm/adreno: De-spaghettify the use of memory barriers (stable-fixes). - commit e53e617 - spi: cadence-quadspi: Implement refcount to handle unbind during busy (CVE-2025-40005 bsc#1252349). - commit 7406f70 ------------------------------------------------------------------ ------------------ 2025-10-26 - Oct 26 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - i40e: fix idx validation in config queues msg (CVE-2025-39971 bsc#1252052) - commit 70699a8 - i40e: fix input validation logic for action_meta (CVE-2025-39970 bsc#1252051) - commit 57401e3 ------------------------------------------------------------------ ------------------ 2025-10-25 - Oct 25 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes) - commit 59db3fb - arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes) - commit da235eb - arm64: cputype: Add Neoverse-V3AE definitions (git-fixes) - commit 5587842 ------------------------------------------------------------------ ------------------ 2025-10-24 - Oct 24 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NFSD: Minor cleanup in layoutcommit processing (git-fixes). - commit baef4e7 - NFSD: Rework encoding and decoding of nfsd4_deviceid (git-fixes). - commit 72f1d28 - hfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp() (git-fixes). - commit a6f88ab - xfs: rename the old_crc variable in xlog_recover_process (git-fixes). - commit 677fb8c ------------------------------------------------------------------ ------------------ 2025-10-23 - Oct 23 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (CVE-2025-39876 bsc#1250400) - commit 137f367 - proc: fix type confusion in pde_set_flags() (bsc#1248630) - commit c6a1bb4 - proc: fix missing pde_set_flags() for net proc files (bsc#1248630) - commit 539da61 - proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CVE-2025-38653 bsc#1248630) - commit bcff9b5 - ovl: fix file reference leak when submitting aio (stable-fixes). - commit 57db5b5 - KVM: x86: Set PVCLOCK_GUEST_STOPPED only for kvmclock, not for Xen PV clock (git-fixes). - commit 85e57cf - KVM: x86: Don't bleed PVCLOCK_GUEST_STOPPED across PV clocks (git-fixes). - commit cd63f69 - KVM: x86: Process "guest stopped request" once per guest time update (git-fixes). - commit 29a55cf - add bug reference to existing hv_netvsc change (bsc#1252265) - commit 95261dd ------------------------------------------------------------------ ------------------ 2025-10-22 - Oct 22 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: SVM: Inject #GP if memory operand for INVPCID is non-canonical (git-fixes). - commit ed9dfb1 - KVM: x86: Clear pv_unhalted on all transitions to KVM_MP_STATE_RUNNABLE (git-fixes). - commit f4d45de - KVM: x86: Introduce kvm_set_mp_state() (git-fixes). - commit 4b1f2ec ++++ gpgme: - Treat empty DISPLAY variable as unset. [bsc#1252425, bsc#1231055] * To avoid gpgme constructing an invalid gpg command line when the DISPLAY variable is empty it can be treated as unset. * Add gpgme-Treat-empty-DISPLAY-variable-as-unset.patch * Reported upstream: dev.gnupg.org/T7919 ------------------------------------------------------------------ ------------------ 2025-10-21 - Oct 21 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NFS: Fix a race when updating an existing write (bsc#1249319 bsc#1252236 CVE-2025-39697). - commit 40cab0c - nfs: Add missing release on error in nfs_lock_and_join_requests() (bsc#1249319 bsc#1252236 CVE-2025-39697). - commit b903556 - nfs: fold nfs_page_group_lock_subrequests into nfs_lock_and_join_requests (bsc#1249319 bsc#1252236 CVE-2025-39697). - commit 13ceff1 - nfs: fold nfs_folio_find_and_lock_request into nfs_lock_and_join_requests (bsc#1249319 bsc#1252236 CVE-2025-39697). - commit 14874ac - nfs: simplify nfs_folio_find_and_lock_request (bsc#1249319 bsc#1252236 CVE-2025-39697). - commit 1b25c26 - nfs: remove nfs_folio_private_request (bsc#1249319 bsc#1252236 CVE-2025-39697). - commit c28ea5d - nfs: remove dead code for the old swap over NFS implementation (bsc#1249319 bsc#1252236 CVE-2025-39697). - Refresh patches.suse/NFS-fix-nfs_release_folio-to-not-deadlock-via-kcompa.patch. - commit e7a5c52 - kABI fix for KVM: x86: Snapshot the host's DEBUGCTL in common x86 (git-fixes). - commit 0bb2570 - overlayfs: set ctime when setting mtime and atime (stable-fixes). - ovl: fix incorrect fdput() on aio completion (stable-fixes). - ovl: Always reevaluate the file signature for IMA (stable-fixes). - commit 4cfc4ed - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (CVE-2025-39911 bsc#1250704) - commit 627f938 - sched: Fix sched_numa_find_nth_cpu() if mask offline (CVE-2025-39895 bsc#1250721) - commit 581de7a - sctp: initialize more fields in sctp_v6_from_sk() (CVE-2025-39812 bsc#1250202) - commit 56a7db3 ++++ sqlite3: - bsc#1252217: Add a %license file. ------------------------------------------------------------------ ------------------ 2025-10-20 - Oct 20 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702 bsc#1249317) - commit 3d85c5c - sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718 bsc#1249161) - commit 0083867 - scsi: qla4xxx: Prevent a potential error pointer dereference (CVE-2025-39676 bsc#1249302) - commit a3b8686 - net: usb: lan78xx: Add error handling to lan78xx_init_mac_address (git-fixes). - commit f1ec116 - net/mlx5e: Harden uplink netdev access against device unbind (CVE-2025-39947 bsc#1251232). - commit d4278a0 - KVM: x86: Snapshot the host's DEBUGCTL after disabling IRQs (git-fixes). - commit 09e399f - KVM: x86: Bypass register cache when querying CPL from kvm_sched_out() (git-fixes). - commit 27a06fc - net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset (git-fixes). - commit ad26239 - r8152: add error handling in rtl8152_driver_init (git-fixes). - commit db73d98 - usbnet: Fix using smp_processor_id() in preemptible code warnings (git-fixes). - commit b2c518b - config.sh: Update IBS project - commit f8ef735 - cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes). - commit 149500a - cpuidle: governors: menu: Avoid using invalid recent intervals data (git-fixes). - commit a4ef664 - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() (git-fixes). - commit baddd40 - selftests/bpf: Fix backtrace printing for selftests crashes (git-fixes). - commit 63e24c4 - tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes). - commit f4f0a36 - samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes). - commit fa036e9 - selftests/bpf: Fix cross-compiling urandom_read (git-fixes). - commit d19eec5 - selftests/bpf: Fix compile if backtrace support missing in libc (git-fixes). - commit 3353a4b - selftests/bpf: Fix redefinition errors compiling lwt_reroute.c (git-fixes). - commit b5270ce - selftests/bpf: Fix C++ compile error from missing _Bool type (git-fixes). - commit 736692a - selftests/bpf: Fix error compiling test_lru_map.c (git-fixes). - commit 8aa3099 - selftests/bpf: Fix compile error from rlim_t in sk_storage_map.c (git-fixes). - commit 35f5a49 ------------------------------------------------------------------ ------------------ 2025-10-19 - Oct 19 2025 ------------------- ------------------------------------------------------------------ ++++ util-linux-systemd: - lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682, util-linux-lscpu-add-arm64-NVIDIA-Olympus.patch). ++++ util-linux: - lscpu: Add support for NVIDIA Olympus arm64 core (jsc#PED-13682, util-linux-lscpu-add-arm64-NVIDIA-Olympus.patch). ------------------------------------------------------------------ ------------------ 2025-10-17 - Oct 17 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - perf/core: Fix the WARN_ON_ONCE is out of lock protected region (git-fixes). - perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes). - perf/x86: Fix non-sampling (counting) events on certain x86 platforms (git-fixes). - commit 814983a - doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT The character was previously 'N', but upstream used it for TAINT_TEST, which prompted the change of TAINT_NO_SUPPORT to 'n'. This occurred in commit c35dc3823d08 ("Update to 6.0-rc1") on master and in d016c04d731d ("Bump to 6.4 kernel (jsc#PED-4593)") for SLE15-SP6 (and onwards). Update the documentation to reflect this change. - commit f42ecf5 - ACPI: property: Do not pass NULL handles to acpi_attach_data() (stable-fixes git-fixes). - commit 19fb175 - ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes). - commit d0f4111 - cpufreq: CPPC: fix perf_to_khz/khz_to_perf conversion exception (git-fixes). - commit 59c2171 - ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes). - commit 793bb70 - cpuidle: qcom-spm: fix device and OF node leaks at probe (git-fixes). - commit 39be628 - cpuidle: menu: Avoid discarding useful information (stable-fixes). - commit b136410 - cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes). - commit e1cfca8 - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes). - commit 8b10f36 - cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes git-fixes). - commit 3e7dc0b - cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs (stable-fixes). - commit 2dde40f - tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650). - skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650). - commit 5925a0e - sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517). - Update config files. - commit 1a58311 - x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517). - Refresh patches.suse/x86-tdx-Fix-arch_safe_halt-execution-for-TDX-VMs.patch. - commit be42a2d ++++ freetype2: - package FTL.TXT and GPLv2.TXT [bsc#1252148] ------------------------------------------------------------------ ------------------ 2025-10-16 - Oct 16 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - perf/aux: Fix pending disable flow when the AUX ring buffer overruns (git-fixes). - perf/core: Fix WARN in perf_cgroup_switch() (git-fixes). - perf: Fix cgroup state vs ERROR (git-fixes). - perf/core: Fix broken throttling when max_samples_per_tick=1 (git-fixes). - perf: Ensure bpf_perf_link path is properly serialized (git-fixes). - perf/x86/intel: Only check the group flag for X86 leader (git-fixes). - perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes). - perf/x86/intel/uncore: Fix the scale of IIO free running counters on SPR (git-fixes). - perf/x86/intel/uncore: Fix the scale of IIO free running counters on ICX (git-fixes). - perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (git-fixes). - perf/core: Fix child_total_time_enabled accounting bug at task exit (git-fixes). - perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (git-fixes). - perf/bpf: Robustify perf_event_free_bpf_prog() (git-fixes). - perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type (git-fixes). - perf/x86/intel: Avoid disable PMU if !cpuc->enabled in sample read (git-fixes). - perf/x86/intel: Apply static call for drain_pebs (git-fixes). - perf/amd/ibs: Fix perf_ibs_op.cnt_mask for CurCnt (git-fixes). - perf/amd/ibs: Fix ->config to sample period calculation for OP PMU (git-fixes). - perf/core: Fix pmus_lock vs. pmus_srcu ordering (git-fixes). - perf/x86/intel: Use better start period for frequency mode (git-fixes). - perf/core: Fix low freq setting via IOC_PERIOD (git-fixes). - perf/x86: Fix low freqency setting issue (git-fixes). - perf/x86/intel/ds: Unconditionally drain PEBS DS when changing PEBS_DATA_CFG (git-fixes). - perf/x86/amd: Warn only on new bits set (git-fixes). - s390: Initialize psw mask in perf_arch_fetch_caller_regs() (git-fixes). - perf/core: Fix small negative period being ignored (git-fixes). - perf: Extract a few helpers (git-fixes). - perf/x86/intel/pt: Fix sampling synchronization (git-fixes). - perf/x86/intel: Allow to setup LBR for counting event for BPF (git-fixes). - drivers/perf: arm_spe: Use perf_allow_kernel() for permissions (git-fixes). - perf/amd: Prevent grouping of IBS events (git-fixes). - commit 76eb280 - tls: make sure to abort the stream if headers are bogus (CVE-2025-39946 bsc#1251114). - commit d62deaa - selftests/bpf: Fix error compiling tc_redirect.c with musl libc (git-fixes). - commit b2a359c - selftests/bpf: Fix errors compiling cg_storage_multi.h with musl libc (git-fixes). - commit 799529b - selftests/bpf: Fix errors compiling decap_sanity.c with musl libc (git-fixes). - commit f14b275 - selftests/bpf: Fix errors compiling lwt_redirect.c with musl libc (git-fixes). - commit 498999e - selftests/bpf: Fix compiling core_reloc.c with musl-libc (git-fixes). - commit eb3a7bd - selftests/bpf: Fix compiling tcp_rtt.c with musl-libc (git-fixes). - commit 109e7cc - selftests/bpf: Fix compiling flow_dissector.c with musl-libc (git-fixes). - commit 9b43d04 - selftests/bpf: Fix compiling kfree_skb.c with musl-libc (git-fixes). - commit 442e8bf - selftests/bpf: Fix compiling parse_tcp_hdr_opt.c with musl-libc (git-fixes). - commit 1f65169 - selftests/bpf: Fix error compiling bpf_iter_setsockopt.c with musl libc (git-fixes). - commit 7613608 - selftests/bpf: Add test for unpinning htab with internal timer struct (git-fixes). - commit 8a1df26 - bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes). - commit 73d4d2d - bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes). - commit 1a82fe5 ++++ libsoup: - Update libsoup-CVE-2025-11021.patch: Add NULL check for soup_date_time_to_string() (bsc#1250562, CVE-2025-11021, glgo#GNOME/libsoup!483). ++++ nvidia-open-driver-G06-signed: - renamed check to %name-check package ++++ runc: [ This update was only released for SLE 12 and 15. ] - Backport patches for three CVEs. All three vulnerabilities ultimately allow (through different methods) for full container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files. bsc#1252232 * CVE-2025-31133 * CVE-2025-52565 * CVE-2025-52881 + 2025-11-05-CVEs.patch ------------------------------------------------------------------ ------------------ 2025-10-15 - Oct 15 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kabi: hide new member allow_subflows in struct mptcp_sock (CVE-2025-38552 bsc#1248230). - commit f51a25e - mptcp: plug races between subflow fail and subflow creation (CVE-2025-38552 bsc#1248230). - Refresh patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch. (also delete outdated part of a comment) - commit fdbbed8 - Update patches.suse/ALSA-ac97-Fix-possible-NULL-dereference-in-snd_.patch (bsc#1012628 CVE-2023-53648 bsc#1251750). - Update patches.suse/ASoC-codecs-wcd938x-fix-missing-mbhc-init-error.patch (bsc#1012628 CVE-2023-53666 bsc#1251760). - Update patches.suse/ASoC-qcom-q6apm-lpass-dais-Fix-NULL-pointer-derefere.patch (git-fixes CVE-2025-39938 bsc#1251134). - Update patches.suse/Bluetooth-hci_event-call-disconnect-callback-be.patch (bsc#1012628 CVE-2023-53673 bsc#1251763). - Update patches.suse/HID-hyperv-avoid-struct-memcpy-overrun-warning.patch (bsc#1012628 CVE-2023-53553 bsc#1251068). - Update patches.suse/KVM-nSVM-Check-instead-of-asserting-on-nested-TSC-sc.patch (git-fixes CVE-2023-53663 bsc#1251290). - Update patches.suse/RDMA-rxe-Fix-incomplete-state-save-in-rxe_requester.patch (git-fixes CVE-2023-53539 bsc#1251060). - Update patches.suse/USB-Gadget-core-Help-prevent-panic-during-UVC-.patch (bsc#1012628 CVE-2023-53580 bsc#1251105). - Update patches.suse/accel-qaic-Fix-a-leak-in-map_user_pages.patch (bsc#1012628 CVE-2023-53633 bsc#1251746). - Update patches.suse/bcache-Fix-__bch_btree_node_alloc-to-make-the-f.patch (bsc#1012628 CVE-2023-53681 bsc#1251769). - Update patches.suse/bonding-do-not-assume-skb-mac_header-is-set.patch (bsc#1012628 CVE-2023-53601 bsc#1251153). - Update patches.suse/bpf-Make-bpf_refcount_acquire-fallible-for-non-.patch (bsc#1012628 CVE-2023-53645 bsc#1251321). - Update patches.suse/bpf-cpumap-Handle-skb-as-well-when-clean-up-pt.patch (bsc#1012628 CVE-2023-53660 bsc#1251721). - Update patches.suse/bpf-cpumap-Make-sure-kthread-is-running-before.patch (bsc#1012628 CVE-2023-53577 bsc#1251028). - Update patches.suse/bpf-reject-unhashed-sockets-in-bpf_sk_assign.patch (jsc#PED-6811 CVE-2023-53585 bsc#1251126). - Update patches.suse/btrfs-insert-tree-mod-log-move-in-push_node_lef.patch (bsc#1012628 CVE-2023-53538 bsc#1251024). - Update patches.suse/btrfs-output-extra-debug-info-if-we-failed-to-find-a.patch (git-fixes CVE-2023-53672 bsc#1251780). - Update patches.suse/btrfs-reject-invalid-reloc-tree-root-keys-with.patch (bsc#1012628 CVE-2023-53618 bsc#1251748). - Update patches.suse/cifs-Release-folio-lock-on-fscache-read-hit.patch (bsc#1012628 CVE-2023-53593 bsc#1251132). - Update patches.suse/cifs-fix-mid-leak-during-reconnection-after-tim.patch (bsc#1012628 CVE-2023-53597 bsc#1251159). - Update patches.suse/clk-Fix-memory-leak-in-devm_clk_notifier_regist.patch (bsc#1012628 CVE-2023-53674 bsc#1251764). - Update patches.suse/clk-imx-scu-use-_safe-list-iterator-to-avoid-a-.patch (bsc#1012628 CVE-2023-53572 bsc#1251027). - Update patches.suse/cpufreq-amd-pstate-fix-global-sysfs-attribute-.patch (bsc#1012628 CVE-2023-53550 bsc#1251071). - Update patches.suse/cpufreq-amd-pstate-ut-Fix-kernel-panic-when-loading-.patch (git-fixes CVE-2023-53563 bsc#1251038). - Update patches.suse/crypto-af_alg-Fix-missing-initialisation-affecting-g.patch (bsc#1216396 CVE-2023-53599 bsc#1251150). - Update patches.suse/crypto-af_alg-Set-merge-to-zero-early-in-af_alg_send.patch (git-fixes CVE-2025-39931 bsc#1251100). - Update patches.suse/dax-Fix-dax_mapping_release-use-after-free.patch (bsc#1012628 CVE-2023-53613 bsc#1251119). - Update patches.suse/drivers-base-Free-devm-resources-when-unregistering-.patch (jsc#PED-6054 CVE-2023-53596 bsc#1251161). - Update patches.suse/drivers-perf-hisi-Don-t-migrate-perf-to-the-CPU.patch (bsc#1012628 CVE-2023-53656 bsc#1251758). - Update patches.suse/drm-amdgpu-unmap-and-remove-csa_va-properly.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53545 bsc#1251084). - Update patches.suse/drm-bridge-anx7625-Fix-NULL-pointer-dereference-with.patch (git-fixes CVE-2025-39934 bsc#1251146). - Update patches.suse/drm-i915-mark-requests-for-GuC-virtual-engines-to-av.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53552 bsc#1251065). - Update patches.suse/drm-i915-perf-add-sentinel-to-xehp_oa_b_counter.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53646 bsc#1251742). - Update patches.suse/ext4-fix-memory-leaks-in-ext4_fname_-setup_filename-.patch (bsc#1214954 CVE-2023-53662 bsc#1251282). - Update patches.suse/fbdev-omapfb-lcd_mipid-Fix-an-error-handling-pa.patch (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 CVE-2023-53650 bsc#1251283). - Update patches.suse/fprobe-Release-rethook-after-the-ftrace_ops-is-.patch (bsc#1012628 CVE-2023-53557 bsc#1251054). - Update patches.suse/gfs2-Fix-possible-data-races-in-gfs2_show_opti.patch (bsc#1012628 CVE-2023-53622 bsc#1251777). - Update patches.suse/gpio-mvebu-fix-irq-domain-leak.patch (bsc#1012628 CVE-2023-53579 bsc#1251170). - Update patches.suse/iavf-Fix-out-of-bounds-when-setting-channels-on.patch (bsc#1012628 CVE-2023-53659 bsc#1251247). - Update patches.suse/iavf-Fix-use-after-free-in-free_netdev.patch (bsc#1012628 CVE-2023-53556 bsc#1251059). - Update patches.suse/ice-Don-t-tx-before-switchdev-is-fully-configured.patch (jsc#PED-4876 CVE-2023-53657 bsc#1251319). - Update patches.suse/ip_vti-fix-potential-slab-use-after-free-in-de.patch (bsc#1012628 CVE-2023-53559 bsc#1251052). - Update patches.suse/ipmi_si-fix-a-memleak-in-try_smi_init.patch (git-fixes CVE-2023-53611 bsc#1251123). - Update patches.suse/jfs-fix-invalid-free-of-JFS_IP-ipimap-i_imap-in-diUnmount.patch (git-fixes CVE-2023-53616 bsc#1251215). - Update patches.suse/md-don-t-dereference-mddev-after-export_rdev-7dea.patch (jsc#PED-7542 CVE-2023-53665 bsc#1251270). - Update patches.suse/media-amphion-fix-REVERSE_INULL-issues-reported-by-c.patch (git-fixes CVE-2023-53653 bsc#1251755). - Update patches.suse/memcontrol-ensure-memcg-acquired-by-id-is-properly-s.patch (git-fixes CVE-2023-53621 bsc#1251323). - Update patches.suse/mm-damon-core-initialize-damo_filter-list-from.patch (bsc#1012628 CVE-2023-53555 bsc#1251056). - Update patches.suse/msft-hv-2870-Drivers-hv-vmbus-Don-t-dereference-ACPI-root-object-.patch (git-fixes CVE-2023-53647 bsc#1251732). - Update patches.suse/mtd-rawnand-brcmnand-Fix-potential-out-of-bounds-acc.patch (git-fixes CVE-2023-53541 bsc#1251043). - Update patches.suse/net-handshake-fix-null-ptr-deref-in-handshake_nl_don.patch (bsc#1220419 CVE-2023-53686 bsc#1251771). - Update patches.suse/net-mlx5-DR-fix-memory-leak-in-mlx5dr_cmd_crea.patch (bsc#1012628 CVE-2023-53546 bsc#1251079). - Update patches.suse/net-mlx5e-Check-for-NOT_READY-flag-state-after-.patch (bsc#1012628 CVE-2023-53581 bsc#1251106). - Update patches.suse/net-mlx5e-Take-RTNL-lock-when-needed-before-ca.patch (bsc#1012628 CVE-2023-53632 bsc#1251269). - Update patches.suse/net-rfkill-gpio-Fix-crash-due-to-dereferencering-uni.patch (git-fixes CVE-2025-39937 bsc#1251143). - Update patches.suse/net-usbnet-Fix-WARNING-in-usbnet_start_xmit-us.patch (bsc#1012628 CVE-2023-53548 bsc#1251066). - Update patches.suse/netfilter-conntrack-Avoid-nf_ct_helper_hash-use.patch (bsc#1012628 CVE-2023-53619 bsc#1251743). - Update patches.suse/nvme-core-fix-dev_pm_qos-memleak.patch (bsc#1012628 CVE-2023-53670 bsc#1251762). - Update patches.suse/octeon_ep-cancel-queued-works-in-probe-error-p.patch (bsc#1012628 CVE-2023-53638 bsc#1251328). - Update patches.suse/octeontx2-af-Add-validation-before-accessing-cg.patch (bsc#1012628 CVE-2023-53654 bsc#1251756). - Update patches.suse/perf-RISC-V-Remove-PERF_HES_STOPPED-flag-checki.patch (bsc#1012628 CVE-2023-53583 bsc#1251108). - Update patches.suse/perf-trace-Really-free-the-evsel-priv-area.patch (perf-v6.7 (jsc#PED-6012 jsc#PED-6121) CVE-2023-53649 bsc#1251749). - Update patches.suse/platform-x86-dell-sysman-Fix-reference-leak.patch (git-fixes CVE-2023-53631 bsc#1251529). - Update patches.suse/rcu-tasks-Avoid-pr_info-with-spin-lock-in-cblis.patch (bsc#1012628 CVE-2023-53558 bsc#1251081). - Update patches.suse/ring-buffer-Fix-deadloop-issue-on-reading-trace.patch (bsc#1012628 CVE-2023-53668 bsc#1251286). - Update patches.suse/s390-zcrypt-don-t-leak-memory-if-dev_set_name-fails.patch (git-fixes bsc#1215143 CVE-2023-53568 bsc#1251035). - Update patches.suse/scsi-qla2xxx-Avoid-fcport-pointer-dereference.patch (bsc#1012628 CVE-2023-53603 bsc#1251180). - Update patches.suse/scsi-qla2xxx-Fix-deletion-race-condition.patch (git-fixes CVE-2023-53615 bsc#1251113). - Update patches.suse/soc-aspeed-socinfo-Add-kfree-for-kstrdup.patch (bsc#1012628 CVE-2023-53617 bsc#1251268). - Update patches.suse/spi-bcm-qspi-return-error-if-neither-hif_mspi-n.patch (bsc#1012628 CVE-2023-53658 bsc#1251759). - Update patches.suse/staging-ks7010-potential-buffer-overflow-in-ks_.patch (bsc#1012628 CVE-2023-53554 bsc#1251057). - Update patches.suse/tracing-histograms-Add-histograms-to-hist_vars-.patch (bsc#1012628 CVE-2023-53560 bsc#1251045). - Update patches.suse/tty-serial-samsung_tty-Fix-a-memory-leak-in-s3c-832e231.patch (bsc#1012628 CVE-2023-53687 bsc#1251772). - Update patches.suse/tunnels-fix-kasan-splat-when-generating-ipv4-p.patch (bsc#1012628 CVE-2023-53600 bsc#1251152). - Update patches.suse/vdpa-Add-features-attr-to-vdpa_nl_policy-for-n.patch (bsc#1012628 CVE-2023-53652 bsc#1251754). - Update patches.suse/vdpa-Add-max-vqp-attr-to-vdpa_nl_policy-for-nl.patch (bsc#1012628 CVE-2023-53543 bsc#1251083). - Update patches.suse/wifi-ath11k-fix-memory-leak-in-WMI-firmware-sta.patch (bsc#1012628 CVE-2023-53602 bsc#1251076). - Update patches.suse/wifi-cfg80211-reject-auth-assoc-to-AP-with-our-addre.patch (git-fixes CVE-2023-53540 bsc#1251053). - Update patches.suse/wifi-iwlwifi-mvm-fix-potential-array-out-of-bou.patch (bsc#1012628 CVE-2023-53575 bsc#1251067). - Update patches.suse/wifi-mac80211-check-for-station-first-in-client-prob.patch (git-fixes CVE-2023-53588 bsc#1251206). - Update patches.suse/wifi-mac80211-increase-scan_ies_len-for-S1G.patch (stable-fixes CVE-2025-39957 bsc#1251810). - Update patches.suse/wifi-nl80211-fix-integer-overflow-in-nl80211_p.patch (bsc#1012628 CVE-2023-53570 bsc#1251031). - Update patches.suse/wifi-rtw88-delete-timer-and-free-skb-queue-when-unlo.patch (git-fixes CVE-2023-53574 bsc#1251222). - Update patches.suse/wifi-wilc1000-avoid-buffer-overflow-in-WID-string-co.patch (stable-fixes CVE-2025-39952 bsc#1251216). - commit 56ea93d - iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes). - iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes). - commit 9da1184 - mm/page_alloc: fix race condition in unaccepted memory handling (CVE-2025-38008 bsc#1244939). - commit b445cb1 - mm/slub: avoid accessing metadata when pointer is invalid in object_err() (CVE-2025-39902 bsc#1250702). - commit 46c39b3 - NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes). - commit b115f79 - tracing: Fix filter string testing (git-fixes). - commit 864d37b - selftests/tracing: Fix event filter test to retry up to 10 times (git-fixes). - commit a9de969 - tracing/selftests: Fix kprobe event name test for .isra. functions (git-fixes). - commit 6a094d4 - bpf: Check link_create.flags parameter for multi_kprobe (git-fixes). - commit 0e75825 - bpf: Check link_create.flags parameter for multi_uprobe (git-fixes). - commit 10550c7 - ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes). - commit 9288055 - bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes). - commit 9258f2a - tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes). - commit 6e8ac35 - module: Prevent silent truncation of module name in delete_module(2) (git-fixes). - commit 44dc7b7 - tracing: Add down_write(trace_event_sem) when adding trace event (bsc#1248211 CVE-2025-38539). - commit b1816b0 - tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286 CVE-2025-39683). - tracing: Remove unneeded goto out logic (bsc#1249286). - commit 8eaad3a ++++ libxslt: - security update - added patches CVE-2025-11731 [bsc#1251979], type confusion in exsltFuncResultCompfunction leading to denial of service * libxslt-CVE-2025-11731.patch ++++ python311-core: - Update to 3.11.14: - Security - gh-139700: Check consistency of the zip64 end of central directory record. Support records with “zip64 extensible data” if there are no bytes prepended to the ZIP file (CVE-2025-8291, bsc#1251305). - gh-139400: xml.parsers.expat: Make sure that parent Expat parsers are only garbage-collected once they are no longer referenced by subparsers created by ExternalEntityParserCreate(). Patch by Sebastian Pipping. - gh-135661: Fix parsing start and end tags in html.parser.HTMLParser according to the HTML5 standard. * Whitespaces no longer accepted between does not end the script section. * Vertical tabulation (\v) and non-ASCII whitespaces no longer recognized as whitespaces. The only whitespaces are \t\n\r\f and space. * Null character (U+0000) no longer ends the tag name. * Attributes and slashes after the tag name in end tags are now ignored, instead of terminating after the first > in quoted attribute value. E.g. . * Multiple slashes and whitespaces between the last attribute and closing > are now ignored in both start and end tags. E.g. . * Multiple = between attribute name and value are no longer collapsed. E.g. produces attribute “foo” with value “=bar”. - gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to the HTML5 standard: ] ]> and ]] > no longer end the CDATA section. Add private method _set_support_cdata() which can be used to specify how to parse <[CDATA[ — as a CDATA section in foreign content (SVG or MathML) or as a bogus comment in the HTML namespace. - gh-102555: Fix comment parsing in html.parser.HTMLParser according to the HTML5 standard. --!> now ends the comment. -- > no longer ends the comment. Support abnormally ended empty comments <--> and <--->. - gh-135462: Fix quadratic complexity in processing specially crafted input in html.parser.HTMLParser. End-of-file errors are now handled according to the HTML5 specs – comments and declarations are automatically closed, tags are ignored. - gh-118350: Fix support of escapable raw text mode (elements “textarea” and “title”) in html.parser.HTMLParser. - gh-86155: html.parser.HTMLParser.close() no longer loses data when the . * Multiple slashes and whitespaces between the last attribute and closing > are now ignored in both start and end tags. E.g. . * Multiple = between attribute name and value are no longer collapsed. E.g. produces attribute “foo” with value “=bar”. - gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to the HTML5 standard: ] ]> and ]] > no longer end the CDATA section. Add private method _set_support_cdata() which can be used to specify how to parse <[CDATA[ — as a CDATA section in foreign content (SVG or MathML) or as a bogus comment in the HTML namespace. - gh-102555: Fix comment parsing in html.parser.HTMLParser according to the HTML5 standard. --!> now ends the comment. -- > no longer ends the comment. Support abnormally ended empty comments <--> and <--->. - gh-135462: Fix quadratic complexity in processing specially crafted input in html.parser.HTMLParser. End-of-file errors are now handled according to the HTML5 specs – comments and declarations are automatically closed, tags are ignored. - gh-118350: Fix support of escapable raw text mode (elements “textarea” and “title”) in html.parser.HTMLParser. - gh-86155: html.parser.HTMLParser.close() no longer loses data when the