Removed rpms ============ - adjtimex - dbus-1-glib - dbus-1-glib-tool - google-croscore-fonts - libavif13 - libcbor0 - libcpupower0 - libhugetlbfs - libhunspell-1_6-0 - libmariadb3 - libprotobuf20 - librav1e0 - noto-arimo-fonts - noto-cousine-fonts - noto-tinos-fonts - openssl-1_1 - python3-bind - python3-ply - wsdd Added rpms ========== - cpupower-bash-completion - cpupower-lang - libabsl2308_0_0 - libavif16 - libbpf1 - libcbor0_10 - libcpupower1 - libdav1d6 - libdbus-glib-1-2 - libhunspell-1_7-0 - libopenssl3 - libprotobuf25_1_0 - librav1e0_6 - libvulkan1 - openssl - openssl-3 Package Source Changes ====================== Mesa +- Update to bugfix release 23.3.4 + - -> https://docs.mesa3d.org/relnotes/23.3.4.html + +- split python36-buildfix.patch into two patches python36-buildfix1.patch + and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6 + since on newer python releases than 3.6 it changes behaviour to + remove required=True option + +- python36-buildfix.patch + * src/freedreno/registers/gen_header.py: hopefully fixes aarch64 + build + +- u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch + u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch + python36-buildfix.patch + * fixes build against python 3.6 + +- let Mesa-dri require libvulkan1 to get zink/swrast driver + fallbacks working (hopefully); probably related: + https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed1372cda6a7b55d964d + +- Update to bugfix release 23.3.3 + - -> https://docs.mesa3d.org/relnotes/23.3.3.html + +- Update to bugfix release 23.3.2 + - -> https://docs.mesa3d.org/relnotes/23.3.2.html + +- Update to version 23.3.0: + * It includes NVK, a new reverse-engineered Vulkan driver for + Nvidia hardware. This driver is still in experimental phase, + not quite ready for prime time yet, but adventurous users can + give it a go! + * New extensions & features (in no particular order): + - VK_EXT_pipeline_robustness on ANV + - VK_KHR_maintenance5 on RADV + - OpenGL ES 3.1 on Asahi + - GL_ARB_compute_shader on Asahi + - GL_ARB_shader_atomic_counters on Asahi + - GL_ARB_shader_image_load_store on Asahi + - GL_ARB_shader_image_size on Asahi + - GL_ARB_shader_storage_buffer_object on Asahi + - GL_ARB_sample_shading on Asahi + - GL_OES_sample_variables on Asahi + - GL_OES_shader_multisample_interpolation on Asahi + - GL_OES_gpu_shader5 on Asahi + - EGL_ANDROID_blob_cache works when disk caching is disabled + - VK_KHR_cooperative_matrix on RADV/GFX11+ +- Drop patches fixed upstream: + * U_clover-llvm-move-to-modern-pass-manager.patch + * U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch +- Refresh patches with quilt. +- Use %patch -p N instead of deprecated %patchN. + Mesa:drivers +- Update to bugfix release 23.3.4 + - -> https://docs.mesa3d.org/relnotes/23.3.4.html + +- split python36-buildfix.patch into two patches python36-buildfix1.patch + and python36-buildfix2.patch; apply the latter only on sle15-sp6/Leap 15.6 + since on newer python releases than 3.6 it changes behaviour to + remove required=True option + +- python36-buildfix.patch + * src/freedreno/registers/gen_header.py: hopefully fixes aarch64 + build + +- u_0001-intel-genxml-Drop-from-__future__-import-annotations.patch + u_0002-intel-genxml-Add-a-untyped-OrderedDict-fallback-for-.patch + python36-buildfix.patch + * fixes build against python 3.6 + +- let Mesa-dri require libvulkan1 to get zink/swrast driver + fallbacks working (hopefully); probably related: + https://gitlab.freedesktop.org/mesa/mesa/-/commit/2a71f06f2938678d89d5ed1372cda6a7b55d964d + +- Update to bugfix release 23.3.3 + - -> https://docs.mesa3d.org/relnotes/23.3.3.html + +- Update to bugfix release 23.3.2 + - -> https://docs.mesa3d.org/relnotes/23.3.2.html + +- Update to version 23.3.0: + * It includes NVK, a new reverse-engineered Vulkan driver for + Nvidia hardware. This driver is still in experimental phase, + not quite ready for prime time yet, but adventurous users can + give it a go! + * New extensions & features (in no particular order): + - VK_EXT_pipeline_robustness on ANV + - VK_KHR_maintenance5 on RADV + - OpenGL ES 3.1 on Asahi + - GL_ARB_compute_shader on Asahi + - GL_ARB_shader_atomic_counters on Asahi + - GL_ARB_shader_image_load_store on Asahi + - GL_ARB_shader_image_size on Asahi + - GL_ARB_shader_storage_buffer_object on Asahi + - GL_ARB_sample_shading on Asahi + - GL_OES_sample_variables on Asahi + - GL_OES_shader_multisample_interpolation on Asahi + - GL_OES_gpu_shader5 on Asahi + - EGL_ANDROID_blob_cache works when disk caching is disabled + - VK_KHR_cooperative_matrix on RADV/GFX11+ +- Drop patches fixed upstream: + * U_clover-llvm-move-to-modern-pass-manager.patch + * U_radeonsi-prefix-function-with-si_-to-prevent-name-co.patch +- Refresh patches with quilt. +- Use %patch -p N instead of deprecated %patchN. + ModemManager +- Add explicit /usr/bin/dbus-daemon BuildRequires: Needed for + tests. + +- Update to version 1.20.6: + + build: New build option to allow disabling the installation of + examples. + + core: + - Fix crash when uninhibiting partially removed device. + - Fix crash when attempting to load an invalid shared utils + library. + + mmcli: + - Allow JSON and key/value output when creating SMS messages. + - Improved JSON output in network scan results. + + libmm-glib: + - Avoid using g_time_zone_new_offset() unless glib >= 2.58. + - Fix flags to string conversion utils to allow multiple flags. + + MBIM: + - Reset cached SIM info when SIM is unlocked. + - Fix synchronizing the state of the SIM hot swap configured + flag. + - Fix bug cleaning up the LTE attach info unsolicited message + handler. + - Fallback from QMI UIM service only if unsupported. + - Add missing support for 'emergency' APN type. + + QMI: + - Fix processing and exposing PCOs. + - Fix power up on modems that don't support power state change + indications. + + plugins: + - telit: + . add additional support for 5G modems. + . added port type hints for FN990 0x1070, 0x1071 + compositions. + . increase allowed initial delay in AT ports. + . fallback to AT commands if loading revision via MBIM fails. + - quectel: add support for EC21-EUX usb modules. + - xmm: fix crash parsing XACT? response. +- Changes from version 1.20.4: + + build: + - Don't hardcode building shared libraries, so that meson's + default_library option can be used properly, + - po: Added missing Georgian translation in LINGUAS. + + QMI: + - Fixed loading NR5G signal info. + - Fixed memory leaks when processing signal info. + - Correctly scaled the SNR value reported in NR5G. + - Fixed invalid use-after-free actions due to improper handling + of proxy removal events. + + MBIM: + - Fixed processing MbimSmsStatusFlag as flags, not as an enum. + - Fixed invalid use-after-free actions due to improper handling + of proxy removal events. + - Chained up device notifications through the MMPortMbim + object. + + Messaging: Allowed Delete operation during enabling/disabling. + + Core: Don't assume port tables always exist so that + long-standing operations holding an object reference can finish + cleanly even after the initial object disposal has already been + run. + + plugins: + - quectel: added new firehose/sahara support udev tags in new + models. + - broadmobi: added MM_PLUGIN_REQUIRED_QCDM flag. + - cinterion: + . added a delay to the ^SWWAN? command. + . added retry mechanism to the ^SWWAN? command. +- Changes from version 1.20.2: + + build: + - Fixed building without MBIM support. + - Fixed building without tests support. + - Disabled test interface in base manager if building without + tests. + - Updated intel plugin dependencies to require XMM shared + utils. + - Fixed templates to make build reproducible. + + FCC unlock: Updated shell scripts to avoid requiring bash. + + MBIM: + - Ignored SIM related indications during a SIM slot switch + operation. + - Updated capabilities loading to use Microsoft Extensions if + available. + - Updated supported modes loading to use the CustomDataClass + field contents. + + SIM: Fixed length when reading GID1/GID2 using AT commands. + + Several other minor improvements and fixes. +- Changes from version 1.20.0: + + API: + - New 'Modem.Sar' interface to allow the host to manage the SAR + power level. + - New 'Modem.GetCellInfo()' method, that allows querying + information about the current serving and neighboring cells. + Currently including 'cell-type' and 'serving' fields for all + cell types, plus additional type-specific fields: + . CDMA: 'nid', 'sid', 'base-station-id', 'ref-pn' and + 'pilot-strength'. + . GSM: 'operator-id', 'lac', 'ci', 'timing-advance', 'arfcn', + 'base-station-id' and 'rx-level'. + . UMTS: 'operator-id', 'lac', 'ci', 'frequency-fdd-ul', + 'frequency-fdd-dl', 'frequency-tdd', 'uarfcn', 'psc', + 'rscp', 'ecio' and 'path-loss'. + . TDSCDMA: 'operator-id', 'lac', 'ci', 'uarfcn', + 'cell-parameter-id', 'timing-advance', 'rscp' and + 'path-loss'. + . LTE: 'operator-id', 'tac', 'ci', 'physical-ci', 'earfcn', + 'rsrp', 'rsrq' and 'timing-advance'. + . 5GNR: 'operator-id', 'tac', 'ci', 'physical-ci', 'nrarfcn', + 'rsrp', 'rsrq', 'sinr' and 'timing-advance'. + - New 'access-type-preference', 'roaming-allowance', + 'profile-name', 'profile-enabled' and 'profile-source' + fields in the 'Bearer.Properties' property, that can also be + used in both 'Modem.Simple.Connect()' and + 'Modem.CreateBearer()'. + - New 'Modem.Modem3gpp.SetPacketServiceState()' method and + 'Modem.Modem3gpp.PacketServiceState' property, which allow + management the explicit attach or detach to packet service on + the current registered network. + - New 'Modem.Modem3gpp.SetNr5gRegistrationSettings()' method + and 'Modem.Modem3gpp.Nr5gRegistrationSettings' property, to + allow management of 5G specific settings like 'mico-mode' or + 'drx-cycle'. + - New 'start-date', 'uplink-speed' and 'downlnk-speed' fields + in the 'Bearer.Stats' property. + - New 'Bearer.ReloadStatsSupported' property to indicate + whether reloading ongoing stats is supported or not. + - New 'Modem.Modem3gppProfileManager.IndexField' property, to + indicate which field is to be used as unique index in the + profile management operations. + - New 'Sim.SimType', 'Sim.EsimStatus' and 'Sim.Removability' + properties to improve the management of eSIM related + operations. + - New 'Sim.Gid1' and 'Sim.Gid2' properties, which allow + identifying SIM cards that should have different settings + applied. + - New 'Modem.Signal.SetupThresholds() method, + 'Modem.Signal.RssiThreshold' and + 'Modem.Signal.ErrorRateThreshold' to allow configuring + thresholds so that the modem emits indications whenever the + signal quality values change based on those thresholds. For + RSSI a delta amount of dBm can be given, and for error rate + just a boolean to enable or disable the corresponding event. + - New 'error-rate' fields in the 'Modem.Signal.Cdma', + 'Modem.Signal.Evdo', 'Modem.Signal.Gsm', 'Modem.Signal.Umts', + 'Modem.Signal.Lte' and 'Modem.Signal.Nr5g' properties. + + Core: + - Detecting an eSIM without an active profile in the current + SIM slot will lead to the modem being in Failed state, in the + same way as if the slot was for a physical SIM and no SIM was + inserted. + - Default amount of AT probing attempts is updated to 6, to + cope with modems that are slower to boot. + - New '--test-mbimex-profile-management' option in the daemon, + to enable support for profile management operations using the + Microsoft extensions. This is an optional feature because it + requires using the 'apn-type' field as unique index, which + not all users of the profile management API may expect. + - Implemented some initial support to automatically hide + personal details (e.g. phone numbers, SMS contents...) from + logs, right now only applicable to QMI and MBIM logs. Updated + support for this feature will keep on being integrated in + future 1.20.x updates. The new '--log-personal-info' option + in the daemon allows to disable this feature completely. + - Added new filter match option for subsystem vendor id, + required in several PCI based Qualcomm modules. + - QCDM port probing will no longer automatically run for all + plugins, only in those that explicitly require it. + - Implemented support for suspend/resume detection based on + ChromeOS' powerd daemon. + - Added Cat-M and NB-IoT LPWA access technologies. + + Modem interface: On 3GPP+3GPP2 multimode devices, a missing SIM + card will now force the modem into Failed state, as if it was a + 3GPP-only device. + + Simple interface: Explicitly wait for PS domain to be attached + during a connection attempt. + + 3GPP interface: Updated to report domain registration changes + altogether whenever possible (e.g. when using the QMI or MBIM + protocols). + + MBIM: + - Implemented support to use the Microsoft-defined MBIM + extensions v2 and v3 whenever supported by the device. The + ModemManager daemon will negotiate which version to use with + the modem, so that the highest version supported is enabled. + This negotiation applies to the whole device, so any other + user of the MBIM device will automatically start using the + newly agreed version. + - Implemented current modes switching using MBIMEx v2.0 + extensions. + - Trigger explicit disconnection if a connection attempt fails. + - Modem will be flagged as unusable if 10 consecutive MBIM + requests timeout. + - Enabled multiplex support for devices in the WWAN subsystem. + + QMI: + - Updated logic to by default prefer 'Signal Info' over the + deprecated 'Signal Strength' operations. + - Updated logic to by default prefer 'System Info' over the + deprecated 'Serving System' operations. + - Updated power state transition logic to ensure the new state + is reached before returning success to the user. + - Implemented support for the 'Modem3gppProfileManager.Updated' + signal using PDC refresh notifications. + - Modem will be flagged as unusable if 10 consecutive QMI + requests timeout. + - Implemented DTMF support. + - Implemented support for automatic SIM IMSI switch detection + under certain roaming scenarios. + - Updated the logic to move the PS domain state to 'registered' + based on the DSD System Status indications. + - Updated endpoint type detection logic to be based on the net + driver. + - Updated endpoint number selection to be based on the data + port. + - Updated connection logic to allocate separate WDS clients per + endpoint. + - Added support for PCO reporting. + + plugins: + - quectel: Added FCC unlock support for the EM05-G. + - telit: + . Band management updated to prefer using QMI whenever + available, as well as to detect the #BND command format + automatically. + . Added support for LPWA modems. + - fibocom: + . Implemented optional support to power down and up the modem + during the update of the initial EPS bearer settings. + . Implemented initial EPS bearer settings management in the + MA510. + - intel: New generic plugin for Intel PCI devices with vid + 0x8086. + - xmm: Prefer GNSS control ports explicitly tagged via udev + tags. + - foxconn: Use the new FOX QMI service to load firmware + version. + - cinterion: Added support for PCIe based devices. +- Use ldconfig_scriptlets macro. +- Switch to meson buildsystem, add meson BuildRequires and macros. +- Add xsltproc and pkgconfig(bash-completion) BuildRequires: New + dependencies. + +- Update to version 1.18.12: + + This release fixes a few very critical issues that happpen when + using a glib2 newer or equal than 2.73.2, plus numerous fixes + for the Core, MBIM, QMI, 3GPP profile manager interface, SMS, + libmm-glib, and mmcli. + + Plugins: + - sierra: disable +CPOL in the GL7600. + - telit: add LE910Cx MBIM composition port hints. + - telit: add port type hints for LN920 0x1060, 0x1061 + compositions. + - icera: fix double free on %%IPSYS=? response processing + - mtk: fix task completion when loading supported modes. +- Add new pkgconfig modules build requirements: gio-2.0, glib-2.0, + gmodule-2.0, and gobject-2.0. +- Update ModemManager.keyring to the new upstream key: + A814D09B9C5BC01945A64308AECE0239C6606AD5. Found at + www.freedesktop.org/software/ModemManager/0xAECE0239C6606AD5.asc. + +- Disable make_check call, tests currently fails due to our switch + to glib 2.73.2. + https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/merge_requests/870 + https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/601 + https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/621 + NetworkManager -- Update to version 1.38.6 (bsc#1208631): +- Add python3.6-in-sle.patch: SLE still takes python 3.6 as primary + system, the patch allows meson to find python 3.6 in SLE. + +- Use %patch -p N instead of deprecated %patchN. + +- Update to version 1.44.2: + + Better log IPv4 Address Conflict Detection (ACD) conflicts + + Remove the upper limit of 65535 for PIDs read from the PID file + + Allow missing default gateway with oFono + + Honor the CLICOLOR_FORCE environment variable + + Fix generating connection with IPv6 method disabled vs ignored + + Fix possible segmentation fault when doing a checkpoint + rollback + + Documentation improvements +- Switch to source services, use explicit released tag. + +- Update to version 1.44.0: + + Introduce a new "link" setting that holds properties related to + the kernel link such as "tx-queue-length", "gso-max-size", + "gso-max-segments", "gro-max-size". + + Support sending a DHCPv6 prefix delegation hint via the + "ipv6.dhcp-pd-hint" connection property. + + Support new bond options: "arp_missed_max", "lacp_active", + "ns_ip6_target". + + Add new "initial-eps-bearer-configure" and + "initial-eps-bearer-apn" properties in the GSM setting. + + Setting "connection.stable-id=default${CONNECTION}" changed + behavior to be identical to the built-in default value when the + stable-id is not set. + + Add a "[keyfile].rename" option to NetworkManager.conf to force + renaming profiles on disk when their name changes. + + The ifcfg-rh plugin is deprecated; it will only receive + bugfixes and no new features. A warning is emitted the log when + a connection in ifcfg-rh format is found. + + To automatically migrate existing ifcfg-rh connections to the + keyfile format, a new configuration option + "main.migrate-ifcfg-rh" is provided. Migration is disabled by + default, but the default value can be changed at build time via + "--with-config-migrate-ifcfg-rh-default=yes". + + When configuring hostnames in non-public TLD (like + "example.local"), use the TLD as default search domain instead + of the full hostname. + + Always apply DNS options from the [global-dns] configuration + section + + The NetworkManager daemon now acquires the D-Bus name only + after populating the D-Bus tree. This can add a delay during + startup but it is required to avoid race conditions with other + services depending on NM. + + Add a "version-id" argument to the Update2() D-Bus call to + guard against concurrent modifications of profiles. + + Don't use tentative IPv6 addresses to resolve the system + hostname via DNS. + + Track the number of autoconnect retries left for each device + and connection. Previously it was tracked only per connection + and this lead to unexpected behaviors in case of multiconnect + profiles. + + Set VLAN filtering options on bridge via netlink instead of + sysfs. + + nm-cloud-setup now supports IMDSv2 on Amazon EC2. + + nmtui now allows to enable or disable Wi-Fi and WWAN radios. + + Honor ignore-carrier=no for bond/bridge/team devices. + + Add version mismatch warning when running nmcli commands. +- Rebase patches with quilt. + +- Update to version 1.42.8: + + Add support for ppp 2.5.0. + + Fix nft rules for balance-slb bonding. + + Support port priority for bonding. + + Fix regression handling the PKEY_ID for infiniband profiles in + ifcfg-rh format. + + Fix race in nm-cloud-setup that caused partial configuration + and loss of connectivity with multiple interfaces. + + Don't touch "net.ipv6.conf.$IFACE.forwarding" unless explicitly + required for IPv6 sharing. + + Various bugfixes related to team, Wi-Fi P2P, IPv6LL. + + Automatically unblock autoconnect of profiles during reapply. + +- Update https://www.gnome.org/projects/NetworkManager/ URL tag to + NM's newest home page: https://networkmanager.dev/, and main + package summary to: standard Linux network configuration tool + suite. + +- Add nm-runstatedir.patch: to correct rundir from /var/run to /run + for systemd FHS compatibility + +- Update to version 1.42.6: + + Emit the dhcp-change dispatcher event also after a lease + renewal. + + Fix assertion failure on DHCP renewal. + + Add support for EC2 IMDSv2 in nm-cloud-setup. + + Allow setting tunnel flags for ip6gre & ip6gretap connection + profiles. + + Improve the Wi-Fi hotspot functionality. + + Fix setting the Wi-Fi roaming policy based on the number of + seen BSSIDs. + + Support the "no-aaaa" resolv.conf option. + + Some oFono fixes. + +- Update to version 1.42.4: + + Fix a possible crash when [global-dns] is used and improve the + documentation. + + Documentation improvements. + +- Changes from version 1.38.6 (bsc#1208631): -- Changes from version 1.38.4: + +- Update to version 1.42.2: + + Add build option to set the mobile-broadband-provider-info + database path. + + Add new "ipv[46].replace-local-rule" setting to control whether + to remove the local route rule that is automatically generated. + + Add the DHCPv6 IAID to the lease information exposed in /run + and on D-Bus. + + Fix assuming team connections at boot. + + Fix race condition when setting the MAC address of an OVS + interface. + + Fix constructing the IPv4 name servers variable passed to + dispatcher scripts. + + Don't use tentative IPv6 address to resolve the system hostname + via DNS. + + Deprecate the "Master" property of the NMActiveConnection D-Bus + object in favor of the new "Controller" property. +- Drop 1539.patch: Fixed upstream. +- Refresh patch with quilt: + + 0001-Coerce-connectivity-LIMITED-to-NONE-when-device-is-d.patch + +- Add 1539.patch: Fix constructing the IPv4 nameserver variable + (boo#1208371). + +- Pass session_tracking=systemd and + session_tracking_consolekit=false to meson, no longer build + support for consolekit as session tracker. + +- Update to version 1.42.0: + + Added support for source load balancing for Ethernet Bonds. + + Allow specifying vhost name (SNI) for a manually DNS-over-TLS + server. Only works with systemd-resolved plugin. + + Connections can now be activated on a loopback interface. + + Added support of IPv4 ECMP routes. The ECMP routes will get + merged. + +- Update to version 1.40.12: + + Make sure "external-ids" stays up to date in Open vSwitch + database on a connection reapply. + + Retry if a netlink sockets runs out of buffer space before + we're able to read results of a link change. + + Fix a possible race involving concurrent invocation of iptables + in IPv4 shared mode. + + Other various fixes. + +- Update to version 1.40.10: + + Fix the evaluation of the autoconnect retries. + + nm-cloud-setup now preserves addresses added externally. + + Ensure that dnsmasq is stopped after changing the dns backend + and restarting the service. + + Fix honoring an explicit DHCPv6 DUID with dhclient. + + Other various fixes. + +- Update to version 1.40.8: + + Fixed a bug that caused devices (MACsec in particular) to be + stuck in UNAVAILABLE state and not transition to DISCONNECTED + if the carrier was ready too early. + + Improved interoperability of MACsec with some Aruba switches by + allowing CKN shorter than 64 characters. + + Fixed an assertion failure when restarting NetworkManager with + MACsec links configured. + + Fixed a possible DHCP helper crash when handling failure to + connect to D-Bus. + + Corrected calculation of expiration time for items configured + from IPv6 neighbor discovery messages. + + Various fixes for platforms that don't allow unaligned memory + access. + +- Drop iptables BuildRequires and -Diptables meson parameter: + iptables is legacy (obsoleted in favor of nft). Additionally. + meson has proper fallback detection to assume the correct path, + should it need to use iptables. +- Recommend nftables instead of iptables. + +- Update to version 1.40.6: + + team: + - Also set empty port configuration so teamd knows about the + port. + - Restore port configuration after teamd respawn. +- Changes from version 1.40.4: + + dhcp: revert restarting DHCP when MAC address changes, for + example during a bond fail over. + + Various documentation fixes. + + Fix non-exported ABI in libnm which was wrongly present in the + header files but unusable so far. + + ifcfg-rh: fix writing ethtool pause settings to file. + + core: set "proto static" for manual routing rules configured by + NetworkManager. + + Various minor bugfixes. + +- Keep netconfig support. The rc-manager auto detection will select + appropriate manager during runtime. + +- Use a with_netconfig define instead of relying on bcond: bcond is + meant to have extrenally controllable build conditions (build -D, + or OBS prjconf). + +- Update to version 1.40.2: + + Ensure that resolv.conf gets updated when the configuration + changes. + + Fix setting as bond primary an interface that doesn't exist yet + when the bond is activated. + + The number of autoconnect retries is now accounted + independently for each device when there are profiles with + multi-connect=multiple. + + Don't print duplicate entries in the output of "NetworkManager + - -print-config". + + Fix the ifcfg-rh plugin to properly read infiniband P-Key + connection profiles without an explicit interface name. + + Allow the removal of a bond port connection profile from the + bond via nmcli. + + Fix race condition during the activation of veth profiles when + the peer already exists. + + Decline the DHCPv6 lease if all addresses fail IPv6 duplicate + address detection (DAD). + + Wait that devices get carrier before trying to resolve the + system hostname on them via DNS. + + Fix race condition during the initial activation of OVS + interfaces. + + Profiles generated by nm-initrd-generator now have lower than + default priority. + + Fix error when adding many SR-IOV virtual functions (VFs). + +- Disabling netconfig compiling option for openSUSE Tumbleweed. + +- Drop dependency on sysconfig-netconfig: the collection of shell + scripts is not required for regular operation. + +- Update to version 1.40.0: + + During the build, stop relying on intltool for i18n and use + gettext only. + + Undeprecate nm_remote_connection_get_secrets() in libnm. + + NetworkManager now will restart DHCP if the MAC changes on a + device. +- Drop intltool BuildRequires following upstream changes. +- Refresh patches with quilt. +- Stop passing dnssec_trigger=%{_libexecdir}/dnssec-trigger-script + to meson, support dropped upstream. + +- Update to version 1.38.4: +- Create /etc/NetworkManager/conf.d by default, allowing easy + override for NetworkManager.conf file with drop-in. +- Move default config file to + /usr/lib/NetworkManager/NetworkManager.conf, as part of main + package. +- Branding upstream package is now just a config drop-in to + disable conncheck. +- Ensure /usr/lib/NetworkManager/conf.d is part of the package. + NetworkManager-branding:openSUSE +- Fix most rpmlint warnings: + + suse-zypp-packageand: use current Supplements: (A and B) syntax + over packagand(A:B) + + summary-ended-with-dot: Remove dot at the end of Summary: + + no-%build-section: Add empty %build section + + branding-supplements-missing: Fixes as part of + suse-zypp-packageand. + +- Expliciltly BuildRequire NetworkManager-branding-upstream: + branding-upstream is produced by NetworkManager and is guaranteed + to be the same version. Breaks a self-cycle. + +- Move conncheck config file out of /etc. No longer + import main config file. + SDL2 +- Update to release 2.28.5 + * Added support for the HP HyperX Clutch Gladiate controller + * Fixed a crash if a controller is disconnected while SDL is + opening it + * Fixed a crash on Linux if XInput2 isn't available at runtime + +- Enable direct PipeWire support + +- Update to release 2.28.4 + * Enable clipping for zero sized rectangles in the SDL renderer + * Notify X11 clipboard managers when the clipboard changes + * Fixed sensor timestamps for third-party PS5 controllers + * Added detection for Logitech and Simagic racing wheels + +- Update to release 2.28.3 + * Added a gamepad mapping for the G-Shark GS-GP702 + * Fixed touchpad events for the Razer Wolverine V2 Pro in PS5 mode + +- Update to release 2.28.2 + * Fixed 8BitDo gamepad mapping when in XInput mode on Linux + * Fixed controller lockup initializing some unofficial PS4 + replica controllers + * Fixed video initialization on headless Linux systems using VNC + +- Update to release 2.28.1 + * Added support for the Nintendo Online Famicom controllers + * Improved support for third-party Nintendo Switch controllers + * Fixed setting the player LED on Nintendo Switch controllers + * Added Linux controller mapping for the Logitech Chillstream + +- Update to release 2.28 + * Added SDL_HasWindowSurface() and SDL_DestroyWindowSurface() to + switch between the window surface and rendering APIs. + * Added a display event SDL_DISPLAYEVENT_MOVED which is sent + when the primary monitor changes or displays change position + relative to each other. + * Added the hint SDL_HINT_ENABLE_SCREEN_KEYBOARD to control + whether the on-screen keyboard should be shown when text input + is active. +- Delete 0001-Cleanup-add-brace-6545.patch, + 0002-Update-for-SDL3-coding-style-6717.patch, + 0003-Clang-Tidy-fixes-6725.patch (inapplicable), + 0004-evdev_kbd-Use-current-keymap.patch (merged). + +- Update to release 2.26.5 + * Fixed handling of third party PS4 controller input reports + * Added support for the trigger buttons on the Victrix Pro FS + for PS5 + * Added mapping for Flydigi Vader 2 with the latest firmware + (6.0.4.9) + * Added mapping for DualSense Edge Wireless Controller on Linux + * Added mapping for Hori Pokken Tournament DX Pro Pad + * Improved the speed and quality of audio resampling + * Fixed crash on Linux if dbus can't be initialized + +- Update to release 2.26.4 + * Fixed using older game controller mappings on Linux + +- Use current keymap on console + (https://github.com/libsdl-org/SDL/pull/7400 ) + + 0001-Cleanup-add-brace-6545.patch + + 0002-Update-for-SDL3-coding-style-6717.patch + + 0003-Clang-Tidy-fixes-6725.patch + + 0004-evdev_kbd-Use-current-keymap.patch + +- Update to release 2.26.3 + * Fixed infinite loop shutting down WGI controllers + * Fixed centering the D-pad on some Xbox controllers + +- Update to release 2.26.2 + * Fixed long delay at startup when a Razer keyboard is + connected + * Fixed not receiving SDLK_5 or SDL_SCANCODE_5 when using the + AZERTY keyboard layout on Linux +- Enable libsamplerate and libdecor components +- Remove unused tslib build requirement + +- Update to release 2.26.1 + * Improved audio resampling quality + * Fixed crash if SDL_GetPointDisplayIndex() or + SDL_GetRectDisplayIndex() are called before SDL_VideoInit() + +- Update to release 2.26 + * Added SDL_GetWindowSizeInPixels() to get the window size in + pixels, which may differ from the window coordinate size for + windows with high-DPI support. + * Added simulated vsync synchronization for the software + renderer. + * Added the mouse position to SDL_MouseWheelEvent. + * Added SDL_ResetHints() to reset all hints to their default + values. + * Added SDL_GetJoystickGUIDInfo() to get device information + encoded in a joystick GUID. + * Added XBOX Hints. + * Added support for PS3 and Wii controllers to the HIDAPI + driver (not enabled by default). + * Added access to the individual left and right gyro sensors of + the combined Joy-Cons controller. + * Added a microsecond timestamp to SDL_SensorEvent and + SDL_ControllerSensorEvent, when the hardware provides that + information. +- Delete sdl2-khronos.patch (merged) +- Drop CVE-2022-4743.patch. + +- Update to release 2.24.2 + * Fixed crash in Wayland_HasScreenKeyboardSupport() + +- Drop unused buildrequires on nasm + +- Update to release 2.24.1 + * Fixed shader compilation issues using the OpenGL ES2 renderer + +- Update to release 2.24.0 + * Added a number of function relating to input devices such as + keyboard and joystick. + * Added support for the NVIDIA Shield Controller to the HIDAPI + driver, supporting rumble and battery status + * Added support for opening audio devices with 3 or 5 channels + (2.1, 4.1). All channel counts from Mono to 7.1 are now + supported. +- Drop baselibs.conf (no SDL2_ttf-dependent Tumbleweed packages + themselves have baselibs). +- Drop fix-xi2-crash.patch (merged) +- Rename devel package to just %name-devel, which is what most + our packages do. + +- Add fix-xi2-crash.patch + +- Restore sdl2-symvers.patch to full symbol list to facilitate + application installation with Leap 15.x's SDL2. + +- Update to release 2.0.22 + * Added SDL_RenderGetWindow() to get the window associated with a renderer + * Added floating point rectangle functions: SDL_PointInFRect(), + SDL_FRectEmpty(), SDL_FRectEquals(), SDL_FRectEqualsEpsilon(), + SDL_HasIntersectionF(), SDL_IntersectFRect(), SDL_UnionFRect(), + SDL_EncloseFPoints(), SDL_IntersectFRectAndLine(). + * Added SDL_IsTextInputShown() which returns whether the IME + window is currently shown. + * Added SDL_ClearComposition() to dismiss the composition + window without disabling IME input. + * Added SDL_TEXTEDITING_EXT event for handling long composition + text, and a hint SDL_HINT_IME_SUPPORT_EXTENDED_TEXT to enable + it. + * Added the hint SDL_HINT_MOUSE_RELATIVE_MODE_CENTER to control + whether the mouse should be constrained to the whole window + or the center of the window when relative mode is enabled. + * The mouse is now automatically captured when mouse buttons + are pressed, and the hint SDL_HINT_MOUSE_AUTO_CAPTURE allows + you to control this behavior. + * Added the hint SDL_HINT_VIDEO_FOREIGN_WINDOW_OPENGL to let + SDL know that a foreign window will be used with OpenGL. + * Added the hint SDL_HINT_VIDEO_FOREIGN_WINDOW_VULKAN to let + SDL know that a foreign window will be used with Vulkan. + * Added the hint SDL_HINT_QUIT_ON_LAST_WINDOW_CLOSE to specify + whether an SDL_QUIT event will be delivered when the last + application window is closed. + * Added the hint SDL_HINT_JOYSTICK_ROG_CHAKRAM to control + whether ROG Chakram mice show up as joysticks. + * Added the hint SDL_HINT_X11_WINDOW_TYPE to specify the + _NET_WM_WINDOW_TYPE of SDL windows. + * Added the hint SDL_HINT_VIDEO_WAYLAND_PREFER_LIBDECOR to + allow using libdecor with compositors that support + xdg-decoration. + +- Drop 0001-Fix-build-against-wayland-1.20.patch + Fixed upstream: https://github.com/libsdl-org/SDL/pull/5092 + +- Update to release 2.0.20 + * SDL_RenderGeometryRaw() takes a pointer to SDL_Color, not + int. You can cast color data in SDL_PIXELFORMAT_RGBA32 format + (SDL_PIXELFORMAT_ABGR8888 on little endian systems) for this + parameter. + * Improved accuracy of horizontal and vertical line drawing + when using OpenGL or OpenGLES. + * Added the hint SDL_HINT_RENDER_LINE_METHOD to control the + method of line drawing used, to select speed, correctness, + and compatibility. + +- Add 0001-Fix-build-against-wayland-1.20.patch + +- Update to release 2.0.18 + * Added SDL_RenderGeometry() and SDL_RenderGeometryRaw() to + allow rendering of arbitrary shapes using the SDL 2D render + API. + * Added SDL_SetTextureUserData() and SDL_GetTextureUserData() + to associate application data with an SDL texture. + * Added SDL_RenderWindowToLogical() and + SDL_RenderLogicalToWindow() to convert between window + coordinates and logical render coordinates. + * Added SDL_RenderSetVSync() to change whether a renderer + present is synchronized with vblank at runtime. + * Added SDL_PremultiplyAlpha() to premultiply alpha on a block + of SDL_PIXELFORMAT_ARGB8888 pixels. + * Added a window event SDL_WINDOWEVENT_DISPLAY_CHANGED which is + sent when a window changes what display it is centered on. + * Added SDL_GetWindowICCProfile() to query a window's ICC + profile, and a window event SDL_WINDOWEVENT_ICCPROF_CHANGED + that is sent when it changes. + * Added the hint SDL_HINT_VIDEO_EGL_ALLOW_TRANSPARENCY to allow + EGL windows to be transparent instead of opaque. + * Added SDL_SetWindowMouseRect() and SDL_GetWindowMouseRect() + to confine the mouse cursor to an area of a window. + * You can now read precise mouse wheel motion using 'preciseX' + and 'preciseY' event fields. + * Added SDL_GameControllerHasRumble() and + SDL_GameControllerHasRumbleTriggers() to query whether a game + controller supports rumble. + * Added SDL_JoystickHasRumble() and + SDL_JoystickHasRumbleTriggers() to query whether a joystick + supports rumble. + * SDL's hidapi implementation is now available as a public API + in SDL_hidapi.h. +- Drop SDL2-endian.patch (inapplicable), + sdl2-fix-wayland-fullscreen.patch (merged), + audio-Support-pulse-as-an-alias-for-pulseaudio.patch (merged) +- Drop CVE-2021-33657.patch. + +- Support "pulse" as an alias for pulseaudio (bsc#1191868, + bsc#1189778): + audio-Support-pulse-as-an-alias-for-pulseaudio.patch + +- sdl2-fix-wayland-fullscreen.patch + * fix wayland issue for wlroot, see https://github.com/libsdl-org/SDL/pull/4629 + +- Update to release 2.0.16 + * Better native Wayland support, including handling for + client-side decorations and other functionality in place. + * Support for being able to directly interface with PipeWire for + audio input/output, a variety of new APIs, support for the + Amazon Luna game controller, rumble support for more + controllers. + * NOTE: Switching away (e.g. with Alt-Tab) from fullscreen + windows created with the SDL_WINDOW_FULLSCREEN flag will now + minimize them. If your window manager is configured to now show + minimzed windows in either the Alt-Tab list or the task bar, + you will have difficulty unminimizing these windows. + +- update to 2.0.14: + * Added support for PS5 DualSense and Xbox Series X controllers to the HIDAPI controller driver + * Vulkan support to the KMSDRM video driver + * see details on https://discourse.libsdl.org/t/sdl-2-0-14-released/28470 + +- Restore libSDL2main.a, patching it out was not easily possible. + +- Update to release 2.0.12 + * Support for the Google Stadia controller and other game + controllers + * A new video driver for offscreen rendering + * ARM NEON optimizations +- Drop CVE-2019-13616.patch (merged upstream) +- Drop sdl2-surface-pitch-overflow.patch. + -- sdl2-khronos.patch - * fixes build on i586 (boo#1158176) +- Temporarily work around -fno-common build failure [boo#1160382]. + +- sdl2-khronos.patch + * fixes build on i586 (boo#1153455, boo#1158176) + +- Update sdl2-symvers.patch for SDL 2.0.9/2.0.10. + +- Drop libSDL2main.a from libSDL-2_0-devel. It is only used + during build. + +- Use FAT LTO objects in order to provide proper static library. + +- Update to version 2.0.10 + * The SDL_RW* macros have been turned into functions that are + available only in 2.0.10 and onward + * Added SDL_SIMDGetAlignment(), SDL_SIMDAlloc(), and + SDL_SIMDFree(), to allocate memory aligned for SIMD + operations for the current CPU + * Added SDL_RenderDrawPointF(), SDL_RenderDrawPointsF(), + SDL_RenderDrawLineF(), SDL_RenderDrawLinesF(), + SDL_RenderDrawRectF(), SDL_RenderDrawRectsF(), + SDL_RenderFillRectF(), SDL_RenderFillRectsF(), + SDL_RenderCopyF(), SDL_RenderCopyExF(), to allow floating + point precision in the SDL rendering API. + * Added SDL_GetTouchDeviceType() to get the type of a touch + device, which can be a touch screen or a trackpad in relative + or absolute coordinate mode. + * The SDL rendering API now uses batched rendering by default, + for improved performance + * Added SDL_RenderFlush() to force batched render commands to + execute, if you're going to mix SDL rendering with native + rendering + * Added the hint SDL_HINT_RENDER_BATCHING to control whether + batching should be used for the rendering API. This defaults + to "1" if you don't specify what rendering driver to use when + creating the renderer. + * Added the hint SDL_HINT_EVENT_LOGGING to enable logging of + SDL events for debugging purposes + * Added the hint SDL_HINT_GAMECONTROLLERCONFIG_FILE to specify + a file that will be loaded at joystick initialization with + game controller bindings + * Added the hint SDL_HINT_MOUSE_TOUCH_EVENTS to control + whether SDL will synthesize touch events from mouse events + * Improved handling of malformed WAVE and BMP files, fixing + potential security exploits (boo#1142031 CVE-2019-13626) + * Removed the Mir video driver in favor of Wayland + * Security fixes: CVE-2019-7635 (boo#1124827), CVE-2019-7636 + (boo#1124826), CVE-2019-7638 (boo#1124824). +- Refreshed sdl2-symvers.patch +- Drop CVE-2019-13626.patch, CVE-2019-7636.patch, + CVE-2019-7635.patch. + +- Update to version 2.0.9 + * Added a new sensor API, initialized by passing + SDL_INIT_SENSOR to SDL_Init(), and defined in SDL_sensor.h + * Added an event SDL_SENSORUPDATE which is sent when a sensor + is updated + * Added SDL_GetDisplayOrientation() to return the current + display orientation + * Added an event SDL_DISPLAYEVENT which is sent when the + display orientation changes + * Added HIDAPI joystick drivers for more consistent support + for Xbox, PS4 and Nintendo Switch Pro controller support + across platforms. (Thanks to Valve for contributing the PS4 + and Nintendo Switch Pro controller support) + * Added support for many other popular game controllers + * Added SDL_JoystickGetDevicePlayerIndex(), + SDL_JoystickGetPlayerIndex(), and + SDL_GameControllerGetPlayerIndex() to get the player index for + a controller. For XInput controllers this returns the XInput + index for the controller. + * Added SDL_GameControllerRumble() and SDL_JoystickRumble() + which allow simple rumble without using the haptics API + * Added SDL_GameControllerMappingForDeviceIndex() to get the + mapping for a controller before it's opened + * Added the hint SDL_HINT_MOUSE_DOUBLE_CLICK_TIME to control + the mouse double-click time + * Added the hint SDL_HINT_MOUSE_DOUBLE_CLICK_RADIUS to control + the mouse double-click radius, in pixels + * Added SDL_HasColorKey() to return whether a surface has a + colorkey active + * Added SDL_HasAVX512F() to return whether the CPU has + AVX-512F features + * Added SDL_IsTablet() to return whether the application is + running on a tablet + * Added SDL_THREAD_PRIORITY_TIME_CRITICAL for threads that + must run at the highest priority + * Added SDL_LinuxSetThreadPriority() to allow adjusting the + thread priority of native threads using RealtimeKit if + available. +- Dropped 7babfecee045.patch (merged upstream) + +- Add 7babfecee045.patch, fixes launching Firewatch + +- SDL2-endian.patch: bring up patch from SDL1, use optimized + byteswap routines from the C library. +- build with --disable-3dnow, do not pass -m3dnow to the compiler + modern cpus do not support this instructions at all. + apache2 +- Add OpenSSL 3.x support: [bsc#1217722, jsc#PED-6570] + * Upstream: github.com/apache/httpd/pull/258 + * Add httpd-OpenSSL-3.patch + apparmor +- Add apparmor-abstractions-openssl-allow-version-specific-en.patch to + allow version specific engdef & engines openssl paths (boo#1219571) + +- Update to AppArmor 3.1.7 + - aa-logprof: don't skip exec events in hats + - fix aa-cleanprof to work with named profiles + - add permissions in various abstractions + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.7 + for the full list of changes +- drop upstreamed apparmor-systemd-sessions.patch + +- Add dovecot-unix_chkpwd.diff to allow dovecot-auth to execute + unix_chkpwd, and add a profile for unix_chkpwd. This is needed + for PAM 1.6 (boo#1219139) +- Refresh apparmor.keyring - the key was renewed + +- Actually apply the previously added patch for bsc#1216878 + +- Add apparmor-systemd-sessions.patch to allow read access to + /run/systemd/sessions/ (bsc#1216878) + apparmor:libapparmor +- Add apparmor-abstractions-openssl-allow-version-specific-en.patch to + allow version specific engdef & engines openssl paths (boo#1219571) + +- Update to AppArmor 3.1.7 + - aa-logprof: don't skip exec events in hats + - fix aa-cleanprof to work with named profiles + - add permissions in various abstractions + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.1.7 + for the full list of changes +- drop upstreamed apparmor-systemd-sessions.patch + +- Add dovecot-unix_chkpwd.diff to allow dovecot-auth to execute + unix_chkpwd, and add a profile for unix_chkpwd. This is needed + for PAM 1.6 (boo#1219139) +- Refresh apparmor.keyring - the key was renewed + +- Actually apply the previously added patch for bsc#1216878 + +- Add apparmor-systemd-sessions.patch to allow read access to + /run/systemd/sessions/ (bsc#1216878) + autofs +- Removed following upstreamed patches because of upgrade: + * autofs-5.1.6-fix-quoted-string-length-calc-in-expand.patch + * 0001-use_hostname_for_mounts-shouldn-t-prevent-selection-.patch + * 0002-Fix-monotonic_elapsed.patch Deleted + * 0003-autofs-5.1.4-fix-fd-leak-in-rpc_do_create_client.patch Deleted + * 0004-autofs-5.1.3-add-port-parameter-to-rpc_ping.patch + * 0005-autofs-5.1.4-fix-incorrect-locking-in-sss-lookup.patch + * autofs-5.1.3-revert-fix-argc-off-by-one-in-mount_aut.patch + * autofs-5-1-3-check-map-instances-for-staleness-on-map-update.patch + * autofs-5-1-3-fix-ordering-of-seteuid-setegid-in-do_spawn.patch + * autofs-5-1-3-fix-possible-map-instance-memory-leak.patch + * autofs-5.1.3-revert-fix-argc-off-by-one-in-mount_aut.patch + * autofs-5.1.6-fix-quoted-string-length-calc-in-expand.patch +- Add autofs-suse-manpage-remove-initdir.patch + Removes references of initdir from man pages (bsc#1207881) +- Move dbus-1 system.d file to /usr (bsc#1203362) +- Moved -autofs- file from user specif directory + /etc/NetworkManager/dispatcher.d to vendor specific directory + /usr/lib/NetworkManager/dispatcher.d. So, users changes can + still be done in /etc and will not be overwritten by an update. +- Use OPTIONS instead of AUTOFS_OPTIONS in /etc/sysconfig/autofs + (bsc#1199027) +- Add autofs-Test-TCP-request-correctly-in-nfs_get_info.patch + Fix bug when rpcbind not visible + (bsc#1195587 bsc#1195595) +- update to 5.1.8: + * add xdr_exports(). + * remove mount.x and rpcgen dependencies. + * dont use realloc in host exports list processing. + * use sprintf() when constructing hosts mapent. + * fix mnts_remove_amdmount() uses wrong list. + * Fix option for master read wait. + * eliminate cache_lookup_offset() usage. + * fix is mounted check on non existent path. + * simplify cache_get_parent(). + * set offset parent in update_offset_entry(). + * remove redundant variables from mount_autofs_offset(). + * remove unused parameter form do_mount_autofs_offset(). + * refactor umount_multi_triggers(). + * eliminate clean_stale_multi_triggers(). + * simplify mount_subtree() mount check. + * fix mnts_get_expire_list() expire list construction. + * fix inconsistent locking in umount_subtree_mounts(). + * fix return from umount_subtree_mounts() on offset list delete. + * pass mapent_cache to update_offset_entry(). + * fix inconsistent locking in parse_mount(). + * remove unused mount offset list lock functions. + * eliminate count_mounts() from expire_proc_indirect(). + * eliminate some strlen calls in offset handling. + * don't add offset mounts to mounted mounts table. + * reduce umount EBUSY check delay. + * cleanup cache_delete() a little. + * rename path to m_offset in update_offset_entry(). + * don't pass root to do_mount_autofs_offset(). + * rename tree implementation functions. + * add some multi-mount macros. + * remove unused functions cache_dump_multi() and cache_dump_cache(). + * add a len field to struct autofs_point. + * make tree implementation data independent. + * add mapent tree implementation. + * add tree_mapent_add_node(). + * add tree_mapent_delete_offsets(). + * add tree_mapent_traverse_subtree(). + * fix mount_fullpath(). + * add tree_mapent_cleanup_offsets(). + * add set_offset_tree_catatonic(). + * add mount and umount offsets functions. + * switch to use tree implementation for offsets. + * remove obsolete functions. + * remove redundant local var from sun_mount(). + * use mount_fullpath() in one spot in parse_mount(). + * pass root length to mount_fullpath(). + * remove unused function master_submount_list_empty(). + * move amd mounts removal into lib/mounts.c. + * check for offset with no mount location. + * remove mounts_mutex. + * remove unused variable from get_exports(). + * add missing free in handle_mounts(). + * remove redundant if check. + * fix possible memory leak in master_parse(). + * fix possible memory leak in mnts_add_amdmount(). + * fix double unlock in parse_mount(). + * add length check in umount_subtree_mounts(). + * fix flags check in umount_multi(). + * dont try umount after stat() ENOENT fail. + * remove redundant assignment in master_add_amd_mount_section_mounts(). + * fix dead code in mnts_add_mount(). + * fix arg not used in error print. + * fix missing lock release in mount_subtree(). + * fix double free in parse_mapent(). + * refactor lookup_prune_one_cache() a bit. + * cater for empty mounts list in mnts_get_expire_list(). + * add ext_mount_hash_mutex lock helpers. + * fix amd section mounts map reload. + * fix dandling symlink creation if nis support is not available. + * dont use AUTOFS_DEV_IOCTL_CLOSEMOUNT. + * fix lookup_prune_one_cache() refactoring change. + * fix amd hosts mount expire. + * fix offset entries order. + * use mapent tree root for tree_mapent_add_node(). + * eliminate redundant cache lookup in tree_mapent_add_node(). + * fix hosts map offset order. + * fix direct mount deadlock. + * add missing description of null map option. + * fix nonstrict offset mount fail handling. + * fix concat_options() error handling. + * eliminate some more alloca usage. + * use default stack size for threads. + * fix use of possibly NULL var in lookup_program.c:match_key(). + * fix incorrect print format specifiers in get_pkt(). + * add mapent path length check in handle_packet_expire_direct(). + * add copy length check in umount_autofs_indirect(). + * add some buffer length checks to master map parser. + * add buffer length check to rmdir_path(). + * eliminate buffer usage from handle_mounts_cleanup(). + * add buffer length checks to autofs mount_mount(). + * make NFS version check flags consistent. + * refactor get_nfs_info(). +- drop autofs-5.1.7-Fix-option-for-master_read_wait.patch, + autofs-5.1.7-use-default-stack-size-for-threads.patch: upstream +- autofs-5.1.7-use-default-stack-size-for-threads.patch: Use default + stack size for threads (bsc#1189199) +- Upgrade to 5.1.7 + - make bind mounts propagation slave by default. + - update ldap READMEs and schema definitions. + - fix program map multi-mount lookup after mount fail. + - fix browse dir not re-created on symlink expire. + - fix a regression with map instance lookup. + - correct fsf address. + - samples: fix Makefile targets' directory dependencies + - remove intr hosts map mount option. + - fix trailing dollar sun entry expansion. + - initialize struct addrinfo for getaddrinfo() calls. + - fix quoted string length calc in expandsunent(). + - fix autofs mount options construction. + - mount_nfs.c fix local rdma share not mounting. + - configure.in: Remove unneeded second call to PKG_PROG_PKG_CONFIG. + - configure.in: Do not append parentheses to PKG_PROG_PKG_CONFIG. + - Use PKG_CHECK_MODULES to detect the libxml2 library. + - fix ldap sasl reconnect problem. + - samples/ldap.schema fix. + - fix configure force shutdown check. + - fix crash in sun_mount(). + - fix lookup_nss_read_master() nsswicth check return. + - fix typo in open_sss_lib(). + - fix sss_master_map_wait timing. + - add sss ECONREFUSED return handling. + - use mapname in sss context for setautomntent(). + - add support for new sss autofs proto version call. + - fix retries check in setautomntent_wait(). + - refactor sss setautomntent(). + - improve sss setautomntent() error handling. + - refactor sss getautomntent(). + - improve sss getautomntent() error handling. + - sss introduce calculate_retry_count() function. + - move readall into struct master. + - sss introduce a flag to indicate map being read. + - update sss timeout documentation. + - refactor sss getautomntbyname(). + - improve sss getautomntbyname() error handling. + - use a valid timeout in lookup_prune_one_cache(). + - dont prune offset map entries. + - simplify sss source stale check. + - include linux/nfs.h directly in rpc_subs.h. + - fix typo in daemon/automount.c. + - fix direct mount unlink_mount_tree() path. + - fix unlink mounts umount order. + - fix incorrect logical compare in unlink_mount_tree(). + - use bit flag for force unlink mounts. + - improve force unlink option description. + - remove command fifo on autofs mount fail. + - add force unlink mounts and exit option. + - cleanup stale logpri fifo pipes on unlink and exit. + - fix incorrect systemctl command syntax in autofs(8). + - update list.h. + - add hashtable implementation. + - change mountpoint to mp in struct ext_mount. + - make external mounts independent of amd_entry. + - make external mounts use simpler hashtable. + - add a hash index to mnt_list. + - use mnt_list for submounts. + - use mnt_list for amdmounts. + - make umount_autofs() static. + - remove force parameter from umount_all(). + - fix remount expire. + - fix stale offset directories disable mount. + - use struct mnt_list to track mounted mounts. + - use struct mnt_list mounted list for expire. + - remove unused function tree_get_mnt_list(). + - only add expre alarm for active mounts. + - move submount check into conditional_alarm_add(). + - move lib/master.c to daemon/master.c. + - use master_list_empty() for list empty check. + - add helper to construct mount point path. + - check defaults_read_config() return. + - move AUTOFS_LIB to end of build rule lines. + - make autofs.a a shared library. + - make lookup_file.c nss map read status return handling consistent. + - fix empty mounts list return from unlink_mount_tree(). +- Refreshed autofs-5.1.1-dbus-udisks-monitor.patch +- Replaced automount-fix-master-wait.patch with upstream patch + autofs-5.1.7-Fix-option-for-master_read_wait.patch +- automount-fix-master-wait.patch: Fix options string for master wait + (bsc#1178006) +- autofs-nsswitch-usr-etc.patch: Use /usr/etc/nsswitch.conf if + /etc/nsswitch.con is unavailable (bsc#1175238) +- Upgrade to 5.1.6 + - support strictexpire mount option. + - fix hesiod string check in master_parse(). + - add NULL check for get_addr_string() return. + - use malloc(3) in spawn.c. + - add mount_verbose configuration option. + - optionally log mount requestor process info. + - log mount call arguments if mount_verbose is set. + - Fix NFS mount from IPv6 addresses. + - make expire remaining log level debug. + - allow period following macro in selector value. + - fix macro expansion in selector values. + - fix typing errors. + - Explain /etc/auto.master.d usage. + - plus map includes are only allowed in file sources. + - Update README. + - fix additional typing errors. + - update autofs(8) offset map entry update description. + - increase group buffer size geometrically. + - also use strictexpire for offsets. + - remove unused function has_fstab_option(). + - remove unused function reverse_mnt_list(). + - remove a couple of old debug messages. + - fix amd entry memory leak. + - fix unlink_mount_tree() not umounting mounts. + - use ignore option for offset mounts as well. + - add config option for "ignore" mount option + - use bit flags for autofs mount types in mnt_list. + - use mp instead of path in mnt_list entries. + - always use PROC_MOUNTS to make mount lists. + - add glibc getmntent_r(). + - use local getmntent_r in table_is_mounted(). + - refactor unlink_active_mounts() in direct.c. + - don't use tree_is_mounted() for mounted checks. + - use single unlink_umount_tree() for both direct and indirect mounts. + - move unlink_mount_tree() to lib/mounts.c. + - use local_getmntent_r() for unlink_mount_tree(). + - use local getmntent_r() in get_mnt_list(). + - use local getmntent_r() in tree_make_mnt_list(). + - fix missing initialization of autofs_point flags. +- NetworkManager-autofs: reload rather than restart autofs.service + * If complex network setups are being brought up, autofs.service + may be restarted too quickly, causing systemd to consider the + service failed. "reload" avoids that, and works just fine. +- Fix autofs restart when Networkmanager connection is brought up + * NetworkManager-autofs: /bin/systemctl has been removed in + systemd-244 +- BuildRequire pkgconfig(libsystemd) instead of systemd-devel: + allow OBS to shortcut by using systemd-devel-mini. +- Remove legacy LSB-init script code, we don't have that anymore. +- Drop pre-12.2 parts from build recipe +- Switch %systemd_requires to %systemd_ordering, since %service_* + can deal with its absence. +- Upgrade to 5.1.5 + - fix flag file permission. + - fix directory create permission. + - fix use after free in do_master_list_reset(). + - fix deadlock in dumpmaps. + - dont use array for path when not necessary. + - fix prefix option handling in expand_entry(). + - fix sublink option not set from defaults. + - fix error return in do_nfs_mount(). + - add error handling for ext_mount_add(). + - account for recent libnsl changes. + - use_hostname_for_mounts shouldn't prevent selection among replicas. + - fix monotonic_elapsed. + - Makefiles.rules: remove 'samples' from SUBDIRS. + - dont allow trailing slash in master map mount points. + - fix libresolv configure check. + - add fedfs-getsrvinfo.c. + - add mount.fedfs.c. + - add fedfs-map-nfs4.c. + - add conditional inclusion of fedfs binaries. + - add an example fedfs master map entry to the installed master map. + - improve hostname lookup error logging. + - fix rpm spec install premissions on auto.net and auto.smb. + - tiny patch for autofs typo and possible bug. + - add units After line to include statd service. + - use systemd sd_notify() at startup. + - fix NFS version mask usage. + - fix fd leak in rpc_do_create_client(). + - add-man page note about extra slashes in paths. + - change expire type naming to better reflect usage. + - use defines for expire type. + - enable SIGUSR2 handling in rpm spec file. + - fix age setting at startup. + - fix update_negative_cache() map source usage. + - fix program usage message. + - mark removed cache entry negative. + - set bind mount as propagation slave. + - add master map pseudo options for mount propagation. + - fix use after free in parse_ldap_config(). + - fix incorrect locking in sss lookup. + - fix amd parser opts option handling. + - fix possible NULL pointer dereference in get_defaults_entry(). + - better handle hesiod support not built in. + - fix indent in automount(8) man page. + - remove autofs4 module load code. + - add NULL check in prepare_attempt_prefix(). + - update build info with systemd. + - use flags for startup boolean options. + - move close stdio descriptors to become_daemon(). + - add systemd service command line option. + - refactor negative map entry check. + - remove unused function dump_master(). + - remove unused function dump_state_queue(). + - remove couple of undeeded requires. + - Removed patches: + * autofs-5-1-3-fix-ordering-of-seteuid-setegid-in-do_spawn.patch + * autofs-5-1-3-fix-possible-map-instance-memory-leak.patch + * autofs-5-1-3-check-map-instances-for-staleness-on-map-update.patch + * 0001-use_hostname_for_mounts-shouldn-t-prevent-selection-.patch + * 0002-Fix-monotonic_elapsed.patch + * 0003-autofs-5.1.4-fix-fd-leak-in-rpc_do_create_client.patch + - Updated spec file to use native autofs service files + autoyast2 +- jsc#PED-6407 + - enabled lvm_vg_reuse to be used in general/storage/proposal + section +- 4.6.6 + +- Install standard SLES when the AY XML profile selects SLE_HPC, + it has been dropped in SP6 (jsc#PED-7841) +- 4.6.5 + bind +- Update to new Major Version 9.18.24. + This has many enhancements, bug fixes and changes. + Breaking Changes: + * Some options have been removed and some have been deprecated + and will be removed in the future. + For a complete list, see: + https://kb.isc.org/docs/changes-to-be-aware-of-when-moving-from-bind-916-to-918 + Major Changes: + * Support for securing DNS traffic using Transport Layer Security + (TLS). TLS is used by both DNS-over-TLS (DoT) and + DNS-over-HTTPS (DoH). + * Support for zone transfers over TLS (XFR-over-TLS, XoT) for + both incoming and outgoing zone transfers. + * The dig tool is now able to send DoT queries (+tls option). + * Support for OpenSSL 3.0 APIs was added. + * dnssec-checkds, dnssec-coverage, dnssec-keymgr, which have been + removed in favor of the dnssec-policy feature + * python3-bind is deprecated and the subpackage has been removed + * A number of utilities have been moved from /usr/sbin to + /usr/bin: + named-checkconf named-checkzone named-compilezone + dnssec-dsfromkey dnssec-importkey dnssec-keyfromlabel + dnssec-keygen dnssec-revoke dnssec-settime dnssec-signzone + dnssec-verify dnssec-cds named-journalprint nsec3hash + * The lib directory was renamed from 'named' to 'bind' + For a complete list of changes, see: + * Bind Release Notes + https://bind9.readthedocs.io/en/v9.18.24/notes.html + * The CHANGES file in the source RPM + Security Fixes: + * Validating DNS messages containing a lot of DNSSEC signatures + could cause excessive CPU load, leading to a denial-of-service + condition. This has been fixed. (CVE-2023-50387) + [bsc#1219823] + * Preparing an NSEC3 closest encloser proof could cause excessive + CPU load, leading to a denial-of-service condition. This has + been fixed. (CVE-2023-50868) + [bsc#1219826] + * Parsing DNS messages with many different names could cause + excessive CPU load. This has been fixed. (CVE-2023-4408) + [bsc#1219851] + * Specific queries could cause named to crash with an assertion + failure when nxdomain-redirect was enabled. This has been + fixed. (CVE-2023-5517) + [bsc#1219852] + * A bad interaction between DNS64 and serve-stale could cause + named to crash with an assertion failure, when both of these + features were enabled. This has been fixed. (CVE-2023-5679) + [bsc#1219853] + * Query patterns that continuously triggered cache database + maintenance could cause an excessive amount of memory to be + allocated, exceeding max-cache-size and potentially leading to + all available memory on the host running named being exhausted. + This has been fixed. (CVE-2023-6516) + [bsc#1219854] + Packaging notes: + * libnghttps2 added as BuildRequires for tls support + * named-bootconf.diff patch is obsolete and has been removed + [jsc#PED-7932] +- Update KillMode to 'control-group' in named.service to handle + forked processes better. + [bsc#1215755] + cpupower -- Add turbostat support for MeteorLake platforms (jsc#PED-4325) - A tools-power-turbostat-Add-support-for-MeteorLake-platforms.patch +- Fix library file version: libcpupower.so.0.0.1 -> libcpupower.so.1.0.1 + (bsc#1217044) + A cpupower_fix_library_so_name.patch -- Add Emerald Ridge Intel CPU model support: - * jsc#PED-4393 - intel-speed-select tool support for EMR - A tools-power-turbostat-Introduce-support-for-EMR.patch - A add_emerald_ridge_intel_family.patch - * jsc#PED-4395 - Add EMR CPU support to turbostat - A tools-power-x86-intel-speed-select-Add-Emerald-Rapid-quirk.patch - -- Update to latest intel-speed-select package version from 1.10 to 1.13 - (jsc#PED-2137): - 1.13: - * Fix build failure when using gcc options -Wl,--as-needed - * Fix warning for perf_cap.cpu may be uninitialized - * Fix off by one check for MAX_DIE_PER_PACKAGE - * Fix issue with use of get_physical_die_id instead of - get_physical_die_id - * Warn if turbo is disabled and SST turbo-freq feature is requested - 1.12: - * Allows out of band SST support, where some remote agent - changes SST profiles via some Board Management Controller. - * HFI support to process config level changes in oob mode - 1.11: - * Update max performance when BIOS disabled turbo - -- Update to latest turbostat version 2022.07.28 - jsc#PED-1028 - Includes: - Add ADL-N platform to Turbostat - jsc#PED-1027 - Add RPL-P platform to Turbostat - jsc#PED-1029 - Add RPL-S platform to Turbostat - jsc#PED-1026 -- Explicitly add patch to support Raptorlake-S - jsc#PED-2066 - A tools-power-turbostat-add-support-for-RPL-S.diff +- Rename libcpupower0 to libcpupower1 following changes in SONAME. +- Use ldconfig_scriptlets macro for post(un) handling. + +- Add wildcard for powercap.h since powercap patches have reached mainline +- Build bash-completion noarch + +- clean up sources: drop rapl_monitor.patch and + cpupower_rapl.patch. + +- Move bash-completion to subpackage so it isn't installed when + not needed + +- Remove powercap capabilities to patch againt latest kernel sources + - > still keep the patches, will be removed after trying to get this + mainline +- Add netlink (libnl-devel) requires + +- add rebuild subpackage to trigger rebuild on kernel updates + +- Change to building the package from kernel-source based on + how the perf package works +- Removed patches: + * turbostat_makefile_fix_asm_header.patch + * remove_bits_h.patch + * x86_perf_makefile_fix_asm_header.patch +- Remove all tarballs and git script +- Use %lang_package +- Correct ix86 to %ix86 dav1d +- Add dav1d-CVE-2023-32570.patch: fix possible crash when decoding + a frame (bsc#1211262 CVE-2023-32570). + +- Drop _lto_cflags define, current version supports lto build. +- Drop unneeded rpm BuildRequires. +- Add pkgconfig(libxxhash) BuildRequires and stop passing + xhash_muxer=disabled to meson, build hash_muxer support. +- Add check section and meson_test macro, run tests during build. + +- Update to version 1.0.0 + * Automatic thread management. + * Add support for AVX-512 acceleration. + * x86 code speedup (from SSE2 to AVX2). + * New grain API to ease acceleration on the GPU. + * New API call to get information of which frame failed to + decode, in error cases. + * Numerous small bug fixes. +- Bump soversion to 6 + dbus-1-glib +- Try to guard against incomplete update stacks (boo#1202241): + + Add split-provides to libdbus-1-glib and bash-completion + sub-package. + + Add explicit conflict to bash-completion subpackage against + dbus-1-glib < 0.112 (when the package split happened) + + Ensure dbus-1-glib-tool gets the correct library version + installed. + +- Add relevant dbus-1-glib- provides/obsoletes also in + baselibs.conf (boo#1193502). + +- Add signature and keyring as sources, verify tarball with gpg. + +- Update to version 0.112: + + Dependencies: + - dbus 1.8 was already required, but is more strongly required + now: the workarounds that were used to run continuous + integration with dbus 1.6 on Ubuntu 14.04 'trusty' have been + removed. (Note that dbus 1.8 has already reached end-of-life + for security support, and newer dbus stable branches are + strongly recommended.) + - pkg-config 0.28 is required when building from git. + + Enhancements: + - Rewrite CONTRIBUTING.md document, based on Wayland's + equivalent. + - A generated ChangeLog file, which made up a significant + proportion of the size of source tarball releases, is no + longer included. + - Improve man page. + - Add test coverage for fdo#80557 + - Use more modern GLib assertions in unit tests. + - Improve continuous integration to be run by GitLab in + addition to Travis-CI. + - Add clearer license information using + SPDX-License-Identifier. + + Fixes: + - Allow glib-genmarshal to be overridden with + `./configure GLIB_GENMARSHAL=/path/to/glib-genmarshal`, for + cross-compilation. + - Avoid a double-free in dbus-binding-tool for certain inputs, + possibly involving nested introspection data structures. + - Report a better error for excessive recursion depth or + unsupported data types. + - Map the 15 most-recently-added DBusGError members to their + corresponding D-Bus error names. + - Mark all documented symbols as deprecated. + - Fix unit test failures during distcheck by enabling + assertions. + - Fix a core dump during installed-tests by not attempting to + close a shared DBusConnection. +- Package COPYING as license, CONTRIBUTING.md and NEWS as docs. +- Add explicit pkgconfig BuildRequires. +- Replace dbus-1-devel and glib2-devel with pkgconfig variants that + configure checks for: pkgconfig(dbus-1), pkgconfig(glib-2.0), + pkgconfig(gobject-2.0) and pkgconfig(gio-2.0) BuildRequires. +- Drop hard Requires and BuildRequires that are not needed as they + are added automatically. +- Split out bash-completion sub-package. +- Split out shared library into own sub-package, and Require it + from the devel package, and add to the baselibs.conf. Following + the SLPP standard. Add Provides and Obsoletes for the no longer + existing main package. +- Use ldconfig_scriptlets for post(un) handling. +- Add soname define, ease future updates. + +- Update to version 0.110: + Dependencies: + + GLib 2.40 is required + Enhancements: + + The GLib main-loop glue, "dbus-gmain", is now available as a separate + subproject (the dbus-gmain branch in dbus-glib's git repository) for + embedding in larger projects like dbus-glib and dbus-python via the + `git subtree` or `git submodule` commands. This removes dbus-python's + dependency on the rest of dbus-glib. + Fixes: + + autogen.sh can now detect gtk-doc >= 1.26. + + More files have per-file copyright information. +- Run spec-cleaner + -- Update to version 0.100.2: - + Respin tarball. - -- Update to version 0.100.1: - + dbus-gproxy: Verify sender of NameOwnerChanged signals to be - o.f.DBus (CVE-2013-0292, bnc#804392). - + Some cleanups. - + Other bugs fixed: fdo#23633, fdo#40711, fdo#55729, fdo#55730. - -- Update to version 0.100: - + Enhancements: - - Support building on Android with androgenizer - (fdo#42532) - - Respect NOCONFIGURE=1 in autogen.sh - + Fixes: - - Fix several GVariant reference leaks in - dbus_g_value_parse_variant (fdo#41125) - - Don't crash if an error code is out of range for its domain - or has a negative code (fdo#40151) - - Fix compilation with -Werror=format-security - - Don't crash if dbus_g_proxy_new_for_peer() is used to talk to - the dbus-daemon (fdo#41126) - -- Further dependency changes: Let dbus-1-glib-devel require - dbus-1-devel (implicitly pulls dbus-1). - -- Fix and loosen dependency towards dbus-1. Reported by Andreas - Jaeger . - -- license update: AFL-2.1 or GPL-2.0+ - License is a dual license choice of either Academic Free License 2.1 or - GNU GPL 2+. This is the SPDX format for that license - -- Update to version 0.98: - + Fix the documentation, a lot. We have nearly 100% coverage now. - (fdo#37793) - + In specialized collection iterators, check that the type is - correct; g_critical and return harmlessly, rather than - crashing, if not - + If library users register specialized GTypes, warn if their - vtables have missing callbacks which would cause accessors to - crash - + Fix production of documentation out-of-tree with newer gtk-doc - + Simplify invoke_object_method() and OOM handling in - dbus-gobject (fdo#35767) -- Changes from version 0.96: - + Fix a regression in marshalling GObject instances as object - paths, which broke NetworkManager (fdo#37852, deb#628890) - + Fix crashes when sending a message when disconnected from D-Bus - but still working through our backlog of incoming messages, - similar to fdo#12675 (fdo#38406) - + Cope more gracefully, with a critical warning instead of a - memory leak, if programmer error causes G_VALUE_COLLECT to fail - (fdo#38406, nokia#86280, nokia#180486) - + Avoid an assertion failure when unregistering a proxy if - GetNameOwner failed (fdo#38408, nokia#116862) - + Don't report various programmer errors as "out of memory"; - raise suitable critical warnings instead, and don't leak memory - (fdo#35767, fdo#35766) - + If a remote process sends a wrong method call on the Properties - interface, send back an error reply, instead of warning on - stderr and not replying (fdo#35766) - + Show a warning if dbus_g_method_return fails to marshal - something (fdo#29884, nokia#180486) - + Remove remnants of i18n (fdo#36428) - + Remove dead code (nokia#180486) -- Drop dbus-1-glib-fix-marshalling-regression.patch: fixed - upstream. - -- cross-build fix: use host's dbus-binding-tool - -- Remove redundant tags/sections from specfile - (cf. packaging guidelines) -- Add dbus-1-glib-devel to baselibs - -- Add dbus-1-glib-fix-marshalling-regression.patch: this fixes a - regression causing issues in NetworkManager; taken from git. - -- Update to version 0.94: - + Check validity of more arguments, don't report "out of memory" - or "should not have been reached" if an invalid string or - boolean is given, and abandon broken containers more gracefully - (fdo#30171) - + Allow underscores in error names (fdo#30274) - + If an object is on more than one connection, emit signals on - all of them; if it's unregistered, only unregister it from the - requested connection (fdo#32087) - + Fix ability to switch a DBusConnection from one GMainContext to - another (fdo#35115) - + Forbid a ReturnVal annotation after the first OUT , which - had never worked correctly anyway (fdo#35952) - + Remove false claim that we use Introspect() at runtime, and - document more error cases (fdo#36216) - + Remove unused support for translated messages (fdo#36428) - + Don't corrupt internal data if a GObject is registered twice on - the same (connection, path) tuple, and fix out-of-bounds - reading (fdo#36793) - + Fix multiple signal emissions if an object is removed from all - of its locations then re-exported, and a memory leak if an - exported object is disposed (fdo#36811) - + Log the error message if object registration fails (fdo#37795) - + Several small fixes. - + Remove Doxygen support (as gtk-doc is used) (fdo#10890) - + Build fixes. - + Bugs fixed: fdo#22667, fdo#22854, fdo#23616, fdo#26952, - fdo#27193, fdo#27598, fdo#29884, fdo#32351, fdo#33145, - fdo#33646, fdo#34282, fdo#37060, fdo#37062, fdo#37789, - fdo#37790, fdo#37812. - -- Update to version 0.92: - + Require glib 2.26: this dependency bump was missed in 0.90. - -- Update to version 0.90: - + Add DBusGObjectPath, DBusGSignature typedefs - + Give specialized GArrays iteration/appending support - + fdo#30428: add dbus_g_value_parse_g_variant - + Fix switching a connection's GMainContext - + Various small fixes - -- Update to version 0.88: - + Allow duplicate object path registrations for different - connections - + Don't use the identifier "interface" in public headers - + Don't pass malformed error interface to dbus (rh#581794) - + Fix a crash in dbus_pending_call_cancel() (fdo#14579) - + Fix lookup of regular properties when shadow properties are - used - + fdo#28715: Add dbus_g_value_build_g_variant() - + Support DBUS_TYPE_G_SIGNATURE - + Respect property access flags for writing, allow disabling for - reads - + Documentation improvements - + Build fixes, especially for windows -- Drop bug-628607-access-flags-CVE-2010-1172.diff: fixed upstream. - -- honor access properties from xml file (CVE-2010-1172, bnc#628607) - -- use %_smp_mflags - -- Update to version 0.86: - + core: allow duplicate property names on GInterfaces - + core: performance optimization for object info lookup - + Fix hyphenated error codes correctly - + Free errors returned by method implementations - + Trivial compiler warning fixes - + Use AM_SILENT_RULES if available - + Turn the gtk-doc documentation into buildable shape - -- Update to version 0.84: - + Support duplicate object registrations - + Only re-set registration list if it's non-empty - + Copy object registration list when unregistering. - + fdo#19623 - Add dbus_g_bus_get_private - + fdo#25119 - Don't leak DBusGMethodInvocation for no-reply calls - + Import dbus-bus-introspect.xml upstream - + dbus-gvalue: set an error when demarshal_basic doesn't - recognize type - + Man page fixes. - -- add baselibs.conf as a source -- package documentation as noarch - -- Update to version 0.82: - + Fix format-security warning - + Use -fno-strict-aliasing by default - + fdo#14183 - Listen to NameOwnerChanged using arg0 matching - + Use g_strdup instead of strdup in dbus_g_method_get_sender - + fdo#13908: make dbus_g_type_specialized_init() safe for library - users to call - + fdo#16776: teach dbus_g_method_return_error about DBUS_GERROR - + fdo#20884: dbus_g_proxy_manager_replace_name_owner: don't leave - freed memory in the hash table if the name was the owner's - first - + dbus_g_type_specialized_init: make some effort at being - thread-safe - + add --with-dbus-binding-tool configure option to use an - external dbus-binding-tool - + fdo#5688: don't assert when exported object is destroyed - * after* D-Bus connection closes - + fdo#21219: implement unregistration of objects - + dbus-gobject: save the ObjectRegistration on each object, not - just the path - + fdo#20879 - Use --skip-source argument for glib-genmarshal - + fdo#19927 - Use const for GError * param we're not modifying - + fdo#13908: silently initialize specialized types whenever - required - + fdo#21362 - Remove use of deprecated symbols - + fdo#21753 - Correctly initialize GValues in dbus-binding-tool - generated code - + fdo#22244 - Only include , not individual headers - + fdo#20343 - Add a man page for dbus-binding-tool - + fdo#18294 - Be defensive about a possibly NULL property string - + Various build fixes. -- Remove AutoReqProv: it's default now. -- Remove -fno-strict-aliasing from our custom CFLAGS since it's by - default now. -- Drop dbus-1-glib-selinux.patch: unneeded now. -- Drop marshall-skip-source.patch: fixed upstream. -- Use libexecdir whenever possible. -- Remove Requires from doc package since it's purely html files. - -- Do not add source file name as comment for glib-genmarshall Aufruf. - This creates otherwise files with temporary filenames that make - comparison of builds impossible (marshall-skip-source.patch) - distribution-logos-openSUSE +- switch to a service using zstd + +- list the source url + +- Update Leap 15.6 branding poo#131666 + enchant-1 +- Use %autosetup instead of %setup/%patch. + +- Drop baselibs.conf: there is no known consumer of the -32bit + package. + -- Added url as source. - Please see http://en.opensuse.org/SourceUrls - -- Spec-cleanup using format_spec_file service. - fontconfig +- Run autoreconf for Leap 15.x to fix build breakage + +- update to 2.14.2: + * Adjust indentation between programlisting in fontconfig-user.sgml + * Add some missing constant names for weight + * Report more detailed logs instead of assertion + * Fix a typo in description for HAVE_STDATOMIC_PRIMITIVES + * Ignore LC_CTYPE if set to "UTF-8" + * add --with-default-sub-pixel-rendering option + * Add FC_DESKTOP_NAME property + +- update to 2.14.1: + * Bump the cache version to 8 in doc/fontconfig-user.sgm + * Enable 10-sub-pixel-rgb.conf by default + * build fixes and translation updates + * Avoid misuse of ctype + +- Seems we now need python3 for building + +- update to 2.14.0: + * Fix endianness on generating MD5 cache name + * Fix a typo in the description of FcWeightFromOpenTypeDouble + * fc-validate: returns an error code when missing some glyphs + * Fallback uuid-based name to read a cache if no MD5-based cache + * fc-cache: Show font directories to generate cache with -v + * Replace UUID file mechanism with per-directory 'map' attribute [v2] + * memleak fixes +- drop fontconfig-do-not-remove-UUID-file.patch (obsolete) +- add skip-network-test.patch + gcr3 +- Use %patch -p N instead of deprecated %patchN. + glib-networking +- Update to version 2.78.0: + + Respect root certificates added to macOS system keychain by + users + + Disable PKCS #11 tests when GnuTLS is built without PKCS #11 + support + + Fix connection tests on 32-bit systems with 64-bit time_t + + Updated translations. + +- Ignore test suite errors for now: the test passes when run + locally in a chroot build env, but fails inside a kvm build env. + +- Update to version 2.76.1: + + Fix proxy tests when built against libproxy 0.5. + + Updated translations. +- Drop a7db10e8862050f19af5c2eebcd1d590a04d5ced.patch: fixed + upstream. + +- Add a7db10e8862050f19af5c2eebcd1d590a04d5ced.patch: Fix tests + using libproxy 0.5. + +- Update to version 2.76.0: + + Fix OpenSSL sessions becoming unresumable. + + Fix installed libproxy test. + +- Update to version 2.76.beta: + + Hopefully fix environment proxy resolver on Windows. + + Remove static_modules build option, use + - Ddefault_library=static instead. + + Updated translations. + +- Update to version 2.76.alpha: + + OpenSSL: add session resumption support. + + GnuTLS: several session resumption improvements. + + Skip TLS exporter test for TLS 1.2. + + Default values for build options have changed, no longer use + auto. + + Fix static linking on Windows. + + Don't use system trust on iOS. + + Updated translations. +- Drop glib-networking-gnutls-tls-exporter-tls12.patch: fixed + upstream. + +- Fix build with gnutls 3.7.8: + * tests: skip tls-exporter test for TLS 1.2 + * https://gitlab.gnome.org/GNOME/glib-networking/-/issues/201 + * Add glib-networking-gnutls-tls-exporter-tls12.patch + +- Update to version 2.74.0: + + Updated translations. + +- Update to version 2.74.rc: + + Support PKCS #12 encrypted certificates. + + Various improvements to Meson build system. + + Multiple fixes for proxy tests. + +- Update to version 2.74.beta: + + Drop environment proxy resolver to lowest priority. + +- Update to version 2.74.alpha: + + Add build option for toggling debug logging. + + Move gettext() usage out of hot paths. + + Fix tests build when using openssl. + + Properly free libproxy lookup results and require libproxy + 0.4.16. + + Add additional validation for proxy lookup results. + + Allow using static libraries via meson subprojects. + + Updated translations. + +- Update to version 2.72.2: + + Drop environment proxy resolver to lowest priority. + +- Update to version 2.72.1 + + Discard empty proxy environment variables. + +- Update to version 2.72.0: + + Fix proxy tests. + + GnuTLS: use IANA-style ciphersuite names with GnuTLS 3.7.4. + + meson devenv. + + Updated translations. + +- Update to version 2.72.beta: + + Add environment variable proxy resolver. + + OpenSSL: fix uninitialized memory use. + +- Update to version 2.72.alpha: + + OpenSSL: + - Fix unsafe error handling. + - Fail when appropriate if Must-Staple extension is set. + + GnuTLS: fix TLS 1.3 ciphersuite names, should use underscores. + + Improve failure of tls-unique channel binding requests. + + Do not fill SNI extension with IP address. + glibc +- syslog-buffer-overflow.patch: syslog: Fix heap buffer overflow in + __vsyslog_internal (CVE-2023-6246, CVE-2023-6779, CVE-2023-6780, + bsc#1218863, bsc#1218867, bsc#1218868) +- qsort-invalid-cmp.patch: qsort: handle degenerated compare function + (bsc#1218866) + +- Change minimum GCC to 13 + +- Split off libnsl.so.1 into a separate package + gnutls +- Update to 3.8.3: + * libgnutls: Fix more timing side-channel inside RSA-PSK key + exchange. [GNUTLS-SA-2024-01-14, CVSS: medium] + [bsc#1218865, CVE-2024-0553] + * libgnutls: Fix assertion failure when verifying a certificate + chain with a cycle of cross signatures. + [GNUTLS-SA-2024-01-09, CVSS: medium] [bsc#1218862, CVE-2024-0567] + * libgnutls: Fix regression in handling Ed25519 keys stored in + PKCS#11 token certtool was unable to handle Ed25519 keys + generated on PKCS#11 with pkcs11-tool (OpenSC). + This is a regression introduced in 3.8.2. + * Rebase gnutls-FIPS-140-3-references.patch + * Updated upstream gnutls.keyring + +- Update to 3.8.2: [bsc#1217277, CVE-2023-5981] + * libgnutls: Fix timing side-channel inside RSA-PSK key exchange. + [GNUTLS-SA-2023-10-23, CVSS: medium] [CVE-2023-5981] + * libgnutls: Add API functions to perform ECDH and DH key agreement + The functionality has been there for a long time though they were + not available as part of the public API. This enables applications + to implement custom protocols leveraging non-interactive key + agreement with ECDH and DH. + * libgnutls: Added support for AES-GCM-SIV ciphers (RFC 8452) + The new algorithms GNUTLS_CIPHER_AES_128_SIV_GCM and + GNUTLS_CIPHER_AES_256_SIV_GCM have been added to be used through + the AEAD interface. Note that, unlike + GNUTLS_CIPHER_AES_{128,256}_SIV_GCM, the authentication tag is + appended to the ciphertext, not prepended. + * libgnutls: transparent KTLS support is extended to FreeBSD kernel + The kernel TLS feature can now be enabled on FreeBSD as well as + Linux when compiled with the --enable-ktls configure option. + * gnutls-cli: New option --starttls-name + Depending on deployment, application protocols such as XMPP may + require a different origin address than the external address to be + presented prior to STARTTLS negotiation. The --starttls-name can + be used to specify specify the addresses separately. + * API and ABI modifications: + - gnutls_pubkey_import_dh_raw: New function + - gnutls_privkey_import_dh_raw: New function + - gnutls_pubkey_export_dh_raw: New function + - gnutls_privkey_export_dh_raw: New function + - gnutls_x509_privkey_import_dh_raw: New function + - gnutls_privkey_derive_secret: New function + - GNUTLS_KEYGEN_DH: New enum member of gnutls_keygen_types_t + - GNUTLS_CIPHER_AES_128_SIV_GCM: Added + - GNUTLS_CIPHER_AES_256_SIV_GCM: Added + * Rebase gnutls-FIPS-140-3-references.patch + * Remove upstream: gnutls-GNUTLS_NO_EXTENSIONS-compatibility.patch + gobject-introspection +- Drop BuildRequires on pkgconfig(cairo)/pkgconfig(cairo-gobject), + cairo is only needed for some tests. + gpg2 +- Update to 2.4.4: [bsc#1219191] + * gpg: Do not keep an unprotected smartcard backup key on disk. + See https://gnupg.org/blog/20240125-smartcard-backup-key.html + for a security advisory. [T6944] + * gpg: Allow to specify seconds since Epoch beyond 2038 on 32-bit + platforms. [T6736] + * gpg: Fix expiration time when Creation-Date is specified. [T5252] + * gpg: Add support for Subkey-Expire-Date. [rG96b69c1866] + * gpg: Add option --with-v5-fingerprint. [T6705] + * gpg: Add sub-option ignore-attributes to --import-options. + * gpg: Add --list-filter properties sig_expires/sig_expires_d. + * gpg: Fix validity of re-imported keys. [T6399] + * gpg: Report BEGIN_ status before examining the input. [T6481] + * gpg: Don't try to compress a read-only keybox. [T6811] + * gpg: Choose key from inserted card over a non-inserted card. [T6831] + * gpg: Allow to create revocations even with non-compliant algos. [T6929] + * gpg: Fix regression in the Revoker keyword of the parameter file. [T6923] + * gpg: Improve error message for expired default keys. [T4704] + * gpgsm: Add --always-trust feature. [T6559] + * gpgsm: Support ECC certificates in de-vs mode. [T6802] + * gpgsm: Major rewrite of the PKCS#12 parser. [T6536] + * gpgsm: No not show the pkcs#12 passphrase in debug output. [T6654] + * keyboxd: Timeout on failure to get the database lock. [T6838] + * agent: Update the key stubs only if really modified. [T6829] + * scd: Add support for certain Starcos 3.2 cards. [rG5304c9b080] + * scd: Add support for CardOS 5.4 cards. [rG812f988059] + * scd: Add support for D-Trust 4.1/4.4 cards. [rG0b85a9ac09] + * scd: Add support for Smartcafe Expert 7.0 cards. [T6919] + * scd: Add a length check for a new PIN. [T6843] + * tpm: Fix keytotpm handling in the agent. [rG9909f622f6] + * tpm: Fixes for the TPM test suite. [T6052] + * dirmngr: New option --ignore-crl-extensions. [T6545] + * dirmngr: Support config value "none" to disable the default + keyserver. [T6708] + * dirmngr: Fix handling of the HTTP Content-Length. [rGa5e33618f4] + * gpgconf: Add commands --lock and --unlock. [rG93b5ba38dc] + * gpgconf: Add keyword socketdir to gpgconf.ctl. [rG239c1fdc28] + * gpgconf: Adjust the -X command for the new VERSION file format. [T6918] + * wkd: Use export-clean for gpg-wks-client's --mirror and --create + commands. [rG2c7f7a5a278c] + * wkd: Make --add-revocs the default in gpg-wks-client. New option + - -no-add-revocs. [rG10c937ee68] + * Remove duplicated backslashes when setting the homedir. [T6833] + * Ignore attempts to remove the /dev/null device. [T6556] + * Improve advisory file lock retry strategy. [T3380] + * Release-info: https://dev.gnupg.org/T6578 + * Remove patch upstream: + - gnupg-Report-BEGIN_-status-before-examining-the-input.patch + gsettings-desktop-schemas +- Use %autosetup instead of %setup/%patch. + gstreamer +- Update to version 1.22.9: + + Highlighted bugfixes in 1.22.9 + - More Security fixes for the AV1 video codec parser + - va: fixes for Mesa Gallium drivers in Mesa versions older + than v23.2 + - v4l2src: Consider framerate during caps selection + - v4l2codec: decoder fixes + - rtspsrc: multicast fixes + - camerabin viewfinder fixes + - various bug fixes, build fixes, memory leak fixes, and other + stability and reliability improvements + + gstreamer + - aggregator: fix use-after-free in queries processing + - multiqueue: Ignore queue fullness for most events +- Rebase reduce-required-meson.patch + gstreamer-plugins-bad +- Require libvpl only on supported architectures (x86_64 and aarch64) + +- drop support for libmfx, which is no longer supported upstream + at all (boo#1219494) +- added support for oneVPL + +- Update to version 1.22.9: + + av1parser: Fix potential stack overflow during tile list + parsing (CVE-2024-0444, bsc#1219453, ZDI-CAN-22300) + + camerabin: Correctly relink viewfinderbin_queue + + GstPlay: Fix error details parsing + + h264decoder: Handle malformed avc/avc3 packets + + h264decoder: h265decoder: Align with wraparound fix + + vp8decoder: vp9decoder: av1decoder: mpeg2decoder: + Fix multiplication wraparound + + vah264enc/vah264dec issues after recent upgrade to 1.22.8 + from 1.22.7 + + va: fixes for Mesa Gallium drivers in Mesa versions older + than v23.2 + + vp9parse: Fix critical warning during caps negotiation +- Rebase reduce-required-meson.patch + gstreamer-plugins-base +- Update to version 1.22.9: + + audiobasesink: Don't wait on gap events + + audioconvert: change gst_audio_convert_get_unit_size() log + levels + + glcolorconvert: Correct transform_caps direction + + gloverlay: Apply updated overlay coordinates correctly + + videorate: keep pool if max_buffers is unlimited +- Rebase reduce-required-meson.patch + gvfs +- Update to version 1.52.2: + + smb: Fix livelock when mounting share without enough + permissions. + + smb: Fi moving files across filesystem boundaries. + + Updated transltions. + +- Use %patch -p N instead of deprecated %patchN. + hunspell +- update to 1.7.2: + * Crash fixes, code clean-up in ~200 commits + * tdf#136306 don't accept/suggest typos as 3-or-more-word compound words + * Prepare optional spelling mode of LibreOffice to not accept/suggest not + dictionary-based words as compound words + * Merge in weblate translations + +- update to 1.7.1: + * Merge chromium fix for #714 OOB string write in hunspell + * Merge firefox fix for #756 various issues parsing incomplete aff files + * Fix #492 crash with hunspell -l -r + * Merge in weblate translations +- drop hunspell-CVE-2019-16707.patch (upstream) + +- Version update to 1.7.0: + * add SPELLML support for run-time dictionary extensio + * No annoying suggestion times any more, especially in languages with + compound word handling and complex morphology + * Improved, highly customizable suggestions on level of dictionary words + * Handling multiple word suggestions is much more easier + * Limit compound overgeneration by dictionary based word pairs + * makealias dictionary compression + * Various minor bugfixes + hwdata +- update to 0.378: + * Update pci, usb and vendor ids + +- update to 0.377: + * Fixed trailing spaces in pnp.ids + +- update to 0.376: + * Update pci, usb and vendor ids + +- update to 0.373: + * Update pci, usb and vendor ids + +- update to 0.372: + * Update pci, usb and vendor ids + karchive +- Update to 5.114.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.114.0 +- No code change since 5.113.0 + +- Update to 5.113.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.113.0 +- Changes since 5.112.0: + * karchivetest: QVERIFY KArchiveFile* before dereferencing it + * Fix broken bzip2 with new shared-mime-info + kernel-default +- net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv + (bsc#1219127 CVE-2024-23849). +- commit 7f27245 + +- x86/coco: Define cc_vendor without CONFIG_ARCH_HAS_CC_PLATFORM + (jsc#PED-7322). +- commit 98c6595 + +- x86/kvm: Fix SEV check in sev_map_percpu_data() (jsc#PED-7322). +- commit 082b8e1 + +- KVM: x86: Give a hint when Win2016 might fail to boot due to + XSAVES erratum (jsc#PED-7322). +- commit d5577b6 + +- KVM: x86: Check irqchip mode before create PIT (jsc#PED-7322). +- commit d2cbe00 + +- Update config files (bsc#1219440). + Update the CONFIG_LSM option to include the BPF LSM in the default set of + LSMs that get enabled when booting up. The new version of systemd in + SLE15-SP6 requires the BPF LSM. +- commit bf6e39d + +- KVM: introduce CONFIG_KVM_COMMON (jsc#PED-7322). +- Update config files. +- commit 60742fc + +- Update metadata: "scsi: lpfc: Use unsigned type for num_sge (bsc#1214746)." + Move patch into sorted section. +- commit bf77043 + +- virt: sev-guest: Convert to platform remove callback returning + void (jsc#PED-7322). +- commit 5752a5f + +- KVM: remove CONFIG_HAVE_KVM_IRQFD (jsc#PED-7322). +- Update config files. +- commit 6e3621a + +- KVM: remove CONFIG_HAVE_KVM_EVENTFD (jsc#PED-7322). +- Update config files. +- commit 6361a8e + +- Update config files. +- commit 6ba26a3 + +- KVM x86/xen: add an override for PVCLOCK_TSC_STABLE_BIT + (jsc#PED-7322). +- commit 737fb0e + +- octeontx2-af: Initialize maps (jsc#PED-6931). +- net: intel: fix old compiler regressions (jsc#PED-4874). +- octeontx2-pf: Fix a memleak otx2_sq_init (jsc#PED-6931). +- idpf: avoid compiler padding in virtchnl2_ptype struct + (jsc#PED-6716). +- octeontx2-pf: Remove xdp queues on program detach + (jsc#PED-6931). +- ixgbe: Fix an error handling path in + ixgbe_read_iosf_sb_reg_x550() (jsc#PED-4872). +- e1000e: correct maximum frequency adjustment values + (jsc#PED-4868). +- bnxt_en: Make PTP timestamp HWRM more silent (jsc#PED-5742). +- gve: Fix skb truesize underestimation (bsc#1214479). +- commit 610ddc5 + +- KVM: nSVM: Hide more stuff under CONFIG_KVM_HYPERV/CONFIG_HYPERV + (jsc#PED-7322). +- commit c8c1c08 + +- team: Fix use-after-free when an option instance allocation + fails (git-fixes). +- commit aa6501b + +- KVM: nVMX: Hide more stuff under CONFIG_KVM_HYPERV (jsc#PED-7322). +- commit bc6ea0c + +- net: dsa: microchip: provide a list of valid protocols for + xmit handler (git-fixes). +- commit 14ae17e + +- nfp: flower: fix for take a mutex lock in soft irq context + and rcu lock (git-fixes). +- commit 8699210 + +- net: hns: fix fake link up on xge port (git-fixes). +- commit 7b3f477 + +- net: hns: fix wrong head when modify the tx feature when + sending packets (git-fixes). +- commit 848eb56 + +- net: atlantic: Fix NULL dereference of skb pointer in + (git-fixes). +- commit bfa6175 + +- net: stmmac: fix FPE events losing (git-fixes). +- commit 2382976 + +- net: ravb: Keep reverse order of operations in ravb_remove() + (git-fixes). +- commit d60c1dc + +- net: ravb: Stop DMA in case of failures on ravb_open() + (git-fixes). +- commit 536e15e + +- net: ravb: Start TX queues after HW initialization succeeded + (git-fixes). +- commit 67bd94d + +- net: ravb: Make write access to CXR35 first before accessing + other EMAC registers (git-fixes). +- commit 2f42ed8 + +- net: ravb: Use pm_runtime_resume_and_get() (git-fixes). +- commit f02fced + +- net: ravb: Check return value of reset_control_deassert() + (git-fixes). +- commit 864deed + +- net: libwx: fix memory leak on msix entry (git-fixes). +- commit 159ffaa + +- KVM: nVMX: Introduce accessor to get Hyper-V eVMCS pointer + (jsc#PED-7322). +- commit 4c639bf + +- KVM: nVMX: Introduce helpers to check if Hyper-V evmptr12 is + valid/set (jsc#PED-7322). +- commit bc7347a + +- KVM: x86: Make Hyper-V emulation optional (jsc#PED-7322). +- Update config files. +- commit 87507f6 + +- Drop ASoC AMD ACP patch causing a regression (bsc#1219789) +- commit 1eacaea + +- KVM: nVMX: Move guest_cpuid_has_evmcs() to hyperv.h (jsc#PED-7322). +- commit 2cbad81 + +- KVM: nVMX: Split off helper for emulating VMCLEAR on Hyper-V + eVMCS (jsc#PED-7322). +- commit 82136e4 + +- KVM: x86: Introduce helper to handle Hyper-V paravirt TLB + flush requests (jsc#PED-7322). +- commit 92008f5 + +- KVM: VMX: Split off hyperv_evmcs.{ch} (jsc#PED-7322). +- commit 056eb46 + +- KVM: x86: Introduce helper to check if vector is set in Hyper-V + SynIC (jsc#PED-7322). +- commit ee580aa + +- KVM: x86: Introduce helper to check if auto-EOI is set in + Hyper-V SynIC (jsc#PED-7322). +- commit 3628f1b + +- KVM: VMX: Split off vmx_onhyperv.{ch} from hyperv.{ch} + (jsc#PED-7322). +- commit a52f7d7 + +- KVM: x86: Move Hyper-V partition assist page out of Hyper-V + emulation context (jsc#PED-7322). +- commit c274d49 + +- KVM: x86/xen: Remove unneeded xen context from kvm_arch when + !CONFIG_KVM_XEN (jsc#PED-7322). +- commit 1a3426d + +- KVM: x86/mmu: fix comment about mmu_unsync_pages_lock + (jsc#PED-7322). +- commit 6927f64 + +- KVM: x86/mmu: always take tdp_mmu_pages_lock (jsc#PED-7322). +- commit 3c339d8 + +- KVM: x86/mmu: remove unnecessary "bool shared" argument from + iterators (jsc#PED-7322). +- commit 26089fe + +- KVM: x86/mmu: remove unnecessary "bool shared" argument from + functions (jsc#PED-7322). +- commit 20e6465 + +- KVM: x86/mmu: Check for leaf SPTE when clearing dirty bit in + the TDP MMU (jsc#PED-7322). +- commit 04b615d + +- KVM: x86/mmu: Fix off-by-1 when splitting huge pages during + CLEAR (jsc#PED-7322). +- commit ca542a6 + +- KVM: x86: Harden copying of userspace-array against overflow + (jsc#PED-7322). +- commit 2624bb5 + +- KVM: x86/pmu: Track emulated counter events instead of previous + counter (jsc#PED-7322). +- commit 50f3c68 + +- KVM: x86/pmu: Update sample period in pmc_write_counter() + (jsc#PED-7322). +- commit b607273 + +- KVM: x86/pmu: Remove manual clearing of fields in kvm_pmu_init() + (jsc#PED-7322). +- commit 5d80669 + +- KVM: x86/pmu: Stop calling kvm_pmu_reset() at RESET (it's + redundant) (jsc#PED-7322). +- commit ba0d28d + +- KVM: x86/pmu: Reset the PMU, i.e. stop counters, before + refreshing (jsc#PED-7322). +- commit 3e9e29b + +- KVM: x86/pmu: Move PMU reset logic to common x86 code + (jsc#PED-7322). +- commit 4d829a7 + +- KVM: SVM,VMX: Use %rip-relative addressing to access + kvm_rebooting (jsc#PED-7322). +- commit 94d4ceb + +- KVM: SVM: Don't intercept IRET when injecting NMI and vNMI is + enabled (jsc#PED-7322). +- commit abf0f42 + +- KVM: SVM: Explicitly require FLUSHBYASID to enable SEV support + (jsc#PED-7322). +- commit 51dc0ef + +- KVM: nSVM: Advertise support for flush-by-ASID (jsc#PED-7322). +- commit d96ff28 + +- Revert "nSVM: Check for reserved encodings of TLB_CONTROL in + nested VMCB" (jsc#PED-7322). +- commit 733d5b1 + +- KVM: x86: Don't unnecessarily force masterclock update on vCPU + hotplug (jsc#PED-7322). +- commit e2477e4 + +- KVM: x86: Use a switch statement and macros in + __feature_translate() (jsc#PED-7322). +- commit 26af95a + +- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace + (jsc#PED-7322). +- commit 8de3668 + +- blacklist.conf: false positive +- commit 3612d1b + +- dm: limit the number of targets and parameter size area + (bsc#1219827, bsc#1219146, CVE-2023-52429, CVE-2024-23851). +- commit 7512798 + +- KVM: x86: Turn off KVM_WERROR by default for all configs + (jsc#PED-7322). +- commit 427cbaf + +- KVM: x86/mmu: Declare flush_remote_tlbs{_range}() hooks iff + HYPERV!=n (jsc#PED-7322). +- commit 47fe30a + +- mm: memcontrol: don't throttle dying tasks on memory.high + (bsc#1219889). +- kernel/fork: beware of __put_task_struct() calling context + (bsc#1216761). +- commit e3538e2 + +- KVM: x86: Use KVM-governed feature framework to track "LAM + enabled" (jsc#PED-7322). +- commit e0b7547 + +- docs/perf: Add ampere_cspmu to toctree to fix a build warning (jsc#PED-7859) +- commit 5a39b75 + +- KVM: x86: Advertise and enable LAM (user and supervisor) + (jsc#PED-7322). +- commit be96f66 + +- KVM: x86: Virtualize LAM for user pointer (jsc#PED-7322). +- commit 51ea9b3 + +- KVM: x86: Virtualize LAM for supervisor pointer (jsc#PED-7322). +- commit 4719d36 + +- perf vendor events arm64 AmpereOneX: Add core PMU events and metrics (jsc#PED-7859) +- commit 8763e5d + +- netdevsim: Don't accept device bound programs (git-fixes). +- commit c28704b + +- ravb: Fix races between ravb_tx_timeout_work() and net related + ops (git-fixes). +- commit ca1ed03 + +- r8169: prevent potential deadlock in rtl8169_close (git-fixes). +- commit c6c74b1 + +- r8169: fix deadlock on RTL8125 in jumbo mtu mode (git-fixes). +- commit 350e699 + +- net: stmmac: xgmac: Disable FPE MMC interrupts (git-fixes). +- commit 4d4a44e + +- dpaa2-eth: recycle the RX buffer only after all processing done + (git-fixes). +- commit 6f9cf91 + +- KVM: x86: Untag addresses for LAM emulation where applicable + (jsc#PED-7322). +- commit 3aca57c + +- dpaa2-eth: increase the needed headroom to account for alignment + (git-fixes). +- commit aeead7c + +- net: rswitch: Fix missing dev_kfree_skb_any() in error path + (git-fixes). +- commit dfab415 + +- net: rswitch: Fix return value in rswitch_start_xmit() + (git-fixes). +- commit 3061c1f + +- net: rswitch: Fix type of ret in rswitch_start_xmit() + (git-fixes). +- commit 3bd4f02 + +- net: ipa: fix one GSI register field width (git-fixes). +- commit 57e43ae + +- net: axienet: Fix check for partial TX checksum (git-fixes). +- commit 765d022 + +- amd-xgbe: propagate the correct speed and duplex status + (git-fixes). +- commit ca7f648 + +- amd-xgbe: handle the corner-case during tx completion + (git-fixes). +- commit 05c99da + +- amd-xgbe: handle corner-case during sfp hotplug (git-fixes). +- commit 63bb25f + +- net: veth: fix ethtool stats reporting (git-fixes). +- commit 40065a7 + +- wireguard: use DEV_STATS_INC() (git-fixes). +- commit c56067d + +- net: wangxun: fix kernel panic due to null pointer (git-fixes). +- commit cc57ffc + +- KVM: x86: Introduce get_untagged_addr() in kvm_x86_ops and + call it in emulator (jsc#PED-7322). +- Refresh + patches.suse/KVM-SEV-Make-AVIC-backing-VMSA-and-VMCB-memory-allocation-SNP-sa. +- commit db34c34 + +- stmmac: dwmac-loongson: Add architecture dependency (git-fixes). +- commit 746bbc5 + +- macvlan: Don't propagate promisc change to lower dev in passthru + (git-fixes). +- commit ad66810 + +- pds_core: use correct index to mask irq (git-fixes). +- commit f2391e5 + +- net: stmmac: avoid rx queue overrun (git-fixes). +- commit 3a28d91 + +- net: stmmac: fix rx budget limit check (git-fixes). +- commit 739b241 + +- KVM: x86: Remove kvm_vcpu_is_illegal_gpa() (jsc#PED-7322). +- commit 214f40f + +- KVM: x86: Add & use kvm_vcpu_is_legal_cr3() to check CR3's + legality (jsc#PED-7322). +- commit 0ea18e6 + +- KVM: x86/mmu: Drop non-PA bits when getting GFN for guest's PGD + (jsc#PED-7322). +- commit a7a4e2c + +- KVM: x86: Add X86EMUL_F_INVLPG and pass it in em_invlpg() + (jsc#PED-7322). +- commit 469975b + +- KVM: x86: Add an emulation flag for implicit system access + (jsc#PED-7322). +- commit d9485ea + +- KVM: x86: Consolidate flags for __linearize() (jsc#PED-7322). +- commit bc10a7d + +- tools arch x86: Sync the msr-index.h copy with the + kernel sources to pick IA32_MKTME_KEYID_PARTITIONING + (perf-sync-headers). +- Delete + patches.suse/sync-tools-arch-header-for-support-branch-counters-logging.patch. +- commit 4348ec9 + +- tools headers x86 cpufeatures: Sync with the kernel sources + to pick TDX, Zen, APIC MSR fence changes (perf-sync-headers). +- commit 13aa64d + +- perf evlist: Fix evlist__new_default() for > 1 core PMU + (git-fixes). +- perf db-export: Fix missing reference count get in + call_path_from_sample() (git-fixes). +- perf stat: Fix hard coded LL miss units (git-fixes). +- perf env: Avoid recursively taking env->bpf_progs.lock + (git-fixes). +- perf vendor events: Remove UTF-8 characters from cmn.json + (git-fixes). +- perf unwind-libunwind: Fix base address for .eh_frame + (git-fixes). +- perf unwind-libdw: Handle JIT-generated DSOs properly + (git-fixes). +- perf genelf: Set ELF program header addresses properly + (git-fixes). +- perf hisi-ptt: Fix one memory leakage in + hisi_ptt_process_auxtrace_event() (git-fixes). +- perf header: Fix one memory leakage in + perf_event__fprintf_event_update() (git-fixes). +- perf stat: Fix help message for --metric-no-threshold option + (git-fixes). +- perf stat: Exit perf stat if parse groups fails (git-fixes). +- perf mem: Fix error on hybrid related to availability of mem + event in a PMU (git-fixes). +- perf vendor events powerpc: Update datasource event name to + fix duplicate events (git-fixes). +- perf vendor events arm64 AmpereOne: Rename BPU_FLUSH_MEM_FAULT + to GPC_FLUSH_MEM_FAULT (git-fixes). +- perf test record user-regs: Fix mask for vg register + (git-fixes). +- perf docs: Fix man page formatting for 'perf lock' (git-fixes). +- perf test record+probe_libc_inet_pton: Fix call chain match + on powerpc (bsc#1218986). +- perf tests: Skip pipe test if noploop symbol is missing + (bsc#1219617). +- perf tests lib: Add perf_has_symbol.sh (bsc#1219617). +- perf header: Fix segfault on build_mem_topology() error path + (git-fixes). +- perf test: Remove atomics from test_loop to avoid test failures + (git-fixes). +- commit a32b1b0 + +- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER + missed (git-fixes). +- hv_netvsc: Fix race condition between netvsc_probe and + netvsc_remove (git-fixes). +- scsi: storvsc: Fix ring buffer size calculation (git-fixes). +- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not + 4 Kbytes (git-fixes). +- commit 721575c + +- s390/scm: fix virtual vs physical address confusion (git-fixes + bsc#1219816). +- commit d8288d6 + +- s390/boot: always align vmalloc area on segment boundary + (git-fixes bsc#1219815). +- commit 08905ad + +- s390/vfio-ap: fix sysfs status attribute for AP queue devices + (git-fixes bsc#1219814). +- commit 2f4c817 + +- s390/ptrace: handle setting of fpc register correctly (git-fixes + bsc#1219812). +- commit be5b93a + +- s390/qeth: Fix potential loss of L3-IP@ in case of network + issues (git-fixes bsc#1219811). +- commit 32d0fc0 + +- Reference recently released CVE +- Update + patches.suse/x86-coco-Disable-32-bit-emulation-by-default-on-TDX-.patch + (jsc#PED-7322 CVE-2024-25744). +- Update + patches.suse/x86-entry-convert-int-0x80-emulation-to-idtentry.patch + (bsc#1217927 CVE-2024-25744). +- Update + patches.suse/x86-entry-do-not-allow-external-0x80-interrupts.patch + (bsc#1217927 CVE-2024-25744). +- Update + patches.suse/x86-tdx-Allow-32-bit-emulation-by-default.patch + (jsc#PED-7322 CVE-2024-25744). +- commit 06d4b38 + +- KVM: s390: vsie: fix race during shadow creation (git-fixes + bsc#1219810). +- commit 8180746 + +- KVM: s390: fix setting of fpc register (git-fixes bsc#1219809). +- commit 478f49e + +- KVM: s390: fix cc for successful PQAP (git-fixes bsc#1219808). +- commit 51e5204 + +- KVM: s390: add stat counter for shadow gmap events + (jsc#PED-5439). +- commit 256c0f9 + +- KVM: s390: add tracepoint in gmap notifier (jsc#PED-5439). +- commit 06f0c94 + +- nvme-host: fix the updating of the firmware version (git-fixes). +- commit 9bc381c + +- x86/MCE: Always save CS register on AMD Zen IF Poison errors (git-fixes). +- commit 63e2bb6 + +- x86/entry/ia32: Ensure s32 is sign extended to s64 (git-fixes). +- commit d1f7bea + +- x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (git-fixes). +- commit b594e28 + +- x86/srso: Print mitigation for retbleed IBPB case (git-fixes). +- Refresh + patches.suse/x86-srso-fix-vulnerability-reporting-for-missing-microcode.patch. +- commit 5b45539 + +- x86/purgatory: Remove LTO flags (git-fixes). +- commit 215c902 + +- x86/kvm: Do not try to disable kvmclock if it was not enabled (git-fixes). +- commit 0a9eee3 + +- scsi: fnic: unlock on error path in fnic_queuecommand() + (git-fixes). +- commit af1e53a + +- net: ethernet: cortina: Drop TSO support (git-fixes). +- commit 1041212 + +- Update patches.suse/arm64-errata-Add-Cortex-A520-speculative-unprivilege.patch (git-fixes, bsc#1219443) + Add reference to bsc#1219443. +- commit b300257 + +- arm64: errata: Add Cortex-A510 speculative unprivileged load (bsc#1219443) + Enable erratum workaround. +- commit b26ca40 + +- r8169: fix network lost after resume on DASH systems + (git-fixes). +- commit c170312 + +- r8169: add handling DASH when DASH is disabled (git-fixes). +- commit 43f9a07 + +- net: ethernet: cortina: Fix MTU max setting (git-fixes). +- commit cdfb94f + +- net: ethernet: cortina: Handle large frames (git-fixes). +- commit 76e929a + +- net: ethernet: cortina: Fix max RX frame define (git-fixes). +- commit 1807254 + +- bonding: stop the device in bond_setup_by_slave() (git-fixes). +- commit 072954c + +- ppp: limit MRU to 64K (git-fixes). +- commit 80ad17a + +- net: mvneta: fix calls to page_pool_get_stats (git-fixes). +- commit 73be237 + +- net: hns3: fix VF wrong speed and duplex issue (git-fixes). +- commit 01a4b9c + +- net: phy: realtek: add 5Gbps support to rtl822x_config_aneg() + (bsc#1217417). +- net: phy: realtek: use generic MDIO constants (bsc#1217417). +- net: mdio: add 2.5g and 5g related PMA speed constants + (bsc#1217417). +- commit 51b8f13 + +- hwmon: (coretemp) Fix bogus core_id to attr name mapping + (git-fixes). +- hwmon: (coretemp) Fix out-of-bounds memory access (git-fixes). +- hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes). +- mmc: sdhci-pci-o2micro: Fix a warm reboot issue that disk + can't be detected by BIOS (git-fixes). +- drm/i915/gvt: Fix uninitialized variable in handle_mmio() + (git-fixes). +- commit fb6968f + +- scsi: fnic: Increment driver version (jsc#PED-7888). +- scsi: fnic: Improve logs and add support for multiqueue (MQ) + (jsc#PED-7888). +- scsi: fnic: Add support for multiqueue (MQ) in fnic driver + (jsc#PED-7888). +- scsi: fnic: Add support for multiqueue (MQ) in fnic_main.c + (jsc#PED-7888). +- scsi: fnic: Remove usage of host_lock (jsc#PED-7888). +- scsi: fnic: Define stats to track multiqueue (MQ) IOs + (jsc#PED-7888). +- scsi: fnic: Modify ISRs to support multiqueue (MQ) + (jsc#PED-7888). +- commit 4ae8e51 + +- scsi: fnic: Refactor and redefine fnic.h for multiqueue + (jsc#PED-7888). +- Refresh + patches.suse/fnic-move-fnic_fnic_flush_tx-to-a-work-queue.patch. +- commit 5d5bc93 + +- scsi: fnic: Get copy workqueue count and interrupt mode from + config (jsc#PED-7888). +- scsi: fnic: Rename wq_copy to hw_copy_wq (jsc#PED-7888). +- scsi: fnic: Add and improve log messages (jsc#PED-7888). +- scsi: fnic: Add and use fnic number (jsc#PED-7888). +- scsi: fnic: Modify definitions to sync with VIC firmware + (jsc#PED-7888). +- commit 4104ea5 + +- net: hns3: fix VF reset fail issue (git-fixes). +- commit 357e0c0 + +- net: hns3: fix variable may not initialized problem in + hns3_init_mac_addr() (git-fixes). +- commit 761dece + +- net: hns3: fix out-of-bounds access may occur when coalesce + info is read via debugfs (git-fixes). +- commit 9368f32 + +- net: hns3: fix incorrect capability bit display for copper port + (git-fixes). +- commit 7b8e42d + +- net: hns3: add barrier in vf mailbox reply process (git-fixes). +- commit deb564c + +- net: hns3: fix add VLAN fail issue (git-fixes). +- commit 6ae1571 + +- ipvlan: add ipvlan_route_v6_outbound() helper (git-fixes). +- commit 5f2d3b6 + +- net: enetc: shorten enetc_setup_xdp_prog() error message to + fit NETLINK_MAX_FMTMSG_LEN (git-fixes). +- commit f882476 + +- net: sfp: add quirk for FS's 2.5G copper SFP (git-fixes). +- commit eb7d824 + +- driver core: Replace kstrdup() + strreplace() with + kstrdup_and_replace() (jsc#PED-6054 bsc#1219692). +- lib/string_helpers: Add kstrdup_and_replace() helper + (jsc#PED-6054 bsc#1219692). +- commit d4a62fc + +- net: ethernet: mtk_wed: fix EXT_INT_STATUS_RX_FBUF definitions + for MT7986 SoC (git-fixes). +- commit be286c4 + +- blacklist.conf: drop two entries to be revived (bsc#1219692) +- commit ba7ec6f + +- net: spider_net: Use size_add() in call to struct_size() + (git-fixes). +- commit 722bf2b + +- lib/string_helpers: Change returned value of the strreplace() + (bsc#1219692). +- jbd2: Avoid printing outside the boundary of the buffer + (bsc#1219692). +- commit 8aa13d7 + +- mlxsw: Use size_mul() in call to struct_size() (git-fixes). +- commit a527704 + +- net: ethernet: adi: adin1110: Fix uninitialized variable + (git-fixes). +- commit 4905ac5 + +- net: mdio-mux: fix C45 access returning -EIO after API change + (git-fixes). +- commit 8842ac4 + +- net: dsa: bcm_sf2: Fix possible memory leak in + bcm_sf2_mdio_register() (git-fixes). +- commit 8a76104 + +- team: fix null-ptr-deref when team device type is changed + (git-fixes). +- commit c07a0c7 + +- net: fec: use netdev_err_once() instead of netdev_err() + (git-fixes). +- commit 45e8d45 + +- wifi: iwlwifi: exit eSR only after the FW does (git-fixes). +- wifi: mac80211: fix waiting for beacons logic (git-fixes). +- wifi: mac80211: fix RCU use in TDLS fast-xmit (git-fixes). +- wifi: cfg80211: fix wiphy delayed work queueing (git-fixes). +- wifi: iwlwifi: fix double-free bug (git-fixes). +- selftests: cmsg_ipv6: repeat the exact packet (git-fixes). +- selftests: net: let big_tcp test cope with slow env (git-fixes). +- atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes). +- selftests: net: avoid just another constant wait (git-fixes). +- selftests: net: cut more slack for gro fwd tests (git-fixes). +- crypto: algif_hash - Remove bogus SGL free on zero-length + error path (git-fixes). +- crypto: ccp - Fix null pointer dereference in + __sev_platform_shutdown_locked (git-fixes). +- commit f9fa694 + +- Drop the driver core change that caused memory corruption (bsc#1219692 bsc#1219732) + patches.suse/driver-core-Replace-kstrdup-strreplace-with-kstrdup_.patch + required the change of strreplace() API behavior as an implicit prerequiste +- commit 9bd691b + +- sched: fair: move unused stub functions to header (git fixes + (sched)). +- sched/fair: Fix the decision for load balance (git fixes + (sched)). +- sched/core: Fix RQCF_ACT_SKIP leak (git fixes (sched)). +- commit ec9d436 + +- Update + patches.suse/Bluetooth-Fix-atomicity-violation-in-min-max-_key_si.patch + (git-fixes bsc#1219608 CVE-2024-24860). +- commit 060d07f + +- Update + patches.suse/mm-lock_vma_under_rcu-must-check-vma-anon_vma-.patch + (bsc#1012628 per-VMA_lock_fix CVE-2024-1312 bsc#1219731). +- commit 91e52e6 + +- Refresh patches.suse/RAS-AMD-ATL-Add-MI300-support.patch. + Fix min() related warning. +- commit 7a6c291 + +- Update + patches.suse/drm-amdgpu-Fix-potential-fence-use-after-free-.patch + (bsc#1219128 CVE-2023-51042 jsc#PED-3527 jsc#PED-5475 + jsc#PED-6068 jsc#PED-6070 jsc#PED-6116 jsc#PED-6120 + jsc#PED-5065 jsc#PED-5477 jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 + jsc#PED-6071). +- commit 72ce736 + +- iommu: Don't reserve 0-length IOVA region (git-fixes) +- commit d83c0fa + +- rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config + (bsc#1219653) + They are put into -devel subpackage. And a proper link to + /usr/share/gdb/auto-load/ is created. +- commit 1dccf2a + +- fs/buffer.c: disable per-CPU buffer_head cache for isolated (bsc#1219631) +- commit 55bb990 + +- EDAC/amd64: Add MI300 row retirement support (jsc#PED-7618). +- commit 36c2567 + +- RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (jsc#PED-7618). +- commit 76938a8 + +- RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (jsc#PED-7618). +- commit d6d16c5 + +- RAS/AMD/ATL: Add MI300 support (jsc#PED-7618). +- commit c9f0c56 + +- Documentation: RAS: Add index and address translation section (jsc#PED-7618). +- commit f894cc4 + +- EDAC/amd64: Use new AMD Address Translation Library (jsc#PED-7618). +- commit 22937f8 + +- RAS: Introduce AMD Address Translation Library (jsc#PED-7618). +- commit 2857e01 + +- netfilter: nf_tables: check if catch-all set element is active + in next generation (CVE-2024-1085 bsc#1219429). +- commit c4588a6 + +- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), + again (git-fixes). +- commit 5ddccd0 + +- mm: migrate: fix getting incorrect page mapping during page + migration (git-fixes). +- commit 54204d1 + +- mm: migrate: record the mlocked page status to remove + unnecessary lru drain (git-fixes). +- commit 1782112 + +- mm/gup: fix follow_devmap_pd() on page==NULL handling + (git-fixes). +- commit 3518c0e + +- mm: page_alloc: unreserve highatomic page blocks before oom + (git-fixes). +- commit 61457c0 + +- mm: page_alloc: enforce minimum zone size to do high atomic + reserves (git-fixes). +- commit 4f2bf1e + +- mm: page_alloc: correct high atomic reserve calculations + (git-fixes). +- commit 5a4ddfb + +- mm: fix unmap_mapping_range high bits shift bug (git-fixes). +- commit 7453200 + +- mm/shmem: fix race in shmem_undo_range w/THP (git-fixes). +- commit 6a39858 + +- mm: fix for negative counter: nr_file_hugepages (git-fixes). +- commit db03bb0 + +- mm: fix unaccount of memory on vma_link() failure (git-fixes). +- commit 8c916f3 + +- mm/mremap: fix unaccount of memory on vma_merge() failure + (git-fixes). +- commit 1139c35 + +- mm: zswap: fix pool refcount bug around shrink_worker() + (git-fixes). +- commit ae8fafe + +- mm/migrate: fix do_pages_move for compat pointers (git-fixes). +- commit d66394c + +- mm: mempolicy: keep VMA walk if both MPOL_MF_STRICT and + MPOL_MF_MOVE are specified (git-fixes). +- commit d9dbc78 + +- slab: kmalloc_size_roundup() must not return 0 for non-zero size + (git-fixes). +- commit 4566078 + +- mm/slab_common: fix slab_caches list corruption after + kmem_cache_destroy() (git-fixes). +- commit 5566bfb + +- netfilter: nf_tables: reject QUEUE/DROP verdict parameters + (CVE-2024-1086 bsc#1219434). +- commit 459b678 + +- KVM: x86: Add support for "protected VMs" that can utilize + private memory (jsc#PED-5122). +- Update config files. +- commit 646dbdf + +- blacklist.conf: add f96c48670319 ("mm: disable CONFIG_PER_VMA_LOCK until its fixed") +- commit 8e3f9d5 + +- tick/sched: Preserve number of idle sleeps across CPU hotplug (git-fixes) +- commit 60b5ecb + +- KVM: Convert KVM_ARCH_WANT_MMU_NOTIFIER to + CONFIG_KVM_GENERIC_MMU_NOTIFIER (jsc#PED-5122). +- Update config files. +- commit dd9b571 + +- KVM: x86: add missing "depends on KVM" (jsc#PED-5122). +- KVM: guest-memfd: fix unused-function warning (jsc#PED-5122). +- KVM: Allow arch code to track number of memslot address spaces + per VM (jsc#PED-5122). +- KVM: Drop superfluous __KVM_VCPU_MULTIPLE_ADDRESS_SPACE macro + (jsc#PED-5122). +- KVM: x86/mmu: Handle page fault for private memory + (jsc#PED-5122). +- KVM: x86: Disallow hugepages when memory attributes are mixed + (jsc#PED-5122). +- KVM: x86: "Reset" vcpu->run->exit_reason early in KVM_RUN + (jsc#PED-5122). +- KVM: Add KVM_CREATE_GUEST_MEMFD ioctl() for guest-specific + backing memory (jsc#PED-5122). +- fs: Rename anon_inode_getfile_secure() and + anon_inode_getfd_secure() (jsc#PED-5122). +- mm: Add AS_UNMOVABLE to mark mapping as completely unmovable + (jsc#PED-5122). +- KVM: Introduce per-page memory attributes (jsc#PED-5122). +- KVM: Drop .on_unlock() mmu_notifier hook (jsc#PED-5122). +- KVM: Add a dedicated mmu_notifier flag for reclaiming freed + memory (jsc#PED-5122). +- KVM: Add KVM_EXIT_MEMORY_FAULT exit to report faults to + userspace (jsc#PED-5122). +- KVM: Introduce KVM_SET_USER_MEMORY_REGION2 (jsc#PED-5122). +- KVM: PPC: Return '1' unconditionally for KVM_CAP_SYNC_MMU + (jsc#PED-5122). +- KVM: PPC: Drop dead code related to KVM_ARCH_WANT_MMU_NOTIFIER + (jsc#PED-5122). +- KVM: WARN if there are dangling MMU invalidations at VM + destruction (jsc#PED-5122). +- KVM: Use gfn instead of hva for mmu_notifier_retry + (jsc#PED-5122). +- KVM: Assert that mmu_invalidate_in_progress *never* goes + negative (jsc#PED-5122). +- KVM: Tweak kvm_hva_range and hva_handler_t to allow reusing + for gfn ranges (jsc#PED-5122). +- commit 5a43605 + +- perf: arm_cspmu: ampere_cspmu: Add support for Ampere SoC PMU (jsc#PED-7859) +- commit 1242994 + +- perf: arm_cspmu: Support implementation specific validation (jsc#PED-7859) +- commit 36b0b74 + +- perf: arm_cspmu: Support implementation specific filters (jsc#PED-7859) +- commit d78d04c + +- perf: arm_cspmu: Split 64-bit write to 32-bit writes (jsc#PED-7859) +- commit ae4b62f + +- perf: arm_cspmu: Separate Arm and vendor module (jsc#PED-7859) +- commit d997aaf + +- x86/CPU/AMD: Add X86_FEATURE_ZEN1 (jsc#PED-5122). +- commit 91f26ba + +- reiserfs: Avoid touching renamed directory if parent does not + change (git-fixes). +- commit 1175a85 + +- afs: fix the usage of read_seqbegin_or_lock() in + afs_find_server*() (git-fixes). +- commit 81e58a2 + +- afs: fix the usage of read_seqbegin_or_lock() in + afs_lookup_volume_rcu() (git-fixes). +- commit 17037c1 + +- jfs: fix array-index-out-of-bounds in diNewExt (git-fixes). +- commit 924a4d7 + +- jfs: fix uaf in jfs_evict_inode (git-fixes). +- commit 4a45faa + +- jfs: fix array-index-out-of-bounds in dbAdjTree (git-fixes). +- commit 8299bf8 + +- jfs: fix slab-out-of-bounds Read in dtSearch (git-fixes). +- commit 1662dc0 + +- UBSAN: array-index-out-of-bounds in dtSplitRoot (git-fixes). +- commit 40de905 + +- FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree (git-fixes). +- commit cfc648a + +- x86/cpufeatures: Add SEV-SNP CPU feature (jsc#PED-5122). +- Refresh patches.suse/kabi-reserve-cpuid-leaves.patch. +- commit ecc8bfa + +- crypto: ccp: Add the SNP_SET_CONFIG command (jsc#PED-5122). +- crypto: ccp: Add the SNP_COMMIT command (jsc#PED-5122). +- crypto: ccp: Add the SNP_PLATFORM_STATUS command (jsc#PED-5122). +- x86/cpufeatures: Enable/unmask SEV-SNP CPU feature + (jsc#PED-5122). +- KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation + SNP safe (jsc#PED-5122). +- crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown + on kdump (jsc#PED-5122). +- iommu/amd: Clean up RMP entries for IOMMU pages during SNP + shutdown (jsc#PED-5122). +- crypto: ccp: Handle legacy SEV commands when SNP is enabled + (jsc#PED-5122). +- crypto: ccp: Handle non-volatile INIT_EX data when SNP is + enabled (jsc#PED-5122). +- crypto: ccp: Handle the legacy TMR allocation when SNP is + enabled (jsc#PED-5122). +- x86/sev: Introduce an SNP leaked pages list (jsc#PED-5122). +- crypto: ccp: Provide an API to issue SEV and SNP commands + (jsc#PED-5122). +- crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP + (jsc#PED-5122). +- crypto: ccp: Define the SEV-SNP commands (jsc#PED-5122). +- x86/sev: Adjust the directmap to avoid inadvertent RMP faults + (jsc#PED-5122). +- x86/sev: Add helper functions for RMPUPDATE and PSMASH + instruction (jsc#PED-5122). +- x86/fault: Dump RMP table information when RMP page faults occur + (jsc#PED-5122). +- x86/traps: Define RMP violation #PF error code (jsc#PED-5122). +- x86/fault: Add helper for dumping RMP entries (jsc#PED-5122). +- x86/sev: Add RMP entry lookup helpers (jsc#PED-5122). +- x86/mtrr: Don't print errors if MtrrFixDramModEn is set when + SNP enabled (jsc#PED-5122). +- x86/sev: Add SEV-SNP host initialization support (jsc#PED-5122). +- iommu/amd: Don't rely on external callers to enable IOMMU SNP + support (jsc#PED-5122). +- x86/speculation: Do not enable Automatic IBRS if SEV-SNP is + enabled (jsc#PED-5122). +- x86/sme: Fix memory encryption setting if enabled by default + and not overridden (jsc#PED-5122). +- x86/mm: Fix memory encryption features advertisement + (jsc#PED-5122). +- x86/sev: Harden #VC instruction emulation somewhat + (jsc#PED-5122). +- x86/CPU/AMD: Add X86_FEATURE_ZEN5 (jsc#PED-5122). +- x86/CPU/AMD: Drop now unused CPU erratum checking function + (jsc#PED-5122). +- x86/CPU/AMD: Get rid of amd_erratum_1485 (jsc#PED-5122). +- x86/CPU/AMD: Get rid of amd_erratum_400 (jsc#PED-5122). +- x86/CPU/AMD: Get rid of amd_erratum_383 (jsc#PED-5122). +- x86/CPU/AMD: Get rid of amd_erratum_1054 (jsc#PED-5122). +- x86/CPU/AMD: Move the DIV0 bug detection to the Zen1 init + function (jsc#PED-5122). +- x86/CPU/AMD: Move Zenbleed check to the Zen2 init function + (jsc#PED-5122). +- x86/CPU/AMD: Rename init_amd_zn() to init_amd_zen_common() + (jsc#PED-5122). +- x86/CPU/AMD: Call the spectral chicken in the Zen2 init function + (jsc#PED-5122). +- x86/CPU/AMD: Move erratum 1076 fix into the Zen1 init function + (jsc#PED-5122). +- x86/CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init + function (jsc#PED-5122). +- x86/CPU/AMD: Carve out the erratum 1386 fix (jsc#PED-5122). +- x86/CPU/AMD: Add ZenX generations flags (jsc#PED-5122). +- x86/cpu/intel_epb: Don't rely on link order (jsc#PED-5122). +- x86/barrier: Do not serialize MSR accesses on AMD + (jsc#PED-5122). +- x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs + (jsc#PED-5122). +- commit 708312f + +- usb: xhci-plat: fix usb disconnect issue after s4 (git-fixes). +- usb: hub: Add quirk to decrease IN-ep poll interval for + Microchip USB491x hub (git-fixes). +- tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE + (git-fixes). +- spmi: mediatek: Fix UAF on device remove (git-fixes). +- spmi: mtk-pmif: Serialize PMIF status check and command + submission (git-fixes). +- watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for + IT8784/IT8786 (git-fixes). +- wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update + (git-fixes). +- wifi: cfg80211: free beacon_ies when overridden from hidden BSS + (git-fixes). +- wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices + (git-fixes). +- wifi: ath12k: fix and enable AP mode for WCN7850 (git-fixes). +- wifi: ath11k: fix race due to setting + ATH11K_FLAG_EXT_IRQ_ENABLED too early (git-fixes). +- wifi: ath9k: Fix potential array-index-out-of-bounds read in + ath9k_htc_txstatus() (git-fixes). +- wifi: wfx: fix possible NULL pointer dereference in + wfx_set_mfp_ap() (git-fixes). +- wifi: mt76: mt7996: add PCI IDs for mt7992 (git-fixes). +- wifi: mt76: connac: fix EHT phy mode check (git-fixes). +- wifi: rt2x00: correct wrong BBP register in RxDCOC calibration + (git-fixes). +- wifi: rt2x00: restart beacon queue when hardware reset + (git-fixes). +- wifi: rtw89: fix timeout calculation in rtw89_roc_end() + (git-fixes). +- thermal: core: Fix thermal zone suspend-resume synchronization + (git-fixes). +- commit 556e60c + +- libsubcmd: Fix memory leak in uniq() (git-fixes). +- misc: lis3lv02d_i2c: Add missing setting of the reg_ctrl + callback (git-fixes). +- PCI: switchtec: Fix stdev_release() crash after surprise hot + remove (git-fixes). +- PCI: Fix 64GT/s effective data rate calculation (git-fixes). +- PCI: Only override AMD USB controller if required (git-fixes). +- PCI/AER: Decode Requester ID when no error info found + (git-fixes). +- i3c: master: cdns: Update maximum prescaler value for i2c clock + (git-fixes). +- mailbox: arm_mhuv2: Fix a bug for mhuv2_sender_interrupt + (git-fixes). +- leds: trigger: panic: Don't register panic notifier if creating + the trigger failed (git-fixes). +- mfd: ti_am335x_tscadc: Fix TI SoC dependencies (git-fixes). +- media: i2c: imx335: Fix hblank min/max values (git-fixes). +- media: ddbridge: fix an error code problem in ddb_probe + (git-fixes). +- media: amphion: remove mutext lock in condition of wait_event + (git-fixes). +- media: rkisp1: resizer: Stop manual allocation of + v4l2_subdev_state (git-fixes). +- media: rkisp1: Fix IRQ disable race issue (git-fixes). +- media: rkisp1: Store IRQ lines (git-fixes). +- media: rkisp1: Fix IRQ handler return values (git-fixes). +- media: rkisp1: Drop IRQF_SHARED (git-fixes). +- media: uvcvideo: Fix power line control for SunplusIT camera + (git-fixes). +- media: uvcvideo: Fix power line control for a Chicony camera + (git-fixes). +- media: rockchip: rga: fix swizzling for RGB formats (git-fixes). +- media: stk1160: Fixed high volume of stk1160_dbg messages + (git-fixes). +- soc: xilinx: fix unhandled SGI warning message (git-fixes). +- soc: xilinx: Fix for call trace due to the usage of + smp_processor_id() (git-fixes). +- net: phy: at803x: fix passing the wrong reference for + config_intr (git-fixes). +- PCI: Add no PM reset quirk for NVIDIA Spectrum devices + (git-fixes). +- net: phy: micrel: fix ts_info value in case of no phc + (git-fixes). +- pstore/ram: Fix crash when setting number of cpus to an odd + number (git-fixes). +- PNP: ACPI: fix fortify warning (git-fixes). +- regulator: core: Only increment use_count when enable_count + changes (git-fixes). +- commit 1095bc9 + +- drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' + (git-fixes). +- drm/amdkfd: Fix 'node' NULL check in + 'svm_range_get_range_boundaries()' (git-fixes). +- drm/amdgpu: Release 'adev->pm.fw' before return in + 'amdgpu_device_need_post()' (git-fixes). +- drm/amdgpu: Fix with right return code '-EIO' in + 'amdgpu_gmc_vram_checking()' (git-fixes). +- drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' + in 'get_platform_power_management_table()' (git-fixes). +- drm/amdgpu: fix avg vs input power reporting on smu7 + (git-fixes). +- drm/amdkfd: Fix lock dependency warning with srcu (git-fixes). +- drm/amdkfd: Fix lock dependency warning (git-fixes). +- i2c: rk3x: Adjust mask/value offset for i2c2 on rv1126 + (git-fixes). +- hwmon: (nct6775) Fix fan speed set failure in automatic mode + (git-fixes). +- drm/amdgpu: apply the RV2 system aperture fix to RN/CZN as well + (git-fixes). +- drm/amdkfd: Fix iterator used outside loop in + 'kfd_add_peer_prop()' (git-fixes). +- drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' + (git-fixes). +- drm/amdgpu: Fix '*fw' from request_firmware() not released in + 'amdgpu_ucode_request()' (git-fixes). +- drm/amdgpu: Let KFD sync with VM fences (git-fixes). +- drm/amd/display: Fix minor issues in BW Allocation Phase2 + (git-fixes). +- drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes). +- drm/amd/display: make flip_timestamp_in_us a 64-bit variable + (git-fixes). +- drm: using mul_u32_u32() requires linux/math64.h (git-fixes). +- drm/msm/dpu: fix writeback programming for YUV cases + (git-fixes). +- commit 9877917 + +- powerpc: iommu: Bring back table group release_ownership() + call (git-fixes). +- drm/tegra: Do not assume that a NULL domain means no DMA IOMMU + (git-fixes). +- iommu: Allow ops->default_domain to work when !CONFIG_IOMMU_DMA + (git-fixes). +- commit ba460b4 + +- drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes). +- drm/msm/dpu: enable writeback on SM8450 (git-fixes). +- drm/msm/dpu: enable writeback on SM8350 (git-fixes). +- drm/msm/dp: Add DisplayPort controller for SM8650 (git-fixes). +- drm/msm/dsi: Enable runtime PM (git-fixes). +- drm/amdkfd: only flush mes process context if mes support is + there (git-fixes). +- drm/amdgpu: fix ftrace event amdgpu_bo_move always move on + same heap (git-fixes). +- drm/amdkfd: fix mes set shader debugger process management + (git-fixes). +- drm/amd/display: For prefetch mode > 0, extend prefetch if + possible (git-fixes). +- drm/amd/display: Fix MST PBN/X.Y value calculations (git-fixes). +- drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind + time (git-fixes). +- drm/mipi-dsi: Fix detach call without attach (git-fixes). +- drm/framebuffer: Fix use of uninitialized variable (git-fixes). +- drm/drm_file: fix use of uninitialized variable (git-fixes). +- drm/bridge: anx7625: Fix Set HPD irq detect window to 2ms + (git-fixes). +- drm/panel-edp: Add override_edid_mode quirk for generic edp + (git-fixes). +- drm/amd/display: Fix tiled display misalignment (git-fixes). +- crypto: stm32/crc32 - fix parsing list of devices (git-fixes). +- Documentation/sphinx: fix Python string escapes (git-fixes). +- commit 63f49fd + +- 9p: Fix initialisation of netfs_inode for 9p (git-fixes). +- clk: imx: clk-imx8qxp: fix LVDS bypass, pixel and phy clocks + (git-fixes). +- clk: mmp: pxa168: Fix memory leak in pxa168_clk_init() + (git-fixes). +- clk: hi3620: Fix memory leak in hi3620_mmc_clk_init() + (git-fixes). +- ASoC: amd: Add new dmi entries for acp5x platform (git-fixes). +- ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument (git-fixes). +- ALSA: hda: intel-dspcfg: add filters for ARL-S and ARL + (git-fixes). +- ALSA: hda: Refer to correct stream index at loops (git-fixes). +- accel/habanalabs: add support for Gaudi2C device (git-fixes). +- Bluetooth: L2CAP: Fix possible multiple reject send (git-fixes). +- Bluetooth: hci_sync: fix BR/EDR wakeup bug (git-fixes). +- Bluetooth: ISO: Avoid creating child socket if PA sync is + terminating (git-fixes). +- Bluetooth: qca: Set both WIDEBAND_SPEECH and LE_STATES quirks + for QCA2066 (git-fixes). +- crypto: octeontx2 - Fix cptvf driver cleanup (git-fixes). +- crypto: p10-aes-gcm - Avoid -Wstringop-overflow warnings + (git-fixes). +- ACPI: NUMA: Fix the logic of getting the fake_pxm value + (git-fixes). +- ACPI: extlog: fix NULL pointer dereference check (git-fixes). +- ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on + synchronous events (git-fixes). +- ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop + (git-fixes). +- commit 2d4658b + +- rpm/mkspec: sort entries in _multibuild + Otherwise it creates unnecessary diffs when tar-up-ing. It's of course + due to readdir() using "random" order as served by the underlying + filesystem. + See for example: + https://build.opensuse.org/request/show/1144457/changes +- commit d1155de + +- tick-sched: Fix idle and iowait sleeptime accounting vs CPU (bsc#1219497) +- commit c0129ec + +- blacklist.conf: add 'nvme: fix error-handling for io_uring + nvme-passthrough' +- commit 36e1796 + +- nvme-rdma: Fix transfer length when write_generate/read_verify + are 0 (git-fixes). +- nvme: trace: avoid memcpy overflow warning (git-fixes). +- nvmet: re-fix tracing strncpy() warning (git-fixes). +- nvme: fix max_discard_sectors calculation (git-fixes). +- nvmet-tcp: fix a missing endianess conversion in + nvmet_tcp_try_peek_pdu (git-fixes). +- nvme-pci: fix sleeping function called from interrupt context + (git-fixes). +- Revert "nvme-fc: fix race between error recovery and creating + association" (git-fixes). +- nvme: blank out authentication fabrics options if not configured + (git-fixes). +- nvme: catch errors from nvme_configure_metadata() (git-fixes). +- nvme-tcp: only evaluate 'tls' option if TLS is selected + (git-fixes). + Refresh: + - patches.suse/nvme-tcp-fix-compile-time-checks-for-TLS-mode.patch +- nvme-auth: set explanation code for failure2 msgs (git-fixes). +- commit 542cb02 + +- scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582). +- scsi: lpfc: Move determination of vmid_flag after VMID + reinitialization completes (bsc#1219582). +- scsi: lpfc: Reinitialize an NPIV's VMID data structures after + FDISC (bsc#1219582). +- scsi: lpfc: Change VMID driver load time parameters to read only + (bsc#1219582). +- commit a28d317 + +- ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219567). +- ceph_wait_on_conflict_unlink(): grab reference before dropping + - >d_lock (bsc#1219566). +- commit 9d8ca8e + +- afs: Hide silly-rename files from userspace (git-fixes). +- commit 7f411ab + +- ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL + (git-fixes). +- ASoC: amd: yc: Add DMI quirk for MSI Bravo 15 C7VF (git-fixes). +- ASoC: qcom: sc8280xp: limit speaker volumes (git-fixes). +- ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 + thinkpads (git-fixes). +- ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx + (git-fixes). +- ALSA: hda/realtek: Fix the external mic not being recognised + for Acer Swift 1 SF114-32 (git-fixes). +- ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision + (git-fixes). +- ALSA: hda/realtek - Add speaker pin verbtable for Dell dual + speaker platform (git-fixes). +- ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter + (git-fixes). +- ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power + (git-fixes). +- commit 3a5699c + +- misc: fastrpc: Mark all sessions as invalid in cb_remove + (git-fixes). +- serial: max310x: prevent infinite while() loop in port startup + (git-fixes). +- serial: max310x: fail probe if clock crystal is unstable + (git-fixes). +- serial: max310x: improve crystal stable clock detection + (git-fixes). +- serial: max310x: set default value when reading clock ready bit + (git-fixes). +- usb: typec: tcpm: fix the PD disabled case (git-fixes). +- usb: ucsi_acpi: Fix command completion handling (git-fixes). +- usb: ucsi: Add missing ppm_lock (git-fixes). +- usb: ulpi: Fix debugfs directory leak (git-fixes). +- Revert "usb: typec: tcpm: fix cc role at port reset" + (git-fixes). +- USB: hub: check for alternate port before enabling + A_ALT_HNP_SUPPORT (git-fixes). +- usb: chipidea: core: handle power lost in workqueue (git-fixes). +- usb: dwc3: gadget: Fix NULL pointer dereference in + dwc3_gadget_suspend (git-fixes). +- usb: core: Prevent null pointer dereference in + update_port_device_state (git-fixes). +- xhci: fix off by one check when adding a secondary interrupter + (git-fixes). +- usb: host: xhci-plat: Add support for + XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes). +- dmaengine: fix is_slave_direction() return false when + DMA_DEV_TO_DEV (git-fixes). +- dmaengine: fsl-qdma: Fix a memory leak related to the queue + command DMA (git-fixes). +- dmaengine: fsl-qdma: Fix a memory leak related to the status + queue DMA (git-fixes). +- dmaengine: ti: k3-udma: Report short packet errors (git-fixes). +- dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools + (git-fixes). +- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP + (git-fixes). +- phy: renesas: rcar-gen3-usb2: Fix returning wrong error code + (git-fixes). +- commit a23ce22 + +- ASoC: cs35l56: Firmware file must match the version of preloaded + firmware (git-fixes). +- commit 726969d + +- ASoC: cs35l56: Wake transactions need to be issued twice + (git-fixes). +- commit 92aa6aa + +- drm/amd/display: Add NULL check for kzalloc in + 'amdgpu_dm_atomic_commit_tail()' (git-fixes). +- drm/amd: Don't init MEC2 firmware when it fails to load + (git-fixes). +- Input: atkbd - do not skip atkbd_deactivate() when skipping + ATKBD_CMD_GETID (git-fixes). +- Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping + ATKBD_CMD_GETID (git-fixes). +- Input: bcm5974 - check endpoint type before starting traffic + (git-fixes). +- ALSA: hda: cs35l56: Firmware file must match the version of + preloaded firmware (git-fixes). +- ASoC: cs35l56: Allow more time for firmware to boot (git-fixes). +- ASoC: cs35l56: Load tunings for the correct speaker models + (git-fixes). +- ASoC: cs35l56: Fix misuse of wm_adsp 'part' string for silicon + revision (git-fixes). +- ASoC: cs35l56: Fix for initializing ASP1 mixer registers + (git-fixes). +- ASoC: cs35l56: Remove unused hibernate wake constants + (git-fixes). +- commit a79a167 + +- ALSA: hda: cs35l56: Initialize all ASP1 registers (git-fixes). +- ASoC: cs35l56: Fix default SDW TX mixer registers (git-fixes). +- ASoC: cs35l56: Fix to ensure ASP1 registers match cache + (git-fixes). +- ASoC: cs35l56: Remove buggy checks from + cs35l56_is_fw_reload_needed() (git-fixes). +- ASoC: cs35l56: Don't add the same register patch multiple times + (git-fixes). +- ASoC: cs35l56: cs35l56_component_remove() must clean up wm_adsp + (git-fixes). +- ASoC: cs35l56: cs35l56_component_remove() must clear + cs35l56->component (git-fixes). +- ASoC: wm_adsp: Fix firmware file search order (git-fixes). +- ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes). +- ASoC: codecs: lpass-wsa-macro: fix compander volume hack + (git-fixes). +- commit 210b81e + +- ALSA: hda: cs35l56: Fix filename string field layout + (git-fixes). +- ALSA: hda: cs35l56: Fix order of searching for firmware files + (git-fixes). +- ASoC: codecs: wsa883x: fix PA volume control (git-fixes). +- ASoC: codecs: wcd938x: handle deferred probe (git-fixes). +- ASoC: codecs: wcd938x: fix headphones volume controls + (git-fixes). +- ALSA: usb-audio: Sort quirk table entries (git-fixes). +- ALSA: usb-audio: add quirk for RODE NT-USB+ (git-fixes). +- ALSA: usb-audio: fix typo (git-fixes). +- ALSA: hda/cs8409: Suppress vmaster control for Dolphin models + (git-fixes). +- commit cbd1581 + +- workqueue: Provide one lock class key per work_on_cpu() callsite + (bsc#1219510). +- commit cc7032e + +- workqueue: Override implicit ordered attribute in + workqueue_apply_unbound_cpumask() (bsc#1219509). +- commit 6b333df + +- perf/arm-cmn: Fix the unhandled overflow status of counter 4 to 7 (bsc#1219496) +- commit 2ad8787 + +- Update patches.suse/sbsa_gwdt-Calculate-timeout-with-64-bit-math.patch (git-fixes, bsc#1219470) + Add reference to bsc#1219470. +- commit f55db61 + +- Update patches.suse/i2c-designware-Disable-TX_EMPTY-irq-while-waiting-fo.patch (git-fixes, bsc#1219473) + Add reference to bsc#1219473. +- commit 4fc714a + +- net: phy: realtek: add support for RTL8126A-integrated 5Gbps + PHY (bsc#1217417). +- r8169: add support for RTL8126A (bsc#1217417). +- commit cff22d0 + +- r8169: fix rtl8125b PAUSE frames blasting when suspended + (bsc#1217417). +- commit 1d2e69e + +- nfc: nci: free rx_data_reassembly skb on NCI device cleanup + (git-fixes). +- HID: bpf: actually free hdev memory after attaching a HID-BPF + program (git-fixes). +- HID: bpf: remove double fdget() (git-fixes). +- HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes). +- HID: hidraw: fix a problem of memory leak in hidraw_release() + (git-fixes). +- firewire: core: correct documentation of fw_csr_string() + kernel API (git-fixes). +- regulator: ti-abb: don't use + devm_platform_ioremap_resource_byname for shared interrupt + register (git-fixes). +- serial: sc16is7xx: improve do/while loop in sc16is7xx_irq() + (git-fixes). +- serial: sc16is7xx: remove obsolete loop in sc16is7xx_port_irq() + (git-fixes). +- serial: sc16is7xx: fix invalid sc16is7xx_lines bitfield in + case of probe error (git-fixes). +- serial: sc16is7xx: fix unconditional activation of THRI + interrupt (git-fixes). +- commit 5ceb45c + +- supported.conf: Add new VFIO modules +- commit 0e15e54 + +- vfio/pds: Add missing PCI_IOV depends (jsc#PED-7779 + jsc#PED-7780). +- vfio/pds: Fix calculations in pds_vfio_dirty_sync (jsc#PED-7779 + jsc#PED-7780). +- Refresh patches.suse/vfio-Move-iova_bitmap-into-iommufd. +- commit d637959 + +- selftests/bpf: user_ringbuf.c define c_ringbuf_size + (jsc#PED-6811). +- commit 777a0e5 + +- Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" + (bsc#1219141). +- fnic: move fnic_fnic_flush_tx() to a work queue (bsc#1219141). +- commit 43e1290 + +- xen-netback: don't produce zero-size SKB frags (CVE-2023-46838, + XSA-448, bsc#1218836). +- commit b4061c7 + +- Refresh + patches.suse/usb-typec-tcpm-Support-multiple-capabilities.patch. + Fixes an error that I made backporting. + It leads to an unused variable warning. + Does not really hurt, but should not happen +- commit 2ce740a + +- fanotify: allow "weak" fsid when watching a single filesystem (bsc#1218177). +- commit 1ae4770 + +- fanotify: store fsid in mark instead of in connector (bsc#1218177). +- commit 6a1149a + +- s390/pci: Use dma-iommu layer (jsc#PED-7779 jsc#PED-7780). +- Update config files. +- commit 5632afd + +- maple_tree: replace data before marking dead in split and + spanning store (bsc#1219404). +- maple_tree: change mas_adopt_children() parent usage + (bsc#1219404). +- maple_tree: introduce mas_tree_parent() definition + (bsc#1219404). +- maple_tree: introduce mas_put_in_tree() (bsc#1219404). +- maple_tree: reorder replacement of nodes to avoid live lock + (bsc#1219404). +- maple_tree: add hex output to maple_arange64 dump (bsc#1219404). +- maple_tree: fix the arguments to __must_hold() (bsc#1219404). +- maple_tree: use MAS_BUG_ON() from mas_topiary_range() + (bsc#1219404). +- maple_tree: use MAS_BUG_ON() when setting a leaf node as a + parent (bsc#1219404). +- maple_tree: add debug BUG_ON and WARN_ON variants (bsc#1219404). +- maple_tree: add format option to mt_dump() (bsc#1219404). +- maple_tree: clean up mas_parent_enum() and rename to + mas_parent_type() (bsc#1219404). +- commit eb22d39 + +- vfio: Move iova_bitmap into iommufd (jsc#PED-7779 jsc#PED-7780). +- Update config files. +- commit 999dadf + +- iommufd: Do not UAF during iommufd_put_object() (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Add iommufd_ctx to iommufd_put_object() (jsc#PED-7779 + jsc#PED-7780). +- iommufd/selftest: Fix _test_mock_dirty_bitmaps() (jsc#PED-7779 + jsc#PED-7780). +- vfio: Drop vfio_file_iommu_group() stub to fudge around a KVM + wart (jsc#PED-7779 jsc#PED-7780). +- vfio/pds: Fix possible sleep while in atomic context + (jsc#PED-7779 jsc#PED-7780). +- vfio/pds: Fix mutex lock->magic != lock warning (jsc#PED-7779 + jsc#PED-7780). +- iommu: Fix printk arg in of_iommu_get_resv_regions() + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Set variable intel_dirty_ops to static (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Fix incorrect cache invalidation for mm notification + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Add MTL to quirk list to skip TE disabling + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Make context clearing consistent with context + mapping (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Disable PCI ATS in legacy passthrough mode + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Omit devTLB invalidation requests when TES=0 + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Support enforce_cache_coherency only for empty + domains (jsc#PED-7779 jsc#PED-7780). +- iommu: Avoid more races around device probe (jsc#PED-7779 + jsc#PED-7780). +- MAINTAINERS: list all Qualcomm IOMMU drivers in the QUALCOMM + IOMMU entry (jsc#PED-7779 jsc#PED-7780). +- iommu: Flow ERR_PTR out from __iommu_domain_alloc() + (jsc#PED-7779 jsc#PED-7780). +- s390/pci: Fix reset of IOMMU software counters (jsc#PED-7779 + jsc#PED-7780). +- iommu/dma: Use a large flush queue and timeout for + shadow_on_flush (jsc#PED-7779 jsc#PED-7780). +- iommu/dma: Allow a single FQ in addition to per-CPU FQs + (jsc#PED-7779 jsc#PED-7780). +- iommu/s390: Disable deferred flush for ISM devices (jsc#PED-7779 + jsc#PED-7780). +- s390/pci: prepare is_passed_through() for dma-iommu + (jsc#PED-7779 jsc#PED-7780). +- iommu: Allow .iotlb_sync_map to fail and handle s390's -ENOMEM + return (jsc#PED-7779 jsc#PED-7780). +- iommu/dart: Remove the force_bypass variable (jsc#PED-7779 + jsc#PED-7780). +- iommu/dart: Call apple_dart_finalize_domain() as part of + alloc_paging() (jsc#PED-7779 jsc#PED-7780). +- iommu/dart: Convert to domain_alloc_paging() (jsc#PED-7779 + jsc#PED-7780). +- iommu/dart: Move the blocked domain support to a global static + (jsc#PED-7779 jsc#PED-7780). +- iommu/dart: Use static global identity domains (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Convert to alloc_domain_paging() (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Use ops->blocked_domain (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Update the definition of the blocking domain + (jsc#PED-7779 jsc#PED-7780). +- iommu: Move IOMMU_DOMAIN_BLOCKED global statics to + ops->blocked_domain (jsc#PED-7779 jsc#PED-7780). +- iommu: change iommu_map_sgtable to return signed values + (jsc#PED-7779 jsc#PED-7780). +- powerpc/iommu: Do not do platform domain attach atctions after + probe (jsc#PED-7779 jsc#PED-7780). +- iommu: Fix return code in iommu_group_alloc_default_domain() + (jsc#PED-7779 jsc#PED-7780). +- iommu: Do not use IOMMU_DOMAIN_DMA if CONFIG_IOMMU_DMA is not + enabled (jsc#PED-7779 jsc#PED-7780). +- iommu: Remove duplicate include (jsc#PED-7779 jsc#PED-7780). +- iommu/iova: Manage the depot list size (jsc#PED-7779 + jsc#PED-7780). +- iommu/iova: Make the rcache depot scale better (jsc#PED-7779 + jsc#PED-7780). +- iommu: Improve map/unmap sanity checks (jsc#PED-7779 + jsc#PED-7780). +- iommu: Retire map/unmap ops (jsc#PED-7779 jsc#PED-7780). +- iommu/tegra-smmu: Update to {map,unmap}_pages (jsc#PED-7779 + jsc#PED-7780). +- iommu/sun50i: Update to {map,unmap}_pages (jsc#PED-7779 + jsc#PED-7780). +- iommu/rockchip: Update to {map,unmap}_pages (jsc#PED-7779 + jsc#PED-7780). +- iommu/omap: Update to {map,unmap}_pages (jsc#PED-7779 + jsc#PED-7780). +- iommu/exynos: Update to {map,unmap}_pages (jsc#PED-7779 + jsc#PED-7780). +- iommu/omap: Convert to generic_single_device_group() + (jsc#PED-7779 jsc#PED-7780). +- iommu/ipmmu-vmsa: Convert to generic_single_device_group() + (jsc#PED-7779 jsc#PED-7780). +- iommu/rockchip: Convert to generic_single_device_group() + (jsc#PED-7779 jsc#PED-7780). +- iommu/sprd: Convert to generic_single_device_group() + (jsc#PED-7779 jsc#PED-7780). +- iommu/sun50i: Convert to generic_single_device_group() + (jsc#PED-7779 jsc#PED-7780). +- iommu: Add generic_single_device_group() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Remove useless group refcounting (jsc#PED-7779 + jsc#PED-7780). +- iommu: Convert remaining simple drivers to domain_alloc_paging() + (jsc#PED-7779 jsc#PED-7780). +- iommu: Convert simple drivers with DOMAIN_DMA to + domain_alloc_paging() (jsc#PED-7779 jsc#PED-7780). +- iommu: Add ops->domain_alloc_paging() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Add __iommu_group_domain_alloc() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Require a default_domain for all iommu drivers + (jsc#PED-7779 jsc#PED-7780). +- iommu/sun50i: Add an IOMMU_IDENTITIY_DOMAIN (jsc#PED-7779 + jsc#PED-7780). +- iommu/mtk_iommu: Add an IOMMU_IDENTITIY_DOMAIN (jsc#PED-7779 + jsc#PED-7780). +- iommu/ipmmu: Add an IOMMU_IDENTITIY_DOMAIN (jsc#PED-7779 + jsc#PED-7780). +- iommu/qcom_iommu: Add an IOMMU_IDENTITIY_DOMAIN (jsc#PED-7779 + jsc#PED-7780). +- iommu: Remove ops->set_platform_dma_ops() (jsc#PED-7779 + jsc#PED-7780). +- iommu/msm: Implement an IDENTITY domain (jsc#PED-7779 + jsc#PED-7780). +- iommu/omap: Implement an IDENTITY domain (jsc#PED-7779 + jsc#PED-7780). +- iommu/tegra-smmu: Support DMA domains in tegra (jsc#PED-7779 + jsc#PED-7780). +- iommu/tegra-smmu: Implement an IDENTITY domain (jsc#PED-7779 + jsc#PED-7780). +- iommu/exynos: Implement an IDENTITY domain (jsc#PED-7779 + jsc#PED-7780). +- iommu: Allow an IDENTITY domain as the default_domain in ARM32 + (jsc#PED-7779 jsc#PED-7780). +- iommu: Reorganize iommu_get_default_domain_type() to respect + def_domain_type() (jsc#PED-7779 jsc#PED-7780). +- iommu/mtk_iommu_v1: Implement an IDENTITY domain (jsc#PED-7779 + jsc#PED-7780). +- iommu/tegra-gart: Remove tegra-gart (jsc#PED-7779 jsc#PED-7780). +- iommu/fsl_pamu: Implement a PLATFORM domain (jsc#PED-7779 + jsc#PED-7780). +- iommu: Add IOMMU_DOMAIN_PLATFORM for S390 (jsc#PED-7779 + jsc#PED-7780). +- powerpc/iommu: Setup a default domain and remove + set_platform_dma_ops (jsc#PED-7779 jsc#PED-7780). +- iommu: Add IOMMU_DOMAIN_PLATFORM (jsc#PED-7779 jsc#PED-7780). +- iommu: Add iommu_ops->identity_domain (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Remove DMA_FQ type from domain allocation path + (jsc#PED-7779 jsc#PED-7780). +- Revert "iommu: Fix false ownership failure on AMD systems with + PASID activated" (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Remove unused EXPORT_SYMBOLS (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Remove amd_iommu_device_info() (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Remove PPR support (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Remove iommu_v2 module (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Initialize iommu_device->max_pasids (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Enable device ATS/PASID/PRI capabilities + independently (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Introduce iommu_dev_data.flags to track device + capabilities (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Introduce iommu_dev_data.ppr (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Rename ats related variables (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Modify logic for checking GT and PPR features + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Consolidate feature detection and reporting logic + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Miscellaneous clean up when free domain (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Do not set amd_iommu_pgtable in pass-through mode + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Introduce helper functions for managing GCR3 table + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Refactor protection domain allocation code + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Consolidate logic to allocate protection domain + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Consolidate timeout pre-define to amd_iommu_type.h + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Remove unused amd_io_pgtable.pt_root variable + (jsc#PED-7779 jsc#PED-7780). +- Revert "iommu/vt-d: Remove unused function" (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: debugfs: Support dumping a specified page table + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: debugfs: Create/remove debugfs file per {device, + pasid} (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: debugfs: Dump entry pointing to huge page + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Remove unused function (jsc#PED-7779 jsc#PED-7780). +- iommu/virtio: Add __counted_by for struct viommu_request and + use struct_size() (jsc#PED-7779 jsc#PED-7780). +- dt-bindings: arm-smmu: Add SM7150 GPU SMMUv2 (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-v3-sva: Remove bond refcount (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-v3-sva: Remove unused iommu_sva handle + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Rename cdcfg to cd_table (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-v3: Update comment about STE liveness + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Cleanup arm_smmu_domain_finalise + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Move CD table to arm_smmu_master + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Refactor write_ctx_desc (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-v3: move stall_enabled to the cd table + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Encapsulate ctx_desc_cfg init in + alloc_cd_tables (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Replace s1_cfg with cdtab_cfg (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-v3: Move ctx_desc out of s1_cfg (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-qcom: Add SM7150 SMMUv2 (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-qcom: Add SDM670 MDSS compatible (jsc#PED-7779 + jsc#PED-7780). +- iommu/tegra-smmu: Drop unnecessary error check for for + debugfs_create_dir() (jsc#PED-7779 jsc#PED-7780). +- iommufd: Organize the mock domain alloc functions closer to + Joerg's tree (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Fix page-size check in iommufd_test_dirty() + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add iopt_area_alloc() (jsc#PED-7779 jsc#PED-7780). +- iommufd: Fix missing update of domains_itree after splitting + iopt_area (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Disallow read-only mappings to nest parent domain + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Add nested domain allocation (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Set the nested domain to a device (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Make domain attach helpers to be extern + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Add helper to setup pasid nested translation + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Add helper for nested domain allocation + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Extend dmar_domain to support nested domain + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add data structure for Intel VT-d stage-1 domain + allocation (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Enhance capability check for nested parent domain + allocation (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Add coverage for IOMMU_HWPT_ALLOC with nested + HWPTs (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Add nested domain allocation for mock domain + (jsc#PED-7779 jsc#PED-7780). +- iommu: Add iommu_copy_struct_from_user helper (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Add a nested HW pagetable object (jsc#PED-7779 + jsc#PED-7780). +- iommu: Pass in parent domain with user_data to domain_alloc_user + op (jsc#PED-7779 jsc#PED-7780). +- iommufd: Share iommufd_hwpt_alloc with IOMMUFD_OBJ_HWPT_NESTED + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Derive iommufd_hwpt_paging from iommufd_hw_pagetable + (jsc#PED-7779 jsc#PED-7780). +- iommufd/device: Wrap IOMMUFD_OBJ_HWPT_PAGING-only configurations + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Rename IOMMUFD_OBJ_HW_PAGETABLE to + IOMMUFD_OBJ_HWPT_PAGING (jsc#PED-7779 jsc#PED-7780). +- iommu: Add IOMMU_DOMAIN_NESTED (jsc#PED-7779 jsc#PED-7780). +- iommufd: Only enforce cache coherency in + iommufd_hw_pagetable_alloc (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Test IOMMU_HWPT_GET_DIRTY_BITMAP_NO_CLEAR flag + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Test out_capabilities in IOMMU_GET_HW_INFO + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Test IOMMU_HWPT_GET_DIRTY_BITMAP (jsc#PED-7779 + jsc#PED-7780). +- iommufd/selftest: Test IOMMU_HWPT_SET_DIRTY_TRACKING + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Test IOMMU_HWPT_ALLOC_DIRTY_TRACKING + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Expand mock_domain with dev_flags + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Access/Dirty bit support for SS domains + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Access/Dirty bit support in IOPTEs (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Add domain_alloc_user based domain allocation + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add a flag to skip clearing of IOPTE dirty + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add capabilities to IOMMU_GET_HW_INFO (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Add IOMMU_HWPT_GET_DIRTY_BITMAP (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Add IOMMU_HWPT_SET_DIRTY_TRACKING (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Add a flag to enforce dirty tracking on attach + (jsc#PED-7779 jsc#PED-7780). +- iommu: Add iommu_domain ops for dirty tracking (jsc#PED-7779 + jsc#PED-7780). +- iommufd/iova_bitmap: Move symbols to IOMMUFD namespace + (jsc#PED-7779 jsc#PED-7780). +- vfio/iova_bitmap: Export more API symbols (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Correct IOMMU_HWPT_ALLOC_NEST_PARENT description + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Rework TEST_LENGTH to test min_size explicitly + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Add domain_alloc_user op (jsc#PED-7779 + jsc#PED-7780). +- iommufd/selftest: Add domain_alloc_user() support in iommu mock + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Support allocating nested parent domain (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Flow user flags for domain allocation to + domain_alloc_user() (jsc#PED-7779 jsc#PED-7780). +- iommufd: Use the domain_alloc_user() op for domain allocation + (jsc#PED-7779 jsc#PED-7780). +- iommu: Add new iommu op to create domains owned by userspace + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Iterate idev_ids in mock_domain's alloc_hwpt + test (jsc#PED-7779 jsc#PED-7780). +- iommufd: Fix spelling errors in comments (jsc#PED-7779 + jsc#PED-7780). +- vfio/mtty: Enable migration support (jsc#PED-7779 jsc#PED-7780). +- vfio/mtty: Overhaul mtty interrupt handling (jsc#PED-7779 + jsc#PED-7780). +- vfio: Fix smatch errors in vfio_combine_iova_ranges() + (jsc#PED-7779 jsc#PED-7780). +- vfio/cdx: Add parentheses between bitwise AND expression and + logical NOT (jsc#PED-7779 jsc#PED-7780). +- vfio/mlx5: Activate the chunk mode functionality (jsc#PED-7779 + jsc#PED-7780). +- vfio/mlx5: Add support for READING in chunk mode (jsc#PED-7779 + jsc#PED-7780). +- vfio/mlx5: Add support for SAVING in chunk mode (jsc#PED-7779 + jsc#PED-7780). +- vfio/mlx5: Pre-allocate chunks for the STOP_COPY phase + (jsc#PED-7779 jsc#PED-7780). +- vfio/mlx5: Rename some stuff to match chunk mode (jsc#PED-7779 + jsc#PED-7780). +- vfio/mlx5: Enable querying state size which is > 4GB + (jsc#PED-7779 jsc#PED-7780). +- vfio/mlx5: Refactor the SAVE callback to activate a work only + upon an error (jsc#PED-7779 jsc#PED-7780). +- vfio/mlx5: Wake up the reader post of disabling the SAVING + migration file (jsc#PED-7779 jsc#PED-7780). +- vfio: use __aligned_u64 in struct vfio_device_ioeventfd + (jsc#PED-7779 jsc#PED-7780). +- vfio: use __aligned_u64 in struct vfio_device_gfx_plane_info + (jsc#PED-7779 jsc#PED-7780). +- vfio: trivially use __aligned_u64 for ioctl structs + (jsc#PED-7779 jsc#PED-7780). +- vfio-cdx: add bus mastering device feature support (jsc#PED-7779 + jsc#PED-7780). +- vfio: add bus master feature to device feature ioctl + (jsc#PED-7779 jsc#PED-7780). +- cdx: add support for bus mastering (jsc#PED-7779 jsc#PED-7780). +- commit 5461635 + +- PM: sleep: Fix possible deadlocks in core system-wide PM code + (git-fixes). +- commit 186fd19 + +- async: Introduce async_schedule_dev_nocall() (git-fixes). +- commit 3d2402e + +- async: Split async_schedule_node_domain() (git-fixes). +- commit 02d0aec + +- vfio/pci: Clear VFIO_IRQ_INFO_NORESIZE for MSI-X (jsc#PED-7785). +- vfio/pci: Support dynamic MSI-X (jsc#PED-7785). +- vfio/pci: Probe and store ability to support dynamic MSI-X + (jsc#PED-7785). +- vfio/pci: Use bitfield for struct vfio_pci_core_device flags + (jsc#PED-7785). +- vfio/pci: Update stale comment (jsc#PED-7785). +- vfio/pci: Remove interrupt context counter (jsc#PED-7785). +- vfio/pci: Use xarray for interrupt context storage + (jsc#PED-7785). +- vfio/pci: Move to single error path (jsc#PED-7785). +- vfio/pci: Prepare for dynamic interrupt context storage + (jsc#PED-7785). +- vfio/pci: Remove negative check on unsigned vector + (jsc#PED-7785). +- vfio/pci: Consolidate irq cleanup on MSI/MSI-X disable + (jsc#PED-7785). +- commit bb72f32 + +- serial: sc16is7xx: change EFR lock to operate on each channels + (git-fixes). +- Refresh + patches.suse/serial-sc16is7xx-convert-from-_raw_-to-_noinc_-regma.patch. +- commit b43ff48 + +- serial: core: Simplify uart_get_rs485_mode() (git-fixes). +- Refresh + patches.suse/serial-core-imx-do-not-set-RS485-enabled-if-it-is-no.patch. +- commit 52b3d86 + +- selftests: bonding: do not test arp/ns target with mode + balance-alb/tlb (git-fixes). +- selftests: netdevsim: fix the udp_tunnel_nic test (git-fixes). +- selftests: net: fix rps_default_mask with >32 CPUs (git-fixes). +- selftest: Don't reuse port for SO_INCOMING_CPU test (git-fixes). +- selftests: bonding: Increase timeout to 1200s (git-fixes). +- nouveau/vmm: don't set addr on the fail path to avoid warning + (git-fixes). +- rtc: cmos: Use ACPI alarm for non-Intel x86 systems too + (git-fixes). +- soundwire: fix initializing sysfs for same devices on different + buses (git-fixes). +- soundwire: bus: introduce controller_id (git-fixes). +- serial: core: set missing supported flag for RX during TX GPIO + (git-fixes). +- serial: sc16is7xx: convert from _raw_ to _noinc_ regmap + functions for FIFO (git-fixes). +- serial: sc16is7xx: remove unused line structure member + (git-fixes). +- serial: sc16is7xx: remove global regmap from struct + sc16is7xx_port (git-fixes). +- serial: sc16is7xx: remove wasteful static buffer in + sc16is7xx_regmap_name() (git-fixes). +- serial: sc16is7xx: improve regmap debugfs by using one regmap + per port (git-fixes). +- iio: adc: ad7091r: Enable internal vref if external vref is + not supplied (git-fixes). +- thermal: intel: hfi: Add syscore callbacks for system-wide PM + (git-fixes). +- mmc: mmc_spi: remove custom DMA mapped buffers (git-fixes). +- mmc: core: Use mrq.sbc in close-ended ffu (git-fixes). +- scripts/get_abi: fix source path leak (git-fixes). +- thermal: intel: hfi: Disable an HFI instance when all its CPUs + go offline (git-fixes). +- thermal: intel: hfi: Refactor enabling code into helper + functions (git-fixes). +- serial: core: fix kernel-doc for uart_port_unlock_irqrestore() + (git-fixes). +- serial: sc16is7xx: Use port lock wrappers (git-fixes). +- serial: core: Provide port lock wrappers (git-fixes). +- thermal: trip: Drop lockdep assertion from + thermal_zone_trip_id() (git-fixes). +- thermal: core: Store trip pointer in struct thermal_instance + (git-fixes). +- thermal: trip: Drop redundant trips check from + for_each_thermal_trip() (git-fixes). +- commit 9cd2e11 + +- drm/amdgpu/pm: Fix the power source flag error (git-fixes). +- drm/amd/display: Fix uninitialized variable usage in core_link_ + 'read_dpcd() & write_dpcd()' functions (git-fixes). +- gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 + (git-fixes). +- drm/amd/display: Align the returned error code with legacy DP + (git-fixes). +- drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable + W/A (git-fixes). +- drm/amd/display: Fix late derefrence 'dsc' check in + 'link_set_dsc_pps_packet()' (git-fixes). +- drm/amd/display: Fix variable deferencing before NULL check + in edp_setup_replay() (git-fixes). +- drm/amdgpu: correct the cu count for gfx v11 (git-fixes). +- iio: adc: ad7091r: Allow users to configure device events + (git-fixes). +- iio: adc: ad7091r: Set alert bit in config register (git-fixes). +- drm: Don't unref the same fb many times by mistake due to + deadlock handling (git-fixes). +- drm/panel-edp: drm/panel-edp: Fix AUO B116XTN02 name + (git-fixes). +- drm/panel-edp: drm/panel-edp: Fix AUO B116XAK01 name and timing + (git-fixes). +- drm/panel-edp: Add AUO B116XTN02, BOE NT116WHM-N21,836X2, + NV116WHM-N49 V8.0 (git-fixes). +- docs: kernel_abi.py: fix command injection (git-fixes). +- crypto: api - Disallow identical driver names (git-fixes). +- commit 38dac4b + +- kernel-source: Fix description typo +- commit 8abff35 + +- nvmet-tcp: Fix the H2C expected PDU len calculation + (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 + CVE-2023-6356). +- nvmet-tcp: remove boilerplate code (bsc#1217987 bsc#1217988 + bsc#1217989 CVE-2023-6535 CVE-2023-6536 CVE-2023-6356). +- nvmet-tcp: fix a crash in nvmet_req_complete() (bsc#1217987 + bsc#1217988 bsc#1217989 CVE-2023-6535 CVE-2023-6536 + CVE-2023-6356). +- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C + PDU length (bsc#1217987 bsc#1217988 bsc#1217989 CVE-2023-6535 + CVE-2023-6536 CVE-2023-6356). +- commit abe1056 + +- usb: typec: tcpm: Fix sink caps op current check (git-fixes). +- commit 0565e82 + +- usb: typec: tcpm: Support multiple capabilities (jsc#PED-6054). +- usb: hub: Replace hardcoded quirk value with BIT() macro + (jsc#PED-6054). +- commit b09eb06 + +- usb: typec: tcpm: skip checking port->send_discover in PD3.0 + (git-fixes). +- commit 7e54159 + +- vfio: Compile vfio_group infrastructure optionally (jsc#PED-7779 + jsc#PED-7780). +- Update config files. +- commit 31c540c + +- clocksource: disable watchdog checks on TSC when TSC is watchdog + (bsc#1215885). +- commit 277f89c + +- rswitch: Fix imbalance phy_power_off() calling (git-fixes). +- commit 537c1a6 + +- rswitch: Fix renesas_eth_sw_remove() implementation (git-fixes). +- commit b476e28 + +- nfp: flower: avoid rmmod nfp crash issues (git-fixes). +- commit 3a0449b + +- net: phy: mscc: macsec: reject PN update requests (git-fixes). +- commit ccf5c28 + +- mlxsw: fix mlxsw_sp2_nve_vxlan_learning_set() return type + (git-fixes). +- commit e16a1ab + +- iommu: Avoid unnecessary cache invalidations (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Avoid memory allocation in iommu_suspend() + (jsc#PED-7779 jsc#PED-7780). +- iommu/apple-dart: Handle DMA_FQ domains in attach_dev() + (jsc#PED-7779 jsc#PED-7780). +- dt-bindings: arm-smmu: Fix SDM630 clocks description + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Avoid constructing invalid range commands + (jsc#PED-7779 jsc#PED-7780). +- iommu/mediatek: Fix share pgtable for iova over 4GB + (jsc#PED-7779 jsc#PED-7780). +- iommu: Explicitly include correct DT includes (jsc#PED-7779 + jsc#PED-7780). +- iommu: Optimise PCI SAC address trick (jsc#PED-7779 + jsc#PED-7780). +- iommu: Avoid locking/unlocking for iommu_probe_device() + (jsc#PED-7779 jsc#PED-7780). +- iommu: Split iommu_group_add_device() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Always destroy the iommu_group during + iommu_release_device() (jsc#PED-7779 jsc#PED-7780). +- iommu: Do not export iommu_device_link/unlink() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Move the iommu driver sysfs setup into + iommu_init/deinit_device() (jsc#PED-7779 jsc#PED-7780). +- iommu: Add iommu_init/deinit_device() paired functions + (jsc#PED-7779 jsc#PED-7780). +- iommu: Simplify the __iommu_group_remove_device() flow + (jsc#PED-7779 jsc#PED-7780). +- iommu: Inline iommu_group_get_for_dev() into + __iommu_probe_device() (jsc#PED-7779 jsc#PED-7780). +- iommu: Use iommu_group_ref_get/put() for dev->iommu_group + (jsc#PED-7779 jsc#PED-7780). +- iommu: Have __iommu_probe_device() check for already probed + devices (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Rearrange DTE bit definations (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Remove unsued extern declaration + amd_iommu_init_hardware() (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Enable PPR/GA interrupt after interrupt handler setup + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Consolidate PPR log enablement (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Disable PPR log/interrupt in iommu_disable() + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Enable separate interrupt for PPR and GA log + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Refactor IOMMU interrupt handling logic for Event, + PPR, and GA logs (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Handle PPR log overflow (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Generalize log overflow handling (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd/iommu_v2: Clear pasid state in free path (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Remove unused extern declaration + dmar_parse_dev_scope() (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Fix to convert mm pfn to dma pfn (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Remove rmrr check in domain attaching device path + (jsc#PED-7779 jsc#PED-7780). +- iommu: Prevent RESV_DIRECT devices from blocking domains + (jsc#PED-7779 jsc#PED-7780). +- dmaengine/idxd: Re-enable kernel workqueue under DMA API + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Add set_dev_pasid callback for dma domain + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Prepare for set_dev_pasid callback (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Make prq draining code generic (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Remove pasid_mutex (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Add domain_flush_pasid_iotlb() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Move global PASID allocation from SVA to core + (jsc#PED-7779 jsc#PED-7780). +- iommu: Generalize PASID 0 for normal DMA w/o PASID (jsc#PED-7779 + jsc#PED-7780). +- dt-bindings: arm-smmu: Fix MSM8998 clocks description + (jsc#PED-7779 jsc#PED-7780). +- dt-bindings: iommu: qcom,iommu: Add QSMMUv2 and MSM8976 + compatibles (jsc#PED-7779 jsc#PED-7780). +- dt-bindings: iommu: qcom,iommu: Add qcom,ctx-asid property + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-qcom: Add SM6375 SMMUv2 (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-qcom: Add SM6350 DPU compatible (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-qcom: Add SM6375 DPU compatible (jsc#PED-7779 + jsc#PED-7780). +- iommu/arm-smmu-qcom: Sort the compatible list alphabetically + (jsc#PED-7779 jsc#PED-7780). +- iommu/qcom: Add support for QSMMUv2 and QSMMU-500 secured + contexts (jsc#PED-7779 jsc#PED-7780). +- iommu/qcom: Index contexts by asid number to allow asid 0 + (jsc#PED-7779 jsc#PED-7780). +- iommu/qcom: Use the asid read from device-tree if specified + (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu: Clean up resource handling during Qualcomm + context probe (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Change vmid alloc strategy from bitmap to + ida (jsc#PED-7779 jsc#PED-7780). +- iommu: rockchip: Allocate tables from all available memory + for IOMMU v2 (jsc#PED-7779 jsc#PED-7780). +- iommu/ipmmu-vmsa: Allow PCIe devices (jsc#PED-7779 + jsc#PED-7780). +- iommu/ipmmu-vmsa: Convert to read_poll_timeout_atomic() + (jsc#PED-7779 jsc#PED-7780). +- MAINTAINERS: iommu/mediatek: Update the header file name + (jsc#PED-7779 jsc#PED-7780). +- iommu/mediatek: mt8188: Add iova_region_larb_msk (jsc#PED-7779 + jsc#PED-7780). +- iommu/mediatek: Add MT8188 IOMMU Support (jsc#PED-7779 + jsc#PED-7780). +- iommu/mediatek: Add enable IOMMU SMC command for INFRA masters + (jsc#PED-7779 jsc#PED-7780). +- iommu/mediatek: Adjust mtk_iommu_config flow (jsc#PED-7779 + jsc#PED-7780). +- dt-bindings: mediatek: mt8188: Add binding for MM & INFRA IOMMU + (jsc#PED-7779 jsc#PED-7780). +- iommu/apple-dart: mark apple_dart_pm_ops static (jsc#PED-7779 + jsc#PED-7780). +- iommufd/selftest: Don't leak the platform device memory when + unloading the module (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Implement hw_info for iommu capability query + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Add coverage for IOMMU_GET_HW_INFO ioctl + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add IOMMU_GET_HW_INFO (jsc#PED-7779 jsc#PED-7780). +- iommu: Add new iommu op to get iommu hardware information + (jsc#PED-7779 jsc#PED-7780). +- iommu: Move dev_iommu_ops() to private header (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Remove iommufd_ref_to_users() (jsc#PED-7779 + jsc#PED-7780). +- iommufd/selftest: Make the mock iommu driver into a real driver + (jsc#PED-7779 jsc#PED-7780). +- vfio: Support IO page table replacement (jsc#PED-7779 + jsc#PED-7780). +- iommufd/selftest: Add IOMMU_TEST_OP_ACCESS_REPLACE_IOAS coverage + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add iommufd_access_replace() API (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Use iommufd_access_change_ioas in + iommufd_access_destroy_object (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add iommufd_access_change_ioas(_id) helpers + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Allow passing in iopt_access_list_id to + iopt_remove_access() (jsc#PED-7779 jsc#PED-7780). +- vfio: Do not allow !ops->dma_unmap in vfio_pin/unpin_pages() + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Add a selftest for IOMMU_HWPT_ALLOC + (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Return the real idev id from selftest + mock_domain (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add IOMMU_HWPT_ALLOC (jsc#PED-7779 jsc#PED-7780). +- iommufd/selftest: Test iommufd_device_replace() (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Make destroy_rwsem use a lock class per object type + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add iommufd_device_replace() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Introduce a new iommu_group_replace_domain() API + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Reorganize iommufd_device_attach into + iommufd_device_change_pt (jsc#PED-7779 jsc#PED-7780). +- iommufd: Fix locking around hwpt allocation (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Allow a hwpt to be aborted after allocation + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add enforced_cache_coherency to + iommufd_hw_pagetable_alloc() (jsc#PED-7779 jsc#PED-7780). +- iommufd: Move putting a hwpt to a helper function (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Make sw_msi_start a group global (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Use the iommufd_group to avoid duplicate MSI setup + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Keep track of each device's reserved regions instead + of groups (jsc#PED-7779 jsc#PED-7780). +- iommu: Export iommu_get_resv_regions() (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Replace the hwpt->devices list with iommufd_group + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add iommufd_group (jsc#PED-7779 jsc#PED-7780). +- iommufd: Move isolated msi enforcement to iommufd_device_bind() + (jsc#PED-7779 jsc#PED-7780). +- vfio/pds: Send type for SUSPEND_STATUS command (jsc#PED-7779 + jsc#PED-7780). +- vfio/pds: fix return value in pds_vfio_get_lm_file() + (jsc#PED-7779 jsc#PED-7780). +- pds_core: Fix function header descriptions (jsc#PED-7779 + jsc#PED-7780). +- vfio: align capability structures (jsc#PED-7779 jsc#PED-7780). +- vfio/type1: fix cap_migration information leak (jsc#PED-7779 + jsc#PED-7780). +- vfio/fsl-mc: Use module_fsl_mc_driver macro to simplify the code + (jsc#PED-7779 jsc#PED-7780). +- vfio/cdx: Remove redundant initialization owner in + vfio_cdx_driver (jsc#PED-7779 jsc#PED-7780). +- vfio/pds: Add Kconfig and documentation (jsc#PED-7779 + jsc#PED-7780). +- vfio/pds: Add support for firmware recovery (jsc#PED-7779 + jsc#PED-7780). +- vfio/pds: Add support for dirty page tracking (jsc#PED-7779 + jsc#PED-7780). +- vfio/pds: Add VFIO live migration support (jsc#PED-7779 + jsc#PED-7780). +- vfio/pds: register with the pds_core PF (jsc#PED-7779 + jsc#PED-7780). +- pds_core: Require callers of register/unregister to pass PF + drvdata (jsc#PED-7779 jsc#PED-7780). +- vfio/pds: Initial support for pds VFIO driver (jsc#PED-7779 + jsc#PED-7780). +- vfio: Commonize combine_ranges for use in other VFIO drivers + (jsc#PED-7779 jsc#PED-7780). +- kvm/vfio: avoid bouncing the mutex when adding and deleting + groups (jsc#PED-7779 jsc#PED-7780). +- kvm/vfio: ensure kvg instance stays around in + kvm_vfio_group_add() (jsc#PED-7779 jsc#PED-7780). +- docs: vfio: Add vfio device cdev description (jsc#PED-7779 + jsc#PED-7780). +- vfio: Move the IOMMU_CAP_CACHE_COHERENCY check in + __vfio_register_dev() (jsc#PED-7779 jsc#PED-7780). +- vfio: Add VFIO_DEVICE_[AT|DE]TACH_IOMMUFD_PT (jsc#PED-7779 + jsc#PED-7780). +- vfio: Add VFIO_DEVICE_BIND_IOMMUFD (jsc#PED-7779 jsc#PED-7780). +- vfio: Avoid repeated user pointer cast in + vfio_device_fops_unl_ioctl() (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add iommufd_ctx_from_fd() (jsc#PED-7779 jsc#PED-7780). +- vfio: Test kvm pointer in _vfio_device_get_kvm_safe() + (jsc#PED-7779 jsc#PED-7780). +- vfio: Add cdev for vfio_device (jsc#PED-7779 jsc#PED-7780). +- vfio: Move device_del() before waiting for the last vfio_device + registration refcount (jsc#PED-7779 jsc#PED-7780). +- vfio: Move vfio_device_group_unregister() to be the first + operation in unregister (jsc#PED-7779 jsc#PED-7780). +- vfio-iommufd: Add detach_ioas support for emulated VFIO devices + (jsc#PED-7779 jsc#PED-7780). +- iommufd/device: Add iommufd_access_detach() API (jsc#PED-7779 + jsc#PED-7780). +- vfio-iommufd: Add detach_ioas support for physical VFIO devices + (jsc#PED-7779 jsc#PED-7780). +- vfio: Record devid in vfio_device_file (jsc#PED-7779 + jsc#PED-7780). +- vfio-iommufd: Split bind/attach into two steps (jsc#PED-7779 + jsc#PED-7780). +- vfio-iommufd: Move noiommu compat validation out of + vfio_iommufd_bind() (jsc#PED-7779 jsc#PED-7780). +- vfio: Make vfio_df_open() single open for device cdev path + (jsc#PED-7779 jsc#PED-7780). +- vfio: Add cdev_device_open_cnt to vfio_group (jsc#PED-7779 + jsc#PED-7780). +- vfio: Block device access via device fd until device is opened + (jsc#PED-7779 jsc#PED-7780). +- vfio: Pass struct vfio_device_file * to vfio_device_open/close() + (jsc#PED-7779 jsc#PED-7780). +- kvm/vfio: Accept vfio device file from userspace (jsc#PED-7779 + jsc#PED-7780). +- kvm/vfio: Prepare for accepting vfio device fd (jsc#PED-7779 + jsc#PED-7780). +- vfio: Accept vfio device file in the KVM facing kAPI + (jsc#PED-7779 jsc#PED-7780). +- vfio: Refine vfio file kAPIs for KVM (jsc#PED-7779 + jsc#PED-7780). +- vfio: Allocate per device file structure (jsc#PED-7779 + jsc#PED-7780). +- vfio/pci: Allow passing zero-length fd array in + VFIO_DEVICE_PCI_HOT_RESET (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Copy hot-reset device info to userspace in the + devices loop (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Extend VFIO_DEVICE_GET_PCI_HOT_RESET_INFO for vfio + device cdev (jsc#PED-7779 jsc#PED-7780). +- vfio: Add helper to search vfio_device in a dev_set + (jsc#PED-7779 jsc#PED-7780). +- vfio: Mark cdev usage in vfio_device (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Add helper to retrieve iommufd_ctx and devid + (jsc#PED-7779 jsc#PED-7780). +- iommufd: Add iommufd_ctx_has_group() (jsc#PED-7779 + jsc#PED-7780). +- iommufd: Reserve all negative IDs in the iommufd xarray + (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Move the existing hot reset logic to be a helper + (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Update comment around group_fd get in + vfio_pci_ioctl_pci_hot_reset() (jsc#PED-7779 jsc#PED-7780). +- commit 5a8a192 + +- x86/tsc: Extend watchdog check exemption to 4-Sockets platform (jsc#PED-7786). +- commit 8c26887 + +- qlcnic: replace deprecated strncpy with strscpy (jsc#PED-6886). +- commit 2cd64fa + +- drivers: base: Free devm resources when unregistering a device + (jsc#PED-6054) +- Refresh + patches.suse/kernfs-fix-missing-kernfs_iattr_rwsem-locking.patch. +- commit 1ff927f + +- lib/string_helpers: Add kstrdup_and_replace() helper + (jsc#PED-6054). +- commit 425f257 + +- vfio/cdx: add support for CDX bus (jsc#PED-7779 jsc#PED-7780). +- Update config files. +- commit 1dda3a4 + +- vfio/platform: Cleanup Kconfig (jsc#PED-7779 jsc#PED-7780). +- Update config files. +- commit 20a24ad + +- vfio/fsl: Create Kconfig sub-menu (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Cleanup Kconfig (jsc#PED-7779 jsc#PED-7780). +- vfio/pci-core: Add capability for AtomicOp completer support + (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Also demote hiding standard cap messages (jsc#PED-7779 + jsc#PED-7780). +- vfio/pci: Clear VFIO_IRQ_INFO_NORESIZE for MSI-X (jsc#PED-7779 + jsc#PED-7780). +- vfio/pci: Support dynamic MSI-X (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Probe and store ability to support dynamic MSI-X + (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Use bitfield for struct vfio_pci_core_device flags + (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Update stale comment (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Remove interrupt context counter (jsc#PED-7779 + jsc#PED-7780). +- vfio/pci: Use xarray for interrupt context storage (jsc#PED-7779 + jsc#PED-7780). +- vfio/pci: Move to single error path (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Prepare for dynamic interrupt context storage + (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: Remove negative check on unsigned vector (jsc#PED-7779 + jsc#PED-7780). +- vfio/pci: Consolidate irq cleanup on MSI/MSI-X disable + (jsc#PED-7779 jsc#PED-7780). +- vfio/pci: demote hiding ecap messages to debug level + (jsc#PED-7779 jsc#PED-7780). +- commit 35c9b4b + +- iommu: Fix crash during syfs iommu_groups/N/type (jsc#PED-7779 + jsc#PED-7780). +- commit ccef64e + +- device property: Clarify usage scope of some struct + fwnode_handle members (jsc#PED-6054). +- commit a9856b6 + +- iommu/amd: Remove extern from function prototypes (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Use BIT/BIT_ULL macro to define bit fields + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Fix DTE_IRQ_PHYS_ADDR_MASK macro (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Fix compile error for unused function (jsc#PED-7779 + jsc#PED-7780). +- iommu/amd: Improving Interrupt Remapping Table Invalidation + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Do not Invalidate IRT when IRTE caching is disabled + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Remove the unused struct amd_ir_data.ref + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Switch amd_iommu_update_ga() to use modify_irte_ga() + (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Update copyright notice (jsc#PED-7779 jsc#PED-7780). +- iommu/amd: Use page mode macros in fetch_pte() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Tidy the control flow in iommu_group_store_type() + (jsc#PED-7779 jsc#PED-7780). +- iommu: Remove __iommu_group_for_each_dev() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Allow IOMMU_RESV_DIRECT to work on ARM (jsc#PED-7779 + jsc#PED-7780). +- iommu: Consolidate the default_domain setup to one function + (jsc#PED-7779 jsc#PED-7780). +- iommu: Revise iommu_group_alloc_default_domain() (jsc#PED-7779 + jsc#PED-7780). +- iommu: Consolidate the code to calculate the target default + domain type (jsc#PED-7779 jsc#PED-7780). +- iommu: Remove the assignment of group->domain during default + domain alloc (jsc#PED-7779 jsc#PED-7780). +- iommu: Do iommu_group_create_direct_mappings() before attach + (jsc#PED-7779 jsc#PED-7780). +- iommu: Fix iommu_probe_device() to attach the right domain + (jsc#PED-7779 jsc#PED-7780). +- iommu: Replace iommu_group_do_dma_first_attach with + __iommu_device_set_domain (jsc#PED-7779 jsc#PED-7780). +- iommu: Remove iommu_group_do_dma_first_attach() from + iommu_group_add_device() (jsc#PED-7779 jsc#PED-7780). +- iommu: Replace __iommu_group_dma_first_attach() with set_domain + (jsc#PED-7779 jsc#PED-7780). +- iommu: Use __iommu_group_set_domain() in + iommu_change_dev_def_domain() (jsc#PED-7779 jsc#PED-7780). +- iommu: Use __iommu_group_set_domain() for __iommu_attach_group() + (jsc#PED-7779 jsc#PED-7780). +- iommu: Make __iommu_group_set_domain() handle error unwind + (jsc#PED-7779 jsc#PED-7780). +- iommu: Add for_each_group_device() (jsc#PED-7779 jsc#PED-7780). +- iommu: Replace iommu_group_device_count() with + list_count_nodes() (jsc#PED-7779 jsc#PED-7780). +- iommu: Suppress empty whitespaces in prints (jsc#PED-7779 + jsc#PED-7780). +- iommu: Use flush queue capability (jsc#PED-7779 jsc#PED-7780). +- iommu: Add a capability for flush queue support (jsc#PED-7779 + jsc#PED-7780). +- iommu/iova: Optimize iova_magazine_alloc() (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Remove commented-out code (jsc#PED-7779 + jsc#PED-7780). +- iommu/vt-d: Remove two WARN_ON in domain_context_mapping_one() + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Handle the failure case of dmar_reenable_qi() + (jsc#PED-7779 jsc#PED-7780). +- iommu/vt-d: Remove unnecessary (void*) conversions (jsc#PED-7779 + jsc#PED-7780). +- iommu/fsl: Use driver_managed_dma to allow VFIO to work + (jsc#PED-7779 jsc#PED-7780). +- iommu/fsl: Move ENODEV to fsl_pamu_probe_device() (jsc#PED-7779 + jsc#PED-7780). +- iommu/fsl: Always allocate a group for non-pci devices + (jsc#PED-7779 jsc#PED-7780). +- dt-bindings: arm-smmu: Add SDX75 SMMU compatible (jsc#PED-7779 + jsc#PED-7780). +- dt-bindings: arm-smmu: Add SM6375 GPU SMMU (jsc#PED-7779 + jsc#PED-7780). +- dt-bindings: iommu: arm,smmu: enable clocks for sa8775p Adreno + SMMU (jsc#PED-7779 jsc#PED-7780). +- iommu/arm-smmu-v3: Set TTL invalidation hint better + (jsc#PED-7779 jsc#PED-7780). +- commit 9bad5bb + +- driver core: make device_is_dependent() static (jsc#PED-6054). +- commit d020041 + +- driver core: Replace kstrdup() + strreplace() with + kstrdup_and_replace() (jsc#PED-6054). +- commit 3214968 + +- usb: typec: tcpm: Refactor the PPS APDO selection + (jsc#PED-6054). +- commit ec52f17 + +- usb: typec: tcpm: add get max power support (jsc#PED-6054). +- usb: typec: tcpm: fix cc role at port reset (git-fixes). +- commit 0ea7d31 + +- usb: typec: change altmode SVID to u16 entry (jsc#PED-6054). +- commit 37d29a2 + +- usb: typec: tcpm: add tcpm_port_error_recovery symbol + (jsc#PED-6054). +- commit a85d742 + +- usb: typec: intel_pmc_mux: enable sysfs usb role access + (jsc#PED-6054). +- commit 8dfd45f + +- usb: typec: tcpm: reset counter when enter into unattached + state after try role (git-fixes). +- commit e166f48 + +- usb: typec: tcpm: not sink vbus if operational current is 0mA + (git-fixes). +- commit ca613ac + +- cpu/hotplug: Increase the number of dynamic states (jsc#PED-7789). +- commit c2f3ebe + +- thunderbolt: Keep link as asymmetric if preferred by hardware + (jsc#PED-6054). +- commit 49c8848 + +- thunderbolt: Disable PCIe extended encapsulation upon teardown + properly (jsc#PED-6054). +- commit 46ca554 + +- thunderbolt: Make PCIe tunnel setup and teardown follow CM guide + (jsc#PED-6054). +- commit 8e6fc8d + +- thunderbolt: Improve logging when DisplayPort resource is + added due to hotplug (jsc#PED-6054). +- commit d195201 + +- tracing: Add kabi placeholders (git-fixes). +- commit fe66dad + +- kernel/crash_core.c: make __crash_hotplug_lock static + (git-fixes). +- commit b795e50 + +- Update config files: disable CONFIG_USELIB (bsc#1219222) + It's only for the old libc5. Let's reduce the possible attack surfaces. +- commit a92262c + +- kexec: drop dependency on ARCH_SUPPORTS_KEXEC from CRASH_DUMP + (git-fixes). +- commit 2b8e009 + +- thunderbolt: Use tb_dp_read_cap() to read DP_COMMON_CAP as well + (jsc#PED-6054). +- commit 817c431 + +- thunderbolt: Disable CL states only when actually needed + (jsc#PED-6054). +- commit 12f7c4b + +- thunderbolt: Transition link to asymmetric only when both + sides support it (jsc#PED-6054). +- commit c0db739 + +- thunderbolt: Log XDomain link speed and width (jsc#PED-6054). +- thunderbolt: Move width_name() helper to tb.h (jsc#PED-6054). +- commit 3864ca8 + +- wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach + (CVE-2023-47233 bsc#1216702). +- commit 358e411 + +- thunderbolt: Handle lane bonding of Gen 4 XDomain links properly + (jsc#PED-6054). +- commit 903c24d + +- thunderbolt: Unwind TMU configuration if + tb_switch_set_tmu_mode_params() fails (jsc#PED-6054). +- commit beff1a5 + +- net: dsa: qca8k: fix potential MDIO bus conflict when accessing + internal PHYs via management frames (git-fixes). +- commit 652abc9 + +- thunderbolt: Remove duplicated re-assignment of pointer 'out' + (jsc#PED-6054). +- commit 051cc47 + +- net: dsa: qca8k: fix regmap bulk read/write methods on big + endian systems (git-fixes). +- commit 72d26f3 + +- net: ethernet: mediatek: disable irq before schedule napi + (git-fixes). +- commit be9ea94 + +- net: stmmac: dwmac-stm32: fix resume on STM32 MCU (git-fixes). +- commit 70db3b0 + +- net: ethernet: ti: am65-cpsw: Fix error code in + am65_cpsw_nuss_init_tx_chns() (git-fixes). +- commit 654c23c + +- rswitch: Fix PHY station management clock setting (git-fixes). +- commit b773ebb + +- sky2: Make sure there is at least one frag_addr available + (git-fixes). +- commit 77a9b4b + +- net: dsa: mv88e6xxx: Avoid EEPROM timeout when EEPROM is absent + (git-fixes). +- commit 9713936 + +- drivers/net: process the result of hdlc_open() and add call + of hdlc_close() in uhdlc_close() (git-fixes). +- commit 09258c6 + +- net: hinic: Fix warning-hinic_set_vlan_fliter() warn: variable + dereferenced before check 'hwdev' (git-fixes). +- commit 6fc3024 + +- net/mlx5e: fix a potential double-free in fs_any_create_groups + (jsc#PED-3311). +- net/mlx5e: fix a double-free in arfs_create_groups + (jsc#PED-3311). +- net/mlx5e: Ignore IPsec replay window values on sender side + (jsc#PED-3311). +- net/mlx5e: Allow software parsing when IPsec crypto is enabled + (jsc#PED-3311). +- net/mlx5: Use mlx5 device constant for selecting CQ period + mode for ASO (jsc#PED-3311). +- net/mlx5: DR, Can't go to uplink vport on RX rule + (jsc#PED-3311). +- net/mlx5: DR, Use the right GVMI number for drop action + (jsc#PED-3311). +- net/mlx5: Bridge, fix multicast packets sent to uplink + (jsc#PED-3311). +- net/mlx5: Fix a WARN upon a callback command failure + (jsc#PED-3311). +- net/mlx5e: Fix peer flow lists handling (jsc#PED-3311). +- net/mlx5e: Fix inconsistent hairpin RQT sizes (jsc#PED-3311). +- net/mlx5e: Fix operation precedence bug in port timestamping + napi_poll context (jsc#PED-3311). +- net/mlx5: Fix query of sd_group field (jsc#PED-3311). +- net/mlx5e: Use the correct lag ports number when creating TISes + (jsc#PED-3311). +- i40e: update xdp_rxq_info::frag_size for ZC enabled Rx queue + (jsc#PED-4874). +- i40e: set xdp_rxq_info::frag_size (jsc#PED-4874). +- ice: update xdp_rxq_info::frag_size for ZC enabled Rx queue + (jsc#PED-4876). +- intel: xsk: initialize skb_frag_t::bv_offset in ZC drivers + (jsc#PED-4874). +- ice: remove redundant xdp_rxq_info registration (jsc#PED-4876). +- i40e: handle multi-buffer packets that are shrunk by xdp prog + (jsc#PED-4874). +- ice: work on pre-XDP prog frag count (jsc#PED-4876). +- xsk: make xsk_buff_pool responsible for clearing xdp_buff::flags + (jsc#PED-4874). +- net: fill in MODULE_DESCRIPTION()s for rvu_mbox (jsc#PED-6931). +- dpll: fix register pin with unregistered parent pin + (jsc#PED-6079). +- dpll: fix userspace availability of pins (jsc#PED-6079). +- dpll: fix pin dump crash for rebound module (jsc#PED-6079). +- dpll: fix broken error path in + dpll_pin_alloc(..) (jsc#PED-6079). +- idpf: distinguish vports by the dev_port attribute + (jsc#PED-6716). +- bnxt_en: Fix possible crash after creating sw mqprio TCs + (jsc#PED-7574). +- bnxt_en: Prevent kernel warning when running offline self test + (jsc#PED-7574). +- bnxt_en: Fix RSS table entries calculation for P5_PLUS chips + (jsc#PED-7574). +- bnxt_en: Fix memory leak in bnxt_hwrm_get_rings() + (jsc#PED-7574). +- bnxt_en: Wait for FLR to complete during probe (jsc#PED-7574). +- RDMA/efa: Add EFA query MR support (jsc#PED-6864). +- RDMA/erdma: Add hardware statistics support (jsc#PED-6864). +- RDMA/erdma: Introduce dma pool for hardware responses of CMDQ + requests (jsc#PED-6864). +- IB/iser: iscsi_iser.h: fix kernel-doc warning and spellos + (jsc#PED-6864). +- IB/ipoib: Fix mcast list locking (jsc#PED-6864). +- RDMA/hns: Add a max length of gid table (jsc#PED-6864). +- RDMA/hns: Response dmac to userspace (jsc#PED-6864). +- RDMA/hns: Rename the interrupts (jsc#PED-6864). +- RDMA/siw: Call orq_get_current if possible (jsc#PED-6864). +- RDMA/siw: Set qp_state in siw_query_qp (jsc#PED-6864). +- RDMA/siw: Reduce memory usage of struct siw_rx_stream + (jsc#PED-6864). +- RDMA/siw: Move tx_cpu ahead (jsc#PED-6864). +- RDMA/IPoIB: Add tx timeout work to recover queue stop situation + (jsc#PED-6864). +- RDMA/IPoIB: Fix error code return in ipoib_mcast_join + (jsc#PED-6864). +- RDMA/rtrs: Use %pe to print errors (jsc#PED-6864). +- RDMA/rtrs-clt: Use %pe to print errors (jsc#PED-6864). +- RDMA/rtrs-clt: Add warning logs for RDMA events (jsc#PED-6864). +- RDMA/hns: Support SW stats with debugfs (jsc#PED-6864). +- RDMA/hns: Add debugfs to hns RoCE (jsc#PED-6864). +- RDMA/siw: Update comments for siw_qp_sq_process (jsc#PED-6864). +- RDMA/siw: Introduce siw_destroy_cep_sock (jsc#PED-6864). +- RDMA/siw: Only check attrs->cap.max_send_wr in siw_create_qp + (jsc#PED-6864). +- RDMA/siw: Fix typo (jsc#PED-6864). +- RDMA/siw: Remove siw_sk_save_upcalls (jsc#PED-6864). +- RDMA/siw: Cleanup siw_accept (jsc#PED-6864). +- RDMA/siw: Introduce siw_free_cm_id (jsc#PED-6864). +- RDMA/siw: Introduce siw_cep_set_free_and_put (jsc#PED-6864). +- RDMA/siw: Add one parameter to siw_destroy_cpulist + (jsc#PED-6864). +- RDMA/siw: Introduce SIW_STAG_MAX_INDEX (jsc#PED-6864). +- RDMA/siw: Factor out siw_rx_data helper (jsc#PED-6864). +- RDMA/siw: No need to check term_info.valid before call + siw_send_terminate (jsc#PED-6864). +- RDMA/siw: Remove rcu from siw_qp (jsc#PED-6864). +- RDMA/siw: Remove goto lable in siw_mmap (jsc#PED-6864). +- RDMA/siw: Use iov.iov_len in kernel_sendmsg (jsc#PED-6864). +- RDMA/siw: Introduce siw_update_skb_rcvd (jsc#PED-6864). +- RDMA/siw: Introduce siw_get_page (jsc#PED-6864). +- RDMA/irdma: Use crypto_shash_digest() in + irdma_ieq_check_mpacrc() (jsc#PED-4862). +- RDMA/siw: Use crypto_shash_digest() in siw_qp_prepare_tx() + (jsc#PED-6864). +- RDMA/hfi1: Copy userspace arrays safely (jsc#PED-6864). +- RDMA/siw: Use ib_umem_get() to pin user pages (jsc#PED-6864). +- vsock/virtio: use skb_frag_*() helpers (jsc#PED-5505). +- virtio/vsock: send credit update during setting SO_RCVLOWAT + (jsc#PED-5505). +- virtio/vsock: fix logic which reduces credit update messages + (jsc#PED-5505). +- gve: Remove dependency on 4k page size (bsc#1214479). +- gve: Add page size register to the register_page_list command + (bsc#1214479). +- gve: Remove obsolete checks that rely on page size + (bsc#1214479). +- gve: Deprecate adminq_pfn for pci revision 0x1 (bsc#1214479). +- gve: Perform adminq allocations through a dma_pool + (bsc#1214479). +- gve: add gve_features_check() (bsc#1214479). +- PCI: Add Alibaba Vendor ID to linux/pci_ids.h (jsc#PED-6864). +- vsock/virtio: fix "comparison of distinct pointer types lacks + a cast" warning (jsc#PED-5505). +- net: fill in MODULE_DESCRIPTION()s for SOCK_DIAG modules + (jsc#PED-5505). +- virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() + (jsc#PED-5505). +- RDMA: Annotate struct rdma_hw_stats with __counted_by + (jsc#PED-6864). +- vsock: enable setting SO_ZEROCOPY (jsc#PED-5505). +- vsock/loopback: support MSG_ZEROCOPY for transport + (jsc#PED-5505). +- vsock/virtio: support MSG_ZEROCOPY for transport (jsc#PED-5505). +- vhost/vsock: support MSG_ZEROCOPY for transport (jsc#PED-5505). +- vsock: enable SOCK_SUPPORT_ZC bit (jsc#PED-5505). +- vsock: check for MSG_ZEROCOPY support on send (jsc#PED-5505). +- vsock: read from socket's error queue (jsc#PED-5505). +- vsock: set EPOLLERR on non-empty error queue (jsc#PED-5505). +- vsock/virtio: MSG_ZEROCOPY flag support (jsc#PED-5505). +- vsock/virtio: non-linear skb handling for tap (jsc#PED-5505). +- vsock/virtio: support to send non-linear skb (jsc#PED-5505). +- vsock/virtio/vhost: read data from non-linear skb + (jsc#PED-5505). +- vsock: send SIGPIPE on write to shutdowned socket + (jsc#PED-5505). +- vsock: Remove unused function declarations (jsc#PED-5505). +- virtio/vsock: support MSG_PEEK for SOCK_SEQPACKET + (jsc#PED-5505). +- virtio/vsock: rework MSG_PEEK for SOCK_STREAM (jsc#PED-5505). +- commit 0dfd8ae + +- arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD (git-fixes) +- commit a6327d2 + +- arm64: entry: Simplify tramp_alias macro and tramp_exit routine (git-fixes) +- commit 33427e9 + +- tracing/trigger: Fix to return error if failed to alloc snapshot + (git-fixes). +- commit 5235870 + +- tracing: Ensure visibility when inserting an element into + tracing_map (git-fixes). +- commit 8d0199c + +- bpf: Limit the number of kprobes when attaching program to + multiple kprobes (git-fixes). +- commit 405ad58 + +- ring-buffer: Do not record in NMI if the arch does not support + cmpxchg in NMI (git-fixes). +- commit 5299cd1 + +- tracing: Fix uaf issue when open the hist or hist_debug file + (git-fixes). +- commit 74ab383 + +- arm64: entry: Preserve/restore X29 even for compat tasks (git-fixes) +- commit c87e6ab + +- tracing: Add size check when printing trace_marker output + (git-fixes). +- commit b4fc359 + +- tracing: Have large events show up as '' instead of nothing + (git-fixes). +- commit 89b3b19 + +- tracing: relax trace_event_eval_update() execution with + cond_resched() (git-fixes). +- commit 598ec62 + +- ring-buffer: Do not attempt to read past "commit" (git-fixes). +- commit 32b2fd5 + +- ring-buffer: Avoid softlockup in ring_buffer_resize() + (git-fixes). +- commit 522e4dc + +- arm64: Rename ARM64_WORKAROUND_2966298 (git-fixes) + Refresh cpu_hwcaps reservation and enable WORKAROUND_SPECULATIVE_UNPRIV_LOAD. + ".. The workaround isn't necessary if page table isolation (KPTI) is + enabled, but for simplicity it will be. Page table isolation should + normally be disabled for Cortex-A520 as it supports the CSV3 feature + and the E0PD feature (used when KASLR is enabled). ..." +- commit 3a5b06f + +- rpm/constraints.in: set jobs for riscv to 8 + The same workers are used for x86 and riscv and the riscv builds take + ages. So align the riscv jobs count to x86. +- commit b2c82b9 + +- cgroup_freezer: cgroup_freezing: Check if not frozen + (bsc#1219338). +- commit 6549fad + +- Update patches.suse/arm64-sdei-abort-running-SDEI-handlers-during-crash.patch (git-fixes, bsc#1219254) + Add reference to bsc#1219254. +- commit 6a70510 + +- perf: arm_cspmu: Reject events meant for other PMUs (bsc#1219247) +- commit faa4288 + +- Update patches.suse/arm64-arm-arm_pmuv3-perf-Don-t-truncate-64-bit-regis.patch (git-fixes, bsc#1219246) + Add reference to bsc#1219246 +- commit 9f6d94a + +- platform/x86: ISST: Reduce noise for missing numa information + in logs (bsc#1219285). +- commit 070f01e + +- supported.conf: Mark lz4* related modules as supported (bsc#1217030) + Those are used by zram and other modules. +- commit 7165080 + +- selftests: mm: hugepage-vmemmap fails on 64K page size systems + (bsc#1219286). +- commit f1ce7e1 + +- r8169: respect userspace disabling IFF_MULTICAST (git-fixes). +- commit 29e98eb + +- net: phylink: initialize carrier state at creation (git-fixes). +- commit 4a57df5 + +- net: stmmac: xgmac: Enable support for multiple Flexible PPS + outputs (git-fixes). +- commit 7a5f412 + +- ipvlan: properly track tx_errors (git-fixes). +- commit 9072c00 + +- tsnep: Fix tsnep_request_irq() format-overflow warning + (git-fixes). +- commit 7127754 + +- net: renesas: rswitch: Add spin lock protection for irq {un}mask + (git-fixes). +- commit 57d1654 + +- net: renesas: rswitch: Add runtime speed change support + (git-fixes). +- commit b524173 + +- net: phy: Provide Module 4 KSZ9477 errata (DS80000754C) + (git-fixes). +- commit 4eb114e + +- net: phy: micrel: Move KSZ9477 errata fixes to PHY driver + (git-fixes). +- commit 3919cda + +- net: phy: Fix deadlocking in phy_error() invocation (git-fixes). +- commit f16a410 + +- net: phy: avoid kernel warning dump when stopping an errored + PHY (git-fixes). +- commit deb85a0 + +- r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes). +- commit 0834d50 + +- Refresh and enable + patches.suse/sched-fair-Increase-wakeup_gran-if-current-task-has-not-executed-the-minimum-granularity.patch. +- commit d4cda80 + +- =?UTF-8?q?cxl/region=EF=BC=9AFix=20overflow=20issue=20in?= + =?UTF-8?q?=20alloc=5Fhpa()?= (git-fixes). +- genirq: Initialize resend_node hlist for all interrupt + descriptors (git-fixes). +- clocksource: Skip watchdog check for large watchdog intervals + (git-fixes). +- commit 79eca77 + +- Add alt-commit to platform x86 p2sb patch (git-fixes) +- commit f23ac66 + +- platform/x86/intel/ifs: Call release_firmware() when handling + errors (git-fixes). +- platform/x86: intel-uncore-freq: Fix types in sysfs callbacks + (git-fixes). +- drm/i915/psr: Only allow PSR in LPSP mode on HSW non-ULT + (git-fixes). +- commit c877cc1 + +- drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in + the error case (git-fixes). +- commit 8520b33 + +- cpufreq/amd-pstate: Fix setting scaling max/min freq values + (git-fixes). +- drm: bridge: samsung-dsim: Don't use FORCE_STOP_STATE + (git-fixes). +- Revert "drivers/firmware: Move sysfb_init() from device_initcall + to subsys_initcall_sync" (git-fixes). +- drm/bridge: anx7625: Ensure bridge is suspended in disable() + (git-fixes). +- drm/bridge: parade-ps8640: Ensure bridge is suspended in + .post_disable() (git-fixes). +- drm/bridge: sii902x: Fix audio codec unregistration (git-fixes). +- drm/bridge: sii902x: Fix probing race issue (git-fixes). +- drm/panel: samsung-s6d7aa0: drop DRM_BUS_FLAG_DE_HIGH for + lsl080al02 (git-fixes). +- drm: panel-simple: add missing bus flags for Tianma + tm070jvhg[30/33] (git-fixes). +- drm/bridge: parade-ps8640: Wait for HPD when doing an AUX + transfer (git-fixes). +- drm/exynos: gsc: minor fix for loop iteration in + gsc_runtime_resume (git-fixes). +- drm/exynos: fix accidental on-stack copy of exynos_drm_plane + (git-fixes). +- dt-bindings: display: samsung,exynos-mixer: Fix 'regs' typo + (git-fixes). +- Revert "drm/i915/dsi: Do display on sequence later on icl+" + (git-fixes). +- firmware: arm_scmi: Use xa_insert() when saving raw queues + (git-fixes). +- firmware: arm_scmi: Check mailbox/SMT channel for consistency + (git-fixes). +- spi: fix finalize message on error return (git-fixes). +- spi: spi-cadence: Reverse the order of interleaved write and + read operations (git-fixes). +- spi: bcm-qspi: fix SFDP BFPT read by usig mspi read (git-fixes). +- spi: intel-pci: Remove Meteor Lake-S SoC PCI ID from the list + (git-fixes). +- gpio: eic-sprd: Clear interrupt after set the interrupt type + (git-fixes). +- net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes). +- commit 04f99fe + +- net: sched: sch_qfq: Use non-work-conserving warning handler + (CVE-2023-4921 bsc#1215275). +- commit 24b313c + +- mkspec: Use variant in constraints template + Constraints are not applied consistently with kernel package variants. + Add variant to the constraints template as appropriate, and expand it + in mkspec. +- commit cc68ab9 + +- Update + patches.suse/drm-atomic-Fix-potential-use-after-free-in-nonb.patch + (jsc#PED-3527 jsc#PED-5475 jsc#PED-6068 jsc#PED-6070 + jsc#PED-6116 jsc#PED-6120 jsc#PED-5065 jsc#PED-5477 + jsc#PED-5511 jsc#PED-6041 jsc#PED-6069 jsc#PED-6071 bsc#1219120 + CVE-2023-51043). +- commit 9891763 + +- fjes: fix memleaks in fjes_hw_setup (git-fixes). +- wifi: iwlwifi: fix a memory corruption (git-fixes). +- wifi: mac80211: fix potential sta-link leak (git-fixes). +- clocksource/drivers/timer-ti-dm: Fix make W=n kerneldoc warnings + (git-fixes). +- serial: 8250_exar: Set missing rs485_supported flag (git-fixes). +- bus: mhi: ep: Use slab allocator where applicable (git-fixes). +- pwm: stm32: Fix enable count for clk in .probe() (git-fixes). +- pwm: stm32: Use hweight32 in stm32_pwm_detect_channels + (git-fixes). +- clk: renesas: rzg2l: Check reset monitor registers (git-fixes). +- clk: renesas: rzg2l-cpg: Reuse code in rzg2l_cpg_reset() + (git-fixes). +- drm/tidss: Fix dss reset (git-fixes). +- drm/tidss: Check for K2G in in dispc_softreset() (git-fixes). +- drm/tidss: Return error value from from softreset (git-fixes). +- drm/tidss: Move reset to the end of dispc_init() (git-fixes). +- wifi: mwifiex: fix uninitialized firmware_stat (git-fixes). +- wifi: mwifiex: add extra delay for firmware ready (git-fixes). +- cpufreq: scmi: process the result of + devm_of_clk_add_hw_provider() (git-fixes). +- cpuidle: haltpoll: Do not enable interrupts when entering idle + (git-fixes). +- gpio: sysfs: drop the mention of gpiochip_find() from sysfs code + (git-fixes). +- gpiolib: provide gpio_device_find() (git-fixes). +- gpiolib: make gpio_device_get() and gpio_device_put() public + (git-fixes). +- commit 3a58ed2 + +- scsi: lpfc: Limit IRQ vectors to online cpus if kdump kernel + (bsc#1218180). +- commit 955ec78 + +- rpm/constraints.in: add static multibuild packages + Commit 841012b049a5 (rpm/mkspec: use kernel-source: prefix for + constraints on multibuild) added "kernel-source:" prefix to the + dynamically generated kernels. But there are also static ones like + kernel-docs. Those fail to build as the constraints are still not + applied. + So add the prefix also to the static ones. + Note kernel-docs-rt is given kernel-source-rt prefix. I am not sure it + will ever be multibuilt... +- commit c2e0681 + +- xsk: make struct xsk_cb_desc available outside + CONFIG_XDP_SOCKETS (jsc#PED-4876). +- commit ca48ebb + +- ext4: fix warning in ext4_dio_write_end_io() (bsc#1219163). +- ext4: properly sync file size update after O_SYNC direct IO + (bsc#1219163). +- ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow + (bsc#1219165). +- ext4: add two helper functions extent_logical_end() and + pa_logical_end() (bsc#1219165). +- commit 16340ba + +- blk-wbt: Fix detection of dirty-throttled tasks (bsc#1218272). +- commit 497a3db + +- i2c: tegra: Fix failure during probe deferral cleanup (jsc#PED-7377) +- commit e1a3e42 + +- i2c: tegra: Share same DMA channel for RX and TX (jsc#PED-7377) +- commit 60c8e2f + +- cpufreq: tegra194: remove redundant AND with cpu_online_mask (jsc#PED-7377) +- commit 2b048f4 + +- cpufreq: tegra194: use refclk delta based loop instead of udelay (jsc#PED-7377) +- commit b4d7280 + +- cpufreq: tegra194: save CPU data to avoid repeated SMP calls (jsc#PED-7377) +- commit 0414ad1 + +- hwmon: (ina3221) Add support for channel summation disable (jsc#PED-7377) +- commit ea00bac + +- memory: tegra: Set BPMP msg flags to reset IPC channels (jsc#PED-7377) +- commit e67ef95 + +- memory: tegra: Add Tegra234 clients for RCE and VI (jsc#PED-7377) +- commit faa58f6 + +- pinctrl: tegra: Consistently refer to SoC data (jsc#PED-7377) +- commit a8faf7c + +- firmware: tegra: bpmp: Add support for DRAM MRQ GSCs (jsc#PED-7377) +- commit 408475f + +- gpio: tegra186: Check PMC driver status before any request (jsc#PED-7377) +- commit 3b10a2a + +- gpio: tegra186: Check GPIO pin permission before access. (jsc#PED-7377) +- commit 0ce1a89 + +- PCI: tegra194: Add interconnect support in Tegra234 (jsc#PED-7377) +- commit d74fa9b + +- memory: tegra: make icc_set_bw return zero if BWMGR not supported (jsc#PED-7377) +- commit 734a54f + +- memory: tegra: Add dummy implementation on Tegra194 (jsc#PED-7377) +- commit d4119f8 + +- memory: tegra: Make CPU cluster BW request a multiple of MC channels (jsc#PED-7377) +- commit 312222e + +- dt-bindings: tegra: Add ICC IDs for dummy memory clients (jsc#PED-7377) +- commit c75c8a3 + +- memory: tegra: Add software memory clients in Tegra234 (jsc#PED-7377) +- commit 1ccc65b + +- memory: tegra: Add memory clients for Tegra234 (jsc#PED-7377) +- commit f35b21d + +- memory: tegra: Add interconnect support for DRAM scaling in Tegra234 (jsc#PED-7377) +- commit ccec3a6 + +- soc/tegra: fuse: Fix Tegra234 fuse size (jsc#PED-7377) +- commit 7495f5c + +- soc/tegra: pmc: Add AON SW Wake support for Tegra234 (jsc#PED-7377) +- commit 156c05b + +- soc/tegra: fuse: Add support for Tegra264 (jsc#PED-7377) +- commit 920ec24 + +- supported.conf: Add UCSI CCG module in base image (jsc#PED-7377) + This module is needed for Nvidia Orin platforms. +- commit 5f1a01b + +- rpm: Use run_if_exists for all external scriptlets + With that the scriptlets do not need to be installed for build. +- commit 25edd65 + +- rpm/constraints.in: raise memory constraints + Build statistics show that most architectures already need more than 2 GB. + Require 4 GB except s390x where the memory usage is much lower and we might + have trouble finding any compliant worker. +- commit 71aefb3 + kernel-firmware +- More update on version 20240201 (git commit 3677750467cb): + * linux-firmware: wilc1000: update WILC1000 firmware to v16.1.2 + * rtl_nic: add firmware for RTL8126A (bsc#1217417) + * qcom: Add Audio firmware for SM8550 HDK + +- Update to version 20240201 (git commit 1b24d7d3379b): + * linux-firmware: intel: Add IPU6 firmware binaries + * ath11k: WCN6855 hw2.0: update to WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.37 + * Revert "amdgpu: DMCUB updates for various AMDGPU ASICs" + * amdgpu: update SMU 13.0.0 firmware + * amdgpu: update PSP 13.0.0 firmware + * amdgpu: update GC 11.0.0 firmware + * brcm: Add brcmfmac43430-sdio.xxx.txt nvram for the Chuwi Hi8 (CWI509) tablet + * amdgpu: DMCUB updates for various AMDGPU ASICs + +- Update to version 20240126 (git commit 8fa621d2f9c1): + * qcom: Add Audio firmware for SM8650 MTP + * linux-firmware: Add firmware for Cirrus CS35L41 on HP Consumer Laptops + * Intel Bluetooth: Make spacing consistent with rest of WHENCE + * amdgpu: update raven2 firmware + * amdgpu: update raven firmware + * amdgpu: update SDMA 5.2.7 firmware + * amdgpu: update PSP 13.0.8 firmware + * amdgpu: update VCN 3.1.2 firmware + * amdgpu: update SDMA 5.2.6 firmware + * amdgpu: update PSP 13.0.5 firmware + * amdgpu: update GC 10.3.6 firmware + * amdgpu: add GC 11.0.1 rlc_1 firmware + * amdgpu: update vega20 firmware + * amdgpu: update VCN 4.0.0 firmware + * amdgpu: update SMU 13.0.0 firmware + * amdgpu: update PSP 13.0.0 firmware + * amdgpu: update GC 11.0.0 firmware + * amdgpu: update vega12 firmware + * amdgpu: update vega10 firmware + * amdgpu: update beige goby firmware + * amdgpu: update picasso firmware + * amdgpu: update dimgrey cavefish firmware + * amdgpu: update vangogh firmware + * amdgpu: update navy flounder firmware + * amdgpu: update green sardine firmware + * amdgpu: update sienna cichlid firmware + * amdgpu: update PSP 13.0.11 firmware + * amdgpu: update GC 11.0.4 firmware + * amdgpu: update VCN 4.0.2 firmware + * amdgpu: update PSP 13.0.4 firmware + * amdgpu: update GC 11.0.1 firmware + * amdgpu: update arcturus firmware + * amdgpu: update navi14 firmware + * amdgpu: add VCN 4.0.3 firmware + * amdgpu: add SDMA 4.4.2 firmware + * amdgpu: add SMU 13.0.6 firmware + * amdgpu: add PSP 13.0.6 firmware + * amdgpu: Add GC 9.4.3 firmware + * amdgpu: update renoir firmware + * amdgpu: update VCN 4.0.4 firmware + * amdgpu: update SMU 13.0.7 firmware + * amdgpu: update PSP 13.0.7 firmware + * amdgpu: update GC 11.0.2 firmware + * amdgpu: update navi12 firmware + * amdgpu: update yellow carp firmware + * amdgpu: update SMU 13.0.10 firmware + * amdgpu: update SDMA 6.0.3 firmware + * amdgpu: update PSP 13.0.10 firmware + * amdgpu: update GC 11.0.3 firmware + * amdgpu: update navi10 firmware + * amdgpu: update aldebaran firmware + * linux-firmware: Update AMD cpu microcode + * RTL8192E: Remove old realtek WiFi firmware +- Update aliases + kexec-tools +- kexec-dont-use-kexec_file_load-on-xen.patch (bsc#1218590) + kimageformats +- Update to 5.114.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.114.0 +- Changes since 5.113.0: + * avif: new quality settings + * Update CI template + * HEIF plug-in extended to support HEJ2 format + +- Update to 5.113.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.113.0 +- No code change since 5.112.0 + +- Update to 5.112.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.112.0 +- No code change since 5.111.0 + +- Update to 5.111.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.111.0 +- Changes since 5.110.0: + * avif: support repetition count + * raw: fix multi image load + * hdr: fix oss-fuzz issue 62197 + * hdr: fix crash (oss-fuzz) + * xcf: fix crash (oss-fuzz issue 62075) + * xcf: fix oss-fuzz issue + +- Update to 5.110.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.110.0 +- Changes since 5.109.0: + * QOI: Advertise write support in the desktop file + * qoi: write support backported from master + * xcf: format v12 support (kf5) + * Support libavif 1.0 + * exr: multiple fixes (kf5) + * Fix missing qoi.desktop + * qoi: fix buffer overflow kf5 + * Renamed qoi.h to qoi_p.h + * Minor improvements + * Add support for the QOI image format + * Set linear color space and round fix +- Drop patch, merged upstream + * 0001-Support-libavif-1.0.patch + +- Add patch to support avif 1.0: + * 0001-Support-libavif-1.0.patch + +- Update to 5.109.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.109.0 +- Changes since 5.108.0: + * psd: Fix UB type punning (kde#471829) + * Treat 3-channel MCH images as CMY images + * Add explicit moc includes to sources for moc-covered headers + +- Update to 5.108.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.108.0 +- Changes since 5.107.0: + * jxl: add support for libjxl v0.9, drop support for old 0.6.1 + * Remove qt6 CI builds + +- Update to 5.107.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.107.0 +- Changes since 5.106.0: + * pcx: multiple fixes (2) + * Avoid unnecessary conversions + * RGB/SGI writer: fix alpha detection and image limit size + * TGA writer: fix alpha detection and performance improvements + * pcx: multiple fixes + * PCX: Fix reading of the extended palette (kde#463951) + +- Update to 5.106.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.106.0 +- Changes since 5.105.0: + * Fix wrong alpha conversion (kde#468288) + +- Update to 5.105.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.105.0 +- Changes since 5.104.0: + * psd: Fix alpha blending (KF5) + +- Update to 5.104.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.104.0 +- No code change since 5.103.0 + +- Update to 5.103.0 + * New feature release + * For more details please see: + * https://kde.org/announcements/frameworks/5/5.103.0 +- Changes since 5.102.0: + * psd: conversion speed improvements (kf5) + * Fix writing TGA alpha depth flag + * HDR support removed from RAW plugin + * heif: reject invalid files with zero size + libavif +- update to 1.0.3: + * Rewrite the fix for memory errors fixed in 1.0.2 + * CVE-2023-6704: Fix use-after-free errors (boo#1218303) + * src/reformat.c: Allocate the threadData array directly + +- update to 1.0.2: + * Update avifCropRectConvertCleanApertureBox() to the revised + requirements in ISO/IEC 23000-22:2019/Amd. 2:2021 Section + 7.3.6.7. + * CVE-2023-6350: Out of bounds memory to alphaItemIndices (boo#1217614) + * CVE-2023-6351: use-after-free in colorProperties (boo#1217615) +- drop fix-gdkpixbuf.patch + +- Update to 1.0.0: + * Incompatible changes: + + The clli member was added to the avifImage struct. + + The repetitionCount member was added to the avifEncoder and avifDecoder + structs. + + The quality and qualityAlpha members were added to the avifEncoder struct. + + Check that functions returning pointers do not return NULL before accessing + those pointers. + + Check the return value of avifEncoderSetCodecSpecificOption(). + + The maxThreads member was added to the avifRGBImage struct. + + Check the return value of avifRGBImageAllocatePixels(), avifRWDataRealloc(), + avifRWDataSet(), avifImageSetProfileICC(), avifImageSetMetadataExif() and + avifImageSetMetadataXMP(). + + The meaning of the keyframeInterval member of avifEncoder struct has changed + slightly. When set to a value of "n", + Before: It forces a keyframe on every nth frame. + After: Any set of "n" consecutive frame will have at least one keyframe + (every nth frame may or may not be a keyframe). + * Added: + + Add clli metadata read and write support + + Add repetitionCount member to avifEncoder and avifDecoder structs to specify + the number of repetitions for animated image sequences. + + Add quality and qualityAlpha to avifEncoder. Note: minQuantizer, + maxQuantizer, minQuantizerAlpha, and maxQuantizerAlpha are deprecated. Code + should be updated to set quality (and qualityAlpha if applicable) and leave + minQuantizer, maxQuantizer, minQuantizerAlpha, and maxQuantizerAlpha + initialized to the default values. + + The --target-size flag in avifenc was added to adapt the quality so that the + output file size is as close to the given number of bytes as possible. + + Add the public API function avifImageIsOpaque() in avif.h. + + Add the public API functions avifImagePlane(), avifImagePlaneRowBytes(), + avifImagePlaneWidth(), and avifImagePlaneHeight() in avif.h. + + Add API for multi-threaded YUV to RGB color conversion. + + Allow lossless 4:0:0 on grayscale input. + + Add avifenc --no-overwrite flag to avoid overwriting output file. + + Add avifenc --clli flag to set clli. + + Add support for all transfer functions when using libsharpyuv. + * Changed: + + Exif and XMP metadata is exported to PNG and JPEG files by default, + except XMP payloads larger than 65502 bytes in JPEG. + + The --grid flag in avifenc can be used for images that are not evenly divided + into cells. + + Change the encoder to write the boxes within the "stbl" box in the order of + stsd, stts, stsc, stsz, stco, stss. + + avifImageRGBToYUV() and avifImageYUVToRGB() handle avifImage bit depths 8, 10, + 12 and now also 16. Files read by apps/shared/ can output 16-bit avifImage + instances. + + avifImageCreate(), avifImageCreateEmpty(), avifEncoderCreate() and other + internal functions now return NULL if a memory allocation failed. + + avifEncoderSetCodecSpecificOption() now returns avifResult instead of void to + report memory allocation failures. +- Add fix-gdkpixbuf.patch. + +- Add BuildRequires pkgconfig(libwebp) to enable libsharpyuv + +- Update to version 0.11.1: + * Changed: + - avifincrtest_helpers: Cast 64-bit offset to size_t + - avifmetadatatest: don't include avif/internal.h + - avifrgbtoyuvtest: skip if no libsharpyuv + - Disable tests that may fail if the codec is not aom (#1176) + +- Remove unused BuildRequires on nasm +- Remove indirect/incorrect Buildrequires on zlib +- add direct glib Buildrequires + +- Update to version 0.11.0: + * There are incompatible ABI changes in this release. The + alphaRange member was removed from the avifImage struct. The + chromaDownsampling and avoidLibYUV members were added to the + avifRGBImage struct. The imageDimensionLimit member was added + to the avifDecoder struct. avifImageCopy() and + avifImageAllocatePlanes() signatures changed. It is necessary + to recompile your code. Also check the return values of + avifImageCopy() and avifImageAllocatePlanes(). + * Added: + - Add man pages for avifenc and avifdec + - Add the avifChannelIndex type alias for enum avifChannelIndex + - Add avifChromaDownsampling enum + - Add chromaDownsampling field to avifRGBImage struct + - Add support for AVIF_RGB_FORMAT_RGB_565 + - Add imageDimensionLimit field to avifDecoder struct + - Add autoTiling field to avifEncoder struct + - Add new avifResult codes AVIF_RESULT_CANNOT_CHANGE_SETTING + and AVIF_RESULT_INCOMPATIBLE_IMAGE + - Add new enum constants AVIF_PIXEL_FORMAT_COUNT and + AVIF_RGB_FORMAT_COUNT + - avifdec: Add --dimension-limit, which specifies the image + dimension limit (width or height) that should be tolerated + - avifenc: Add --sharpyuv, which enables "sharp" RGB to YUV420 + conversion, which reduces artifacts caused by 420 chroma + downsampling. Needs libsharpyuv (part of the libwebp + repository) at compile time. + - avifenc: Add --ignore-exif and --ignore-xmp flags. + - avifenc: Add --autotiling, which sets --tilerowslog2 and + - -tilecolslog2 automatically. + - avifenc: Input Exif orientation is converted to irot/imir by + default. + * Changed: + - Fix memory leaks of metadata on avifenc exit + - Update the handling of 'lsel' and progressive decoding to + AVIF spec v1.1.0 + - Treat an absent lsel and layer_id == 0xFFFF equivalently for + backward compatibility with earlier drafts of AVIF spec + v1.1.0 + - Set libavif's own default value of cfg.rc_end_usage for + libaom + - Set the libaom-specific option -a tune=ssim by default + - Bump cmake_minimum_required from 3.5 to 3.13 + - Fix https://crbug.com/oss-fuzz/48135 + - Use several new libyuv functions in reformat_libyuv.c + - Fix SVT-AV1's issue 1957 related to uninitialized variables + crashing the encoder + - Update aom.cmd: v3.5.0 + - Update rav1e.cmd: v0.5.1 + - Update svt.cmd/svt.sh: v1.2.1 + - Update libgav1.cmd: v0.18.0 + - Update libyuv.cmd: f9fda6e7 (version 1844) + - avifImageCopy() and avifImageAllocatePlanes() now return + avifResult instead of void to report invalid parameters or + memory allocation failures. + - avifImageRGBToYUV() now uses libyuv fast paths by default. It + may slightly change conversion results. The old behavior can + be restored by setting avifRGBImage::chromaDownsampling to + AVIF_CHROMA_DOWNSAMPLING_BEST_QUALITY and + avifRGBImage::avoidLibYUV to AVIF_TRUE. + - avifRGBImage::chromaUpsampling now only applies to + conversions that need upsampling chroma from 4:2:0 or 4:2:2 + and has no impact on the use of libyuv. + - Set avifRGBImage::avoidLibYUV accordingly to control the use + of libyuv. + - avifenc: Set the YUV format to 4:0:0 for grayscale PNGs + - Support updating encoder settings and codec-specific options + during encoding + - Disable AVIF_STRICT_CLAP_VALID and AVIF_STRICT_PIXI_REQUIRED + in the JNI wrapper + - avifdec: Return proper exit code in "info" mode + - In avifenc and avifdec, treat all arguments that start with + '-' as options + - Exif and XMP metadata is imported from PNG and JPEG files. + - avifImageSetMetadataExif() parses the Exif metadata and + converts any Exif orientation found into transformFlags, irot + and imir values. + - Write 'auxi' box for animated images with alpha channel + - Write 'auxv' as handler_type for alpha channel track + - Use PNG_COLOR_TYPE_GRAY for 8-bit grayscale output + - Replace repeated subtraction by modulo in calcGCD + - Change avifImageCreate to take uint32_t instead of int + parameters + - When writing an image sequence, check if it's safe to cast + width and height to uint16_t + - Allow clamped grid cells in avifEncoderAddImageGrid() + * Removed: + - alphaRange field was removed from the avifImage struct. It it + presumed that alpha plane is always full range. + - The avifCodecConfigurationBox struct becomes a private type + for libavif internal use +- Bump lib_soversion global (also in baselibs.conf) to 15 following + upstream change. +- Use ldconfig_scriptlets for post(un) handling. + +- Enable libyuv on TW + +- update to 0.10.1: + * tests/docker/build.sh: Build SVT-AV1 using cmake and ninja directly + * Fix a Visual Studio 2017 compiler warning in src\reformat.c: warning C4204: + nonstandard extension used: non-constant aggregate initializer + * Fix the help message of avifdec: --index takes a value + +- Update to version 0.10.0 + * See https://github.com/AOMediaCodec/libavif/blob/v0.10.0/CHANGELOG.md + for a complete changelog or check the CHANGELOG.md in the doc directory. + +- Disable libaom and use rav1e by default + * As PHP 8.1 has AVIF support, use rav1e by default as it is more + secure being written in Rust. + libcbor +- Merge change from SLE15 SP4 made by pgajdos@suse.com on + Tue Apr 5 14:36:56 UTC 2022: - + libcbor.1 + + libcbor.3 -- Add libcbor-0.5.0-fix-lib.patch to not build shared lib twice - and make package build reproducible (boo#1102408) +- Update to 0.10.1: + * BREAKING: Fix cbor_copy leaking memory and creating invalid items when the allocator fails. + * BREAKING: Improved half-float encoding for denormalized numbers. [#208] + * Make the buffer_size optional in cbor_serialize_alloc [#205] + * Fix a potential memory leak when the allocator fails during array or map decoding [#224] + * Fix a memory leak when the allocator fails when adding chunks to indefinite bytestrings. + * Fix a memory leak when the allocator fails when adding chunks to indefinite strings + * Fix cbor_build_tag illegal memory behavior when the allocator fails + * Add a new cbor_serialized_size API + * Reworked cbor_serialize_alloc to allocate the exact amount of memory necessary upfront + +- Install manual page in the correct man section + +- fix duplicate src package name issue on multibuild + +- update to 0.9.0: + * Improved pkg-config paths handling + * Use explicit math.h linkage + * BREAKING: Fixed handling of items that exceed the host size_t range + * cbor_decode explicitly checks size to avoid overflows (previously broken, + potentially resulting in erroneous decoding on affected systems) +- split docs into multibuild flavor to avoid build cycle via openssh<-> + python-pyOpenSSL <-> python-cryptography + +- Update to version 0.8.0 + * BREAKING: Fix cbor_tag_item not increasing the reference count + on the tagged item reference it returns + * BREAKING: CBOR_DECODER_EBUFFER removed from cbor_decoder_status + + cbor_stream_decode will set CBOR_DECODER_NEDATA instead if the + input buffer is empty + * Fix cbor_stream_decode to set cbor_decoder_result.required to + the minimum number of input bytes necessary to receive the next + callback (as long as at least one byte was passed) + * Fixed several minor manpage issue + +- Update to version 0.7.0 + * Too many changes to list, see included CHANGELOG.md file +- 0.6.0 includes patch by bwiedemann@suse.com to not build shared + lib twice and make package build reproducible (boo#1102408, + gh#PJK/libcbor#72) + +- remove documentation build with doxygen libgcrypt +- add libgcrypt-no-deprecated-grep-alias.patch + +- Update to 1.10.3: + * Bug fixes: + - Fix public key computation for other EdDSA curves. [rC469919751d6e] + - Remove out of core handler diagnostic in FIPS mode. [T6515] + - Check that the digest size is not zero in gcry_pk_sign_md and + gcry_pk_verify_md. [T6539] + - Make store an s-exp with \0 is considered to be binary. [T6747] + - Various constant-time improvements. + * Portability: + - Use getrandom call only when supported by the platform. [T6442] + - Change the default for --with-libtool-modification to never. [T6619] + * Release-info: https://dev.gnupg.org/T6817 + * Remove patch upstream libgcrypt-1.10.0-out-of-core-handler.patch + +- Do not pull revision info from GIT when autoconf is run. This + removes the -unknown suffix after the version number. + * Add libgcrypt-nobetasuffix.patch [bsc#1216334] + libinput +- Update to release 1.25 + * Change how left-handed settings are handled for tablets: If + libwacom does not contain a definition for a tablet yet, + libinput defaults to enabling a left-handed setting. + * Quirks for laptops from Dell, Google, Graviton, HP, HUAWEI, + Lenovo and Razer, gadgets like the RollerMouse Pro3 and virtual + machines like GNOME Boxes, VirtualBox or Virtual Machine + Manager are included. + libmspack -- chmextract.c add anti "../" and leading slash protection to chmextract - (CVE-2018-18586.patch, bsc#1113040) - * cve-2018-18586.patch - -- There is an off-by-one error in the CHM PMGI/PMGL chunk number validity - checks, which could lead to denial of service - (CVE-2018-14679, bsc#1103032) - * libmspack-CVE-2018-14679.patch -- Bad KWAJ file header extensions could cause a one or two byte overwrite - (CVE-2018-14681, bsc#1103032). - * libmspack-CVE-2018-14681.patch -- There is an off-by-one error in the TOLOWER() macro for CHM decompression - (CVE-2018-14682, bsc#1103032). - * libmspack-CVE-2018-14682.patch - -- add libmspack-0.6alpha-CVE-2019-1010305.patch to fix a buffer - overflow in chmd_read_headers(): a CHM file name beginning "::" - but shorter than 33 bytes will lead to reading past the - freshly-allocated name buffer - checks for specific control - filenames didn't take length into account [bsc#1141680] - [CVE-2019-1010305] - -- Enable build-time tests (bsc#1130489) - * Added patch libmspack-failing-tests.patch - -- Added patches: - * libmspack-resize-buffer.patch -- CAB block input buffer is one - byte too small for maximal Quantum block. - * libmspack-fix-bounds-checking.patch -- Fix off-by-one bounds - check on CHM PMGI/PMGL chunk numbers and reject empty filenames. - * libmspack-reject-blank-filenames.patch -- Avoid returning CHM - file entries that are "blank" because they have embedded null - bytes. - * (the last two patches were modified by removing unneeded part - in order to make them more independent) -- Fixed bugs: - * CVE-2018-18584 (bsc#1113038) - * CVE-2018-18585 (bsc#1113039) +- The following bugs and CVEs are not affecting TW: + * CVE-2018-18584 + * CVE-2018-18585 + * CVE-2018-18586 + * CVE-2019-1010305 + * bsc#1113038 + * bsc#1113039 + * bsc#1113040 + * bsc#1130489 + * bsc#1141680 + +- Update to version 0.11: + * see https://github.com/kyz/libmspack/blob/master/libmspack/ChangeLog + for a full changelog + +- Update to version 0.10.1 + * Bugfix release, no functional changes + +- Update to version 0.10: + * Fix Heap buffer overflow in chmd_read_headers() + * Fix memory exhausted in chmd_read_headers() + * Fix memory exhausted in oabd_decompress() + +- Update to version 0.9.1: + * Fix bug in decompressing data to get to the correct folder + offset when the folder is LZX compressed (0.8 regression). + * Build system cleanup + * Testsuite available + * Does not install testing tools and examples by default. +- Rename mspack-tools to mspack-examples to follow upstream change. + +- Update to version 0.8: + * New parameter MSCABD_PARAM_SALVAGE which permits salvaging + badly damaged files rather than rejecting them outright. + * Fix the above 38912-byte Quantum CAB block bug. + * Reject blank CHM filenames that are blank because they have + embedded null bytes. + * chmextract: Protect from absolute/relative pathnames in CHM + files. + +- Update to version 0.7 (bsc#1103032): + * Fix 1 or 2 byte overwrite by bad KWAJ file header extensions + (CVE-2018-14681). + * Fix 1 byte overread by character U+0100 in a CHM filename + (CVE-2018-14682). + * Reject blank CHM filenames (CVE-2018-14680). + * Fix off-by-1 in CHM PMGI/PMGL chunk number validity checks, + which could cause a crash (CVE-2018-14679). libmtp +- updated to 1.1.21 release + Bugs fixed: + - Fix LIBMTP_STORAGE_SORTBY_MAXSPACE not working (copy-paste mistake) + - fix warnings regarding mismatched parameter docs + - fix comment above sort_storage_bysort_storage_by + - Revert "ptp_pack_string: check string length for no iconv situation" + - remove dependency on ptp.h + - fixed paste error vendor/product id + - libusb-glue: check return value of ptp_init_send_memory_handler + - ptp_pack_string: check string length for no iconv situation + - ptp-pack: fix ucs2str overflow + Features: + - add a LIBMTP_FreeMemory function that wraps free() + - added functions to get device by serial number + - added serial number of device to output of 'mtp-files' + - added optional serial number parameter to 'mtp-getfile' + - added optional serial number parameter to 'mtp-delfile' + - feat: Add LIBMTP_Get_Children() to read the list of raw IDs of a folder. + - merge a patch from google https://source.chromium.org/chromiumos/chromiumos/codesearch/+/main:src/third_party/chromiumos-overlay/media-libs/libmtp/files/libmtp-1.1.20-10_remove_nexus_s_from_device_list.patch + - several new devices added, some device renaming for consistency. + +- updated to 1.1.20 release + - again more USB ids added + - some smaller bugfixes + +- updated to 1.1.19 release + - Lots of USB ids added, especially Garmin devices + - use a local libusb context, not the global one + - various bugfixes + +- updated to 1.1.18 release + - new USB ids + - mtp-getfile and mtp-delfile new parameter + - report "error 6" as "busy / blocked by another device" + +- updated to 1.1.17 release + - new USB Ids + - various bugfixes + +- Small packaging cleanup + -- include-config-h.patch: always include "config.h" first - -- updated to 1.1.7 - - Soname libmtp.so.9.2.0 - binary compatible, new interfaces - have been added. - - Compilation fixes for older GCC and non-GCC compilers. - - Finalize >4GB file transfer changes so this works now. - - A new API to check for device capabilities has been added. - - Sync in latest upstream ptp2 changes. - - Support for USB 3.0! (A patch adding async buffering was - reverted after deemed instable by Debian.) - - Some migration toward the new API in the examples. - - Use parent storage if available as default storage media. - - Force reset on close for Android devices. - - Handle integrated USB hubs in mtp-probe. - - Devices, devices, devices... -- mtpz-use-LIBMTP_ERROR-instead-of-LIBMTP_INFO.patch: is upstream -- music-players.h: use up to date 1.1.7 version again. - -- Tell doxygen to stop producing files with timestamps. -- define udev macros only if not already there. - -- music-players.h: Updated to the device database of the current GIT level - to support more MTP devices (bnc#854328) - -- Use LIBMTP_ERROR instead of LIBMTP_INFO function in mtpz_loaddata - (mtpz.c) to dont get junk in the udev rule when generating the rule. - add: mtpz-use-LIBMTP_ERROR-instead-of-LIBMTP_INFO.patch - -- updated to 1.1.6 - - Soname libmtp.so.9.1.0 - binary compatible, new interfaces - have been added. - - Devices, devices, devices... I think I had a hundred (no kidding) - reports for the Nexus 4. It seems hackers just love this device - and cannot wait for me to spin a new libmtp. - - More careful autoprobing code for Linux, running around in - sysfs to try to avoid opening non-MTP devices. The libusb devs - do not uniformly like this idea but what shall I do? People - still want their devices to autodetect. Any hints welcome, - any patches will be reviewed. - - Interface extenstions from Philip Langdale to support the - Android in-place read/write extensions. This will be used by - GVFS for editing files etc, it is actually very useful when - treating the MTP device as a "real" filesystem. It only works - on Android devices with Google's MTP stack, but hey, that is - a fair share of the MTP devices used today. - - Several fixes and memory leaks fixed by Lei Zhang courtesy if - the Chromebook project, thanks Google! - - Windows Phone 8 should work out of the box. -- remove upstream libmtp_motoRazr.patch - -- add support for Motorola Droid Razr M (XT 907) - -- mtp-probe no longer working in factory, wrong udev dir. - -- updated to 1.1.5 - - Soname libmtp.so.9.0.5 - binary compatible - - Stop forcing altinterface 0! That bug has been around like - forever and libgphoto2 never did this. It screws up some - Samsung devices and is the prime reason for releasing this - update so soon after 1.1.4 as I know a lot of people out there - have Samsung devices! - - Integrated Sajid Anwars hard long-term work on MTPZ. There are - no secret keys or certificates inside libmtp, if you need these - to talk to your MTPZ device (Zune models, Windows Phones) you - need to get a file of secrets from some other place, preferably - Microsoft. - - Expose getthumbnail method and the Add Storage events as needed - for a GNOME VFS project by Philip Langdale. - - Rearrange and try to understand some SONY device modes again - and again. - - A udev script fix from Alessio Treglia to avoid poking around - on Canon EOS 3D. - - Devices, devices, devices... -- Add libgrypt buildrequires for MTPZ support - -- updated to 1.1.4 - - various bugfixes, especially in Samsung * - - lots of new ids - -- updated to 1.1.3 - - Soname libmtp.so.9.0.3 - binary compatible. - - Probably nailed the bugs in the Samsung Galaxy Tab S2 family - of devices. Ignacio Martinez helped us fixing this! - - Build fixes by Alessio Treglia and others. - - A horde of new devices in the database. - -- Remove redundant tags/sections per specfile guideline suggestions - -- updated to 1.1.2 - * device updates - * ported to use libusb 1.0 - * Autodetect "sony.net" devices - -- Remove redundant tags/sections (authors list, already in package - as a file); put %description after %package -- Parallel build with %_smp_mflags - -- add support for Galaxy Nexus - -- updated to 1.1.1 - * device updates - -- updated to 1.1.0 - * lots of new devices - * IAD (0xfe class) device detection -- drop HAL FDI snippets -- libmtp8 -> libmtp9 - -- fixed typos in descriptions of libmtp.spec - -- updated to 1.0.6 - * even less aggressive mtp probing (not detecting nearly all - devices as MTP) bnc#668986 - * some more USB ids - -- do not greedily match all PTP cameras in the udev rules. - -- updated to 1.0.4 incremental release - * new ids - * bugfixes - * new udev rules for new udev - -- updated to 1.0.3 incremental release - * some new ids - * some smaller bugfixes -- buildrequre pkg-config - -- updated to intermediate snapshot - * Samsung fixes and new ids - * various small bugfixes - -- updated to 1.0.2 bugfix release - * new ids: Samsung, Archos, Blackberry, ... - * bugfixes - -- updated to 1.0.1 bugfix release - * last patches included - * some more bug flags for devices - -- bugfixes to "fast metadata loading" method - -- upgraded to 1.0.0 release - * More USB ids - * libmtp.so.8.3.0 library interface - * New functions: - LIBMTP_Get_File_To_Handler - LIBMTP_Send_File_From_Handler - LIBMTP_Get_Track_To_Handler - LIBMTP_Send_Track_From_Handler - functions to get/send files/tracks from/to handler functions. - External handling of individual properties: - LIBMTP_Is_Property_Supported to check if a certain property is - supported on a certain device. - LIBMTP_Get_Allowed_Property_Values to get alowed range/enum of a - property value. - LIBMTP_Get_Representative_Sample_Format will now get the size - parameter to allow us to determine the maximum size for a - representative sample. - * Added modificationdate to file and track structs. - * Added LIBMTP_FILETYPE_ALBUM and LIBMTP_FILETYPE_PLAYLIST filetypes. - * Numerous Windows portability fixes. - * Marcus Meissner rewrote the PTP object handling and metadata caching - functions from libgphoto2 and fixed up the ugly largefile handling. - * Various minor bug fixes. - -- upgraded to 0.3.7 - * compatible library interface libmtp.8.2.2 - * stores albums and playlists in the default - music folder if no default folder for albums resp. - playlists has been detected. - * an error report from RedHat BZ - http://bugzilla.redhat.com/show_bug.cgi?id=485627 - led to strange code for detecting anonymous OGG files - being rewritten to handle NULL filenames and filenames - that do not exceed 4 chars. - * patch from Marcus to fix an issue - with retransmit originally reported by Florent Pillet. - * discovered a new device that cannot even - read out battery level but still claims to be able to. -- upgraded to 0.3.6 - * Compatible API libmtp.so.8.2.1 - * Several bug fixes to the examples - * Improved Windows and *BSD support - * Proper device flags to handle Toshiba players (hopefully) - * New devices and flag settings - * Nothing new from a programmers point of view -- upgraded to 0.3.5 - * Bumped soname to libmtp.so.8.2.0 - - Only interface change: - * Change metadata const*const to *const to allow playlist_id to be - modified by LIBMTP_Update_Playlist. Shouldn't affect any code out - there really. - - New features and bugfixes: - * Allow for playlists with zero tracks on them (also in update). - * Get folders to a flat list and we get O(n) searching instead of - the previous O(n^2) algorithm! The rest is janitorial changes. - libnvme +- Update to version 1.8+0.gbff7dda: + * linux: Explicitly initialize auto-cleanup variables + * example: fix mi identify failed with error cntid + * tree: do not issue an error when subsys lookup fails during scanning + * types: Add controller properties CMBEBS, CMBSWTP and NSSD + * tests: Add sample NBFT table from Dell PowerEdge R660 + * tests: Add sample NBFT table from Dell PowerEdge R760 + * tests: Fix diffs output for duplicate HFI entries + * nbft: avoid duplicate entries in ssns->hfis + * nbft: Fix (struct nbft_info_subsystem_ns).num_hfis off-by-one + * test: read and dump sysfs tar file + * nvme: allow to overwrite hostnqn and hostid + * nvme: allow to overwrite base sysfs path + * json: dump the output to the user selected filedescriptor + * libnvme: export nvme_dump_tree + * fabrics: add 'concat' option + * mi: set correct rc and errno when crc mismatch + * tree: use logical block size for lba + * json-schema: add keyring and tls_key details (bsc#1219086) + * build: checkout full repo for checkpatch + * linux: avoid segfault in check-tls-key due to null hostnqn/subsysnqn (bsc#1219086) + * meson.build: fixup 'join' syntax + * util: Explicitly initialize auto-cleanup variables + * tree: Explicitly initialize auto-cleanup variables + * linux: Explicitly initialize auto-cleanup variables + * fabrics: Explicitly initialize auto-cleanup variables + * util: Added function to find specific UUID in UUID list. + * build: fix release python tag match +- Disable new unit test which is not running stable in OSB + * add 0001-build-disable-sysfs-test.patch + +- Update to version 1.7.1+0.g13ba383: + * tree: do no free ns on error in nvme_ns_init + +- Update to version 1.7+0.gf38b1d7: + * tree: do not open blk device on default + * tree: read all attributes from sysfs when available + * ioctl: set data length when retrieving LBA status + * types: fix regression for vendor-specific field in nvme_id_ns + * util: use cleanup functions + * linux: use cleanup functions + * json: use cleanup functions + * fabrics: use cleanup functions + * tree: use cleanup functions + * cleanup: add cleanup functions + * tree: fix incorrect return value + * tree: Fix clearing application strings + * libnvme: reshuffle nvme_generate_tls_key_identity() + * libnvme: fixup error codes + * libnvme: Implement 'nvme_generate_tls_key_identity()' + * libnvme: support NVMe TLS identities version 1 (bsc#1219086) + * libnvme: Add base64 functions + * libnvme: separate out 'gen_tls_identity' and reshuffle 'derive_nvme_keys' + * libnvme: separate out a function 'select_hmac' + * libnvme: fix a memory leak when calling read_ssns() + * libnvme: fix a memory leak in read_discovery() + * fabrics: avoid redundant args in nvme_discovery_log() + * fabrics: have nvmf_get_discovery_log() call nvmf_get_discovery_wargs() + * fabrics: fetch smaller Discovery Log Page header + * fabrics: avoid redundant Get Log Page on retry + * fabrics: clear RAE for discovery log page commands + * json-schema: add keyring and tls_key details (bsc#1219086) + * types: add Host Behavior Support field definitions + * mi: Cast values to u32 if shift overflows int + * types: Cast values to u32 if shift overflows int + * test: Avoid unaligned pointer dereferences + * nbft: Avoid unaligned pointer dereferences + * types: add cross-namespace copy formats, status codes, ONCS bits + * nvme: Add length field to Hkdf-Expand-Label computation + * ioctl: use lsp arg in nvme_get_log_boot_partition + * fabrics: use SECTYPE to determine whether to use TLS (bsc#1219086) + * fabrics: Allocate aligned payloads for id_ctrl and discovery log calls + * linux: Allocate aligned payloads for id_ctrl and id_ns calls + * ioctl: MSB variable-size storage/reference tags + libpng16 -- security update -- added patches - CVE-2019-7317 [bsc#1124211] - + libpng16-CVE-2019-7317.patch +- Update to version 1.6.40: + * Fixed the eXIf chunk multiplicity checks. + * Fixed a memory leak in pCAL processing. + * Corrected the validity report about tRNS inside png_get_valid(). + * Fixed various build issues on *BSD, Mac and Windows. + * Updated the configurations and the scripts for continuous integration. + * Cleaned up the code, the build scripts, and the documentation. + +- do not use NEON instructions [bsc#1211176] + +- Fix license tag to libpng-2.0. + +- Fix build: some*.la files are symlinks. Adjust spec to use + find -type f,l + +- switch to pkgconfig(zlib) to allow alternative providers as well +- build with glibc hwcaps optimized libs + +- Update to version 1.6.39: + * cmake: Default to PNG_ARM_NEON=off for arm targets. + + Turn large PNG chunks into benign errors. + + Update, rename and clean up various scripts. + + tools: Fix a buffer overflow involving a file name in pngfix. + + tools: Fix a memory leak in pngcp. + +- update to 1.6.38: + * Added configurations and scripts for continuous integration. + * Fixed various errors in the handling of tRNS, hIST and eXIf. + * Implemented many stability improvements across all platforms. + * Updated the internal documentation. + +- switch source url to https + +- install rpm macros in %{_rpmmacrodir} [bsc#1185661] +- call spec-cleaner + +- enable hardware optimizations (such as SSE) + +- make check actually works under asan + +- version update to 1.6.37 + Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free. + Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette. + Fixed a memory leak in pngtest.c. + Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in + contrib/pngminus; refactor. + Changed the license of contrib/pngminus to MIT; refresh makefile and docs. + (Contributed by Willem van Schaik) + Added makefiles for AddressSanitizer-enabled builds. +- deleted patches + - libpng-arm-free.patch (upstreamed) +- fixes [bsc#1121624] CVE-2019-6129 and [bsc#1124211] CVE-2019-7317 + +- fix arm build [bsc#1121829] + + libpng-arm-free.patch -- usecase example: [bsc#1121624] + +- update to 1.6.36: + Replaced the remaining uses of png_size_t with size_t (Cosmin) + Fixed the calculation of row_factor in png_check_chunk_length + (reported by Thuan Pham in SourceForge issue #278) + Added missing parentheses to a macro definition + (suggested by "irwir" in GitHub issue #216) + Optimized png_do_expand_palette for ARM processors. + Improved performance by around 10-22% on a recent ARM Chromebook. + (Contributed by Richard Townsend, ARM Holdings) + Fixed manipulation of machine-specific optimization options. + (Contributed by Vicki Pfau) + Used memcpy instead of manual pointer arithmetic on Intel SSE2. + (Contributed by Samuel Williams) + Fixed build errors with MSVC on ARM64. + (Contributed by Zhijie Liang) + Fixed detection of libm in CMakeLists. + (Contributed by Cameron Cawley) + Fixed incorrect creation of pkg-config file in CMakeLists. + (Contributed by Kyle Bentley) + Fixed the CMake build on Windows MSYS by avoiding symlinks. + Fixed a build warning on OpenBSD. + (Contributed by Theo Buehler) + Fixed various typos in comments. + (Contributed by "luz.paz") + Raised the minimum required CMake version from 3.0.2 to 3.1. + Removed yet more of the vestigial support for pre-ANSI C compilers. + Removed ancient makefiles for ancient systems that have been broken + across all previous libpng-1.6.x versions. + Removed the Y2K compliance statement and the export control + information. + Applied various code style and documentation fixes. +- removed patches + * libpng16-CVE-2018-13785.patch (upstreamed) +- cannot find upstream tarball signature, asked upstream for + clarification +- %{libname} package provides libpng = %{version} again + [bsc#1079342] + libpwquality +- add: prereq "pam-config" in baselibs.conf + * post scriptlet in pam_pwquality-32bit runs: pam-config + librsvg +- Update to version 2.57.1: + + Fix small-caps and bump the version of Pango required to 1.50.0. + + Fix panic when using negative scaling transforms on the + toplevel. + + Support "var(--foo, #aabbcc)" just for colors. This is the + minimum required to render color SVG emoji fonts that provide + color fallbacks, but it is not yet full support for CSS var(). + + Fix the VS2017 build. + + Update cairo-rs. + + Update the project metadata files. + libsecret +- Update to version 0.21.2: + + Support GnuTLS as an alternative crypto backend. + + Fix LeakSanitizer issues. + + secret-tool: Verify that the parsed stdin password is vaild + UTF-8. + + Fix markup syntax for SecretSchema. + + Public secret_attributes_validate method. + + Updated translations. + +- Use %patch -p N instead of deprecated %patchN. + libsolv +- build for multiple python versions [jsc#PED-6218] +- bump version to 0.7.28 + libsoup +- Update to version 3.4.4: + + Improve HTTP/2 performance when a lot of buffering happens + + Support building libnghttp2 as a subproject + +- Update to version 3.4.3: + + Fix incorrect UTF-8 encoding for params in headers + + Numerous HTTP/2 fixes and improvements + + Fix possible crashes in connection management + + Fix small leak in SoupServer + + Fix the possibility of empty HTTP/2 frames being sent + +- Update to version 3.4.2: + + Revert changes to request cancellation. + +- Update to version 3.4.1: + + Fix HTTP/2 on platforms with unsigned char. + + Change request cancellation to be handled earlier. + + Add names to GSources and source tags to GTasks to aid + debugging. +- Run meson_test macro for all arches. + +- Update to version 3.4.0: + + Fix possible crash in SoupContentSniffer. + + Fix socket leak. + + Add missing annotation to + soup_header_g_string_append_param_quoted(). + +- Update to version 3.3.1: + + Fix regression in `SoupCookieJar` not handling valid Secure + cookies. + + Fix crash when skipping HTTP/1 response stream with chunked + enconding. + + Change Session to unqueue finished items earlier without an + extra MainContext iteration. + +- Update to version 3.3.0: + + Add `SoupMessage::got-body-data` signal to monitor progress of + reads + + Add `soup_session_send_and_splice()` and + `soup_session_send_and_splice_async()` convenience APIs + + Add `soup_message_set_force_http1()` and + `soup_message_get_force_http1()` APIs + + Change `soup_cookie_copy()` to not retain default ports + + Ensure `SoupServerMessage` socket is available in websocket + handler + + Fix `soup_message_new()` not erroring when URI has an empty + host + + Fix thread-saftey issues in `SoupConnectionAuth` + + Fix various connection leaks + + Fix the possibility of sending invalid empty + `Sec-WebSocket-Protocol` header + + Fix IO errors not being handled on `CONNECT` messages + + Numerous improvements to cookies: + - Add support for cookie prefixes (`__Secure-` and `__Host-`) + - Reject cookies with control characters in name or value + - Reject `SameSite=None` cookies without `Secure` + - Change `soup_cookie_parse()` to be more strict about what is + considered whitespace + - Change default SameSite value to `Lax` + - Fix `soup_cookie_equal()` with `NULL` path + +- Update to version 3.2.2: + + Various HTTP/2 Fixes: + - Fix `content-sniffed` not being emitted for resources without + content. + - Fix leak of SoupServerConnection when stolen. +- Enable tests on 32-bit again, fixed upstream. + +- Update to version 3.2.1: + + When built against nghttp2 1.50.0+ be relaxed about header + whitespace. + + Fix possible crash when cancelling an HTTP/2 message. + + Fix regresion where soup_server_message_get_socket() could + return NULL. + + Fix minor memory leak. +- Disable tests on 32-bit while waiting for + https://gitlab.gnome.org/GNOME/libsoup/-/issues/309 + +- Update to version 3.2.0: + + No changes, stable bump only. + +- Update to version 3.1.4: + + Numerous improvements to HTTP/2 reliablity. + + Fix `http` proxy authentication with default proxy resolver. + + Fix undefined ``ssize_t`` with MSVC. + +- Update to version 3.1.3: + + Fix compile error when `SOUP_VERSION_MAX_ALLOWED` is defined. +- Changes from version 3.1.2: + + Replace HTTP/2 tests using Quart with internal HTTP/2 server + tests. + + Improve version macros including adding ability to define + `SOUP_DISABLE_DEPRECATION_WARNINGS`. +- Drop -D http2_tests=disabled meson paramter: no longer supported. +- Drop 299.patch: merged upstream. + +- Update to version 3.1.1: + + Reintroduce some thread-safety to SoupSession (see + https://libsoup.org/libsoup-3.0/client-thread-safety.html) + + Add SoupServerMessage:tls-peer-certificate and + SoupServerMessage:tls-peer-certificate-errors + + Port docs to gi-docgen + + Update documentation. +- Replace pkgconfig(gtk-doc) with pkgconfig(gi-docgen) + BuildRequires (and update options passed to meson) following + upstreams port. +- Add 299.patch: multithread-test: show error information in case + of request failure. multithread-test: skip proxy tests if apache + is not available. +- Use ldconfig_scriptlets for post(un) handling. + +- Update to version 3.0.8: + + Fix `http` proxy authentication with default proxy resolver. + + Numerous improvments to HTTP/2 reliability. + +- Update to version 3.0.7: + + Fix leak in SoupAuthNTLM. + + Fix constructing SoupAuthNTLM objects. + + Disable mutual negotiation in SoupAuthNegotiate. + + http2: + - Do not advertise the `h2` protocool for proxy connections. + - Remove left-over headers when HTTP/1 redirects to HTTP/2. + - Handle HTTP_1_1_REQUIRED error. + - Read request bodies synchronously for sync requests. + - Properly handle server sending shut down GOAWAY. + + tests: + - Remove dependency on Apache's PHP module. + - Depend upon Apache's http2 module. + +- Update to version 3.0.6: + + Misc HTTP/2 fixes. + + Add PUT/POST support to examples/get. + + Add `--user-agent` option to examples/get. + + Misc meson improvements. + + Fix build with Visual Studio. + +- Update to version 3.0.5: + + Misc HTTP/2 fixes. + + Fix missing files for installed-tests. + + Fix SoupServer not properly handling invalid percent encoded + paths. + + Fix other areas not properly handling invalid percent encoded + paths. + + Fix SoupLogger:max-body-size of 0 meaning log nothing. + libsoup2 +- Add ced3c5d8.patch: Fix build with libxml2-2.12.0 and clang-17. + libssh2_org +- Always add the KEX pseudo-methods "ext-info-c" and "kex-strict-c-v00@openssh.com" + when configuring custom method list. [bsc#1218971, CVE-2023-48795] + * The strict-kex extension is announced in the list of available + KEX methods. However, when the default KEX method list is modified + or replaced, the extension is not added back automatically. + * Add libssh2_org-CVE-2023-48795-ext.patch + libstorage-ng +- merge gh#openSUSE/libstorage-ng#985 +- log locale +- 4.5.188 + +- merge gh#openSUSE/libstorage-ng#984 +- log some languange environmant variables +- log some language environment variables +- 4.5.187 + +- Translated using Weblate (Georgian) (bsc#1149754) +- 4.5.186 + +- Translated using Weblate (Swedish) (bsc#1149754) +- 4.5.185 + +- Translated using Weblate (Czech) (bsc#1149754) +- 4.5.184 + +- Translated using Weblate (Slovak) (bsc#1149754) +- 4.5.183 + +- merge gh#openSUSE/libstorage-ng#983 +- fixed typo +- 4.5.182 + +- Translated using Weblate (Dutch) (bsc#1149754) +- 4.5.181 + +- Translated using Weblate (Japanese) (bsc#1149754) + +- Translated using Weblate (Catalan) (bsc#1149754) + +- merge gh#openSUSE/libstorage-ng#982 +- updated pot and po files +- 4.5.180 + +- Translated using Weblate (Georgian) (bsc#1149754) +- 4.5.179 + +- merge gh#openSUSE/libstorage-ng#981 +- fix reusing volume group name (bsc#1219266) +- 4.5.178 + +- merge gh#openSUSE/libstorage-ng#980 +- added experimental support for bcachefs +- 4.5.177 + +- Translated using Weblate (Swedish) (bsc#1149754) +- 4.5.176 + +- Translated using Weblate (Indonesian) (bsc#1149754) +- 4.5.175 + +- merge gh#openSUSE/libstorage-ng#979 +- allow to get Arch object from SystemInfo +- make testcase more robust +- coding style +- 4.5.174 + +- Translated using Weblate (Russian) (bsc#1149754) +- 4.5.173 + +- merge gh#openSUSE/libstorage-ng#978 +- added get_linux_partition_id() taking Arch parameter +- make git ignore javascript in generated documentation +- coding style +- cleanup +- 4.5.172 + +- merge gh#openSUSE/libstorage-ng#977 +- provide light_probe function with SystemInfo parameter +- 4.5.171 + +- merge gh#openSUSE/libstorage-ng#976 +- make more use of new SystemCmd interface +- use in-class member initialization +- inhibit colored output from udevadm +- fixed typos +- 4.5.170 + +- merge gh#openSUSE/libstorage-ng#975 +- reduce number of udevadm settle calls during probing +- use in-class member initialization +- proved probe function taking SystemInfo as an additional argument +- fixed typos +- moved code +- 4.5.169 + +- Translated using Weblate (Slovak) (bsc#1149754) +- 4.5.168 + +- Translated using Weblate (Dutch) (bsc#1149754) + +- Translated using Weblate (Japanese) (bsc#1149754) + +- Translated using Weblate (Czech) (bsc#1149754) + +- Translated using Weblate (Catalan) (bsc#1149754) + +- merge gh#openSUSE/libstorage-ng#974 +- updated pot and po files +- 4.5.167 + +- merge gh#openSUSE/libstorage-ng#973 +- fixed typos +- 4.5.166 + +- merge gh#openSUSE/libstorage-ng#972 +- added note about nvme json output +- 4.5.165 + +- merge gh#openSUSE/libstorage-ng#971 +- adapted to changed nvme json output (bsc#1218306) +- 4.5.164 + +- merge gh#openSUSE/libstorage-ng#970 +- consistent (and original) naming of bcache operations +- coding style +- improved logging +- updated integration tests +- fixed typo +- 4.5.163 + +- merge gh#openSUSE/libstorage-ng#969 +- factor out common code +- 4.5.162 + libxml2 +- Security fix (CVE-2024-25062, bsc#1219576) use-after-free in XMLReader + * Added libxml2-CVE-2024-25062.patch + libzypp +- tui: allow to access the underlying ostream of out::Info. +- Add MLSep: Helper to produce not-NL-terminated multi line + output. +- version 17.31.31 (22) + +- applydeltaprm: Create target directory if it does not exist + (bsc#1219442) +- Add ProblemSolution::skipsPatchesOnly (for openSUSE/zypper#514) +- Fix problems with EINTR in ExternalDataSource::getline (fixes + bsc#1215698) +- version 17.31.30 (22) + +- CheckAccessDeleted: fix running_in_container detection + (bsc#1218782) +- Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime + (bsc#1218831) +- Make Wakeup class EINTR safe. +- Add a way to cancel media operations on shutdown + (openSUSE/zypper#522) + This patch adds a mechanism to signal libzypp that a shutdown was + requested, usually when CTRL+C was pressed by the user. Currently + only the media backend will utilize this, but can be extended to + all code paths that use g_poll() to wait for events. +- Manually poll fds for curl in MediaCurl. + Using curl_easy_perform does not give us the required control on + when we want to cancel a download. Switching to the MultiCurl + implementation with a external poll() event loop will give us + much more freedom and helps us to improve our Ctrl+C handling. +- Move reusable curl poll code to curlhelper.h. +- version 17.31.29 (22) + +- Fix to build with libxml 2.12.x (fixes #505) +- version 17.31.28 (22) + mozilla-nss +- update to NSS 3.90.2 + * bmo#1780432 - (CVE-2023-5388) Timing attack against RSA + decryption in TLS. (bsc#1216198) + * bmo#1867408 - add a defensive check for large ssl_DefSend + return values. + multipath-tools -- Update to version 0.9.7+77+suse.8a169ba: +- Update to version 0.9.8~1+82+suse.dcd98a3: + * Adapt package version such that it shows as a 0.9.8 prerelease + * Add missing udev rules file + +- Update to version 0.9.7+148+suse.9780ae0: + * 11-dm-mpath.rules: Fix quoting mistake (bsc#1219142) + +- Update to version 0.9.7+148+suse.7d9953e.obscpio + * This is a multipath-tools 0.9.8 pre-release + * fix fast_io_fail for Infinibox (bsc#1219348) + * Fix activation of LVM volume groups during coldplug (bsc#1219142) + +- Update to version 0.9.7+140+suse.2d78457: + * This is a multipath-tools 0.9.8 pre-release + * Socket activation via multipathd.socket has been disabled by default + because it has undesirable side effects on systems without multipath. + Users with multipath hardware should enable multipathd.service + * The restorequeueing CLI command now only enables queueing if + disablequeueing had been sent before + * Avoid multipathd hang during map flush + * multipathd now tracks the queueing mode of maps in its internal features string + * Improve error messages in 'multipathd -k' + * Fix segfault in autoresize code (bsc#1219289) + * Fix missing map reloads (bsc#1219796) + * Documentation fixes, spelling fixes, minor code fixes + +- Update to version 0.9.7+93+suse.e2f2272: + * avoid setting queue_if_no_path on multipath maps for which the + no_path_retry timeout has expired + * the interactive commands "restorequeueing map X" and + "restorequeing maps" now only affect maps that had queueing + manually disabled using "disablequeuing maps" or + "disablequeuing map X" beforehand + * Spelling fixes netpbm +- added patches + fix CVE-2017-5849 [bsc#1022790], CVE-2017-5849 [bsc#1022791] + + netpbm-use-byrow-when-needed.patch + nvme-cli +- Update to version 2.8: + * nvme-print-json: append array object in json_support_log + * sed: Add plugin for basic SED Opal operations (jsc#PED-5061) + * don't include newlines in already wrapped text + * nvme: do not include meta data for PRACT=1 and MD=8 (version 2) + * create-ns: align the namespaces to 1Mib boundaries when using SI suffixes + * doc: Fix config-schema.json's URL + * plugins/solidigm: Compressing vs-internal-log log files into zip file. + * nbft: do not issue an error if ACPI tables are missing + * nbft: fixup include for libnvme + * doc: Fix short option name for cfg-file + * completions: added Solidigm plugin to autocomplete scripts + * nvme: Remove unused cfg argument from NVME_ARGS() macro + * nvme: fix directive receive identify offsets + * nvme-fabrics: enable option 'concat' + * build: Update libnvme wrap + * plugins/wdc: Add Debug Log Collection Support + * nbft: fix tcp/dhcp address fallback retry (bsc#1218873) + * nvme: use correct telemetry log size + * nvme-print: fix typo in list verbose output (bsc#1219086) + * nvme: print inserted tls key for check-tls-key (bsc#1219086) + * plugins/wdc: Plugin fixes and updates + * fabrics: move hostid/hostnqn warnings to verbose level (bsc#1219086) + +- Update to version 2.7.1: + * nvme-print-json: Revert field name changes (bsc#1218306) + +- Update to version 2.7: + * nvme-print-json: include vs for identify namespace + * nvme-print-stdout: enhance connect message (bsc#1219086) + * fabrics: fix connect error if hostid file does not exist (bsc#1219086) + * fabrics: fix invalid output format error during nvme connect (bsc#1219086) + * wdc: Fix vs-smart-add-log Command for SN650 and SN655 + * nvme: restric hmac options for gen-tls-key (bsc#1219086) + * wdc: Fix UUID index fallback mechanism + * plugins/ocp: Add OCP Telemetry String log page, Telemetry log page + * completions: Add bash completions for telemetry string log page + * plugins/solidigm: Added OCP 2.0 compatibility version command + * plugins/solidigm: Added OCP 2.0 vs-drive-info command. + * plugins/ocp: Fix printing order of various Latency Monitor Log buckets + * nvme: validate output format split status from flag return value + * nvme: simplify cleanup_nvme_dev() + * cleanup: remove unused cleanup_charp() + * wdc: Add support for SN861 2nd pci device id + * nvme: replace libhugetlbfs with mmap and madvise + * util/mem: move alloc helper to util section + * nvme: auto cleanup filedescriptors + * nvme: auto cleanup buffers + * nvme: return error code in get_persistent_event_log + * nvme: sanitize nvme-gen-tls-key + * nvme: print out the resulting TLS identity for 'nvme check-tls-key' + * nvme: Add version '1' identifier for nvme-gen-tls-key + * subprojects/libnvme: update wrapper for TP8018 + * plugins/solidigm: Added re_sku_count smart atrribute + * doc: Fix nvme-connect manpage --application option string + * plugins/ocp: changed command clear-pcie-correctable-error-counters to match OCP 2.0 spec. + * plugins/solidigm: Added command to clear PCIe Correctable Error Counters according to OCP 2.0 + * plugins/ocp: Reorganized clear feature code for better reuse + * nvme: fixup length calculation for 'nvme gen-tls-key --secret' + * doc: remove invalid hostkey info for --dhchap-secret + * nvme-print-json: use human helper everywhere + * nvme-print-json: remove obj_print helper + * plugins/ocp: update nvme_show_select_result call + * mailmap: only show contributer's name + * nvme-print-json: Change to report status and message in array + * nvme-print-json: Change to report feature select in array + * nvme-print-json: Change to report error and data in array + * nvme-print-json: Add show_init/finish calls to report features in array + * nvme-print: Add nvme_show_error_status() to merge error message and status + * nvme-print-json: Use r instead of root and use obj_add_***(r, ..., ...) + * nvme-print-json: Delete static const char string global variables + * nvme-print-json: Add remaining controller registers readable format + * nvme-print-json: Add readable format cap, vs, cc, csts, nssr and crto registers + * nvme-print-json: Combine duplicated json key and val string variables + * nvme-print-json: Replase json_array_add_value_string() to array_add_str() + * nvme-print-json: Replase json_object_add_value_uint128() to obj/root_add_uint128() + * nvme-print-json: Replase json_object_add_value_object() to obj/root_add_obj() + * nvme-print-json: Replase json_array_add_value_object() to array_add_obj() + * nvme-print-json: Replase json_object_add_value_array() to obj/root_add_array() + * nvme-print-json: Replase json_object_add_value_uint() to obj/root_add_uint() + * nvme-print-json: Replase json_object_add_value_int() to obj/root_add_int() + * nvme-print-json: Replase json_object_add_value_uint64() to obj/root_add_uint64() + * nvme-print-json: Replase json_object_add_value_string() to obj/root_add_str() + * nvme-print-json: Update feature_show_fields_*** to use root/obj_add_***() + * nvme-print-json: Update lba_status_log to use root_add_***() and obj_add_***() + * nvme-print-json: Replace lba_status_log printf() to root_add_result() + * nvme-print-json: Add list_item print function + * nvme-print-json: Add lba_status_info print function + * nvme-print-json: Add lba_range print function + * nvme-print-json: Add id_ctrl_rpmbs print function + * nvme-print-json: Unify json_list and jroot object names to root + * nvme-print-json: Add json_zns_changed print function + * nvme-print-json: Add root_add_result() to output result message + * nvme-print-json: Split persistent_event_log print function + * nvme-print-json: Remove unnecessary string newline code + * nvme-print-json: Replace effects_log_list print to use json_print() + * nvme-print-json: Print persistent_event_log no log data result correctly + * nvme-print-json: Add static "result" and "erorr" strings variables + * nvme-print-json: Add single_property printf function + * nvme: Replace get feature command stderr output to nvme_show_error() + * nvme-print-json: Change d() output to use d_json() + * nvme: Fix get-feature command mixed stdout and json outputs + * nvme-print-json: Add remaining feature fields print functions + * nvme-print-json: Update formatting and codying style + * build: Add -std=c99 to CFLAGS for muon on CentOS 7 + * fabrics: add udev rule to avoid renaming nbft interfaces + * fabrics: autoconnect: add service unit for connecting NBFT subsystems + * fabrics: autoconnect: explicitly express module dependency + * Updates to codeql config + * libnvme-wrap: exit on VOID_FN lookup failure + * plugins/ocp:Added the ocp C6h feature api + * plugin/ocp_fid_c6h:Added the ocp C6h feature api + * nvme-copy: support cross-namespace copy + * nvme/plugins: fix mismatch operator + * nvme: fix overflow possiblity + * nvme: reduce identify cmd issue + * nvme: allow set-features to take input from stdin + * Fix common misspellings from codespell project + * nvme-print: Correct to print correct ascii character string length + * print-stdout: print Host Behavior Support correctly + * build: Bump libnvme wrap + * plugins/solidigm: Added support for temperature statistics log page + * Add support for codeql sweeps + * doc: Add virt-mgmt command + * doc: Add id-uuid command + * doc: Add list-secondary command + * doc: Add id-ns-granularity command + * doc: Add nvme commands --output-format and --verbose options + * completions: Add nvme-mi-recv nad nvme-mi-send commands completions + * completions: Change short option -o and -v duplicated to upper case + * doc: Change short option -o and -v duplicated to upper case + * nvme: Change short option -o and -v duplicated to upper case + * nvme: Change phy-rx-eom-log command to use NVME_ARGS instead + * plugins/memblaze: Add smart-log-add and latency-feature functions + * plugins/solidigm: internal-logs Telemetry auto detect last data area. + * nvme: Change to use NVME_FLBAS_META_EXT() macro to check flbas value + * nvme-print-json: Add host memory buffer and timestamp features print functions + * nvme-print-json: Add feature fields print functions + * nvme-print-json: Add TMPTH feature print function + * nvme-print-json: Add show_feature_fields print function + * nvme-print-json: Add select_result print function + * nvme-print-json: Use json_print to print and free object + * nvme-print-json: Add lba_status print function + * nvme-print-json: Combine variable definition and setting value + * nvme-print-json: Add id_iocs print function + * nvme-print-stdout: Fix coding style errors + * nvme-print-json: Add directive print function + * nvme: Fixed segmentation fault when getting host initiated telemetry + * plugins/wdc: enhanced SN861 device support + * plugins/wdc: cleanup line lengths + * nvme: do not include meta data for PRACT=1 and MD=8 + * nvme: use block-count arg if provided + * build: bump libnvme to disable tests option + * build: Add static build on CI target + * nvme-print: Add nvme_zns_start_zone_list() API function + * nvme-print: Add nvme_zns_finish_zone_list() API function + * nvme-print-binary: Set list function to NULL if unimplemented + * nvme-print-json: Change order list functions and set NULL if unimplemented + * nvme-print-stdout: Fix to set stdout_list_item print function missed + * plugins/solidigm: log page name extraction using nvme_log_to_string function + * nvme-print: Added missing logpage names in nvme_log_to_string function + * udev-rules: rename netapp udev rule (bsc#1219086) + * udev-rules: set ctrl_loss_tmo to -1 for ONTAP NVMe/TCP (bsc#1219086) +- Remove upstreamed patches + * remove 0001-fabrics-autoconnect-add-service-unit-for-connecting-.patch + * remove 0002-fabrics-add-udev-rule-to-avoid-renaming-nbft-interfa.patch +- Update spec file + * remove libhugetblfs depedency + * update NetApp udev rule file name + - * udev-rule: apply round-robin iopolicy on i/o subsystems alone + * udev-rule: apply round-robin iopolicy on i/o subsystems alone (bsc#1215994) (bsc#1219086) - * fabrics: For TCP/RDMA, compare IP addresses with nvme_ipaddrs_eq() - * fabrics: lookup_discovery_ctrl() must look under host and not root + * fabrics: For TCP/RDMA, compare IP addresses with nvme_ipaddrs_eq() (bsc#1213768) + * fabrics: lookup_discovery_ctrl() must look under host and not root (bsc#1213768) - * fabrics: only look for matching ctrl on same host + * fabrics: only look for matching ctrl on same host (bsc#1213768) openssh +- Added openssh-cve-2023-51385.patch (bsc#1218215, CVE-2023-51385). + This limits the use of shell metacharacters in host- and + user names. + openssl-1_1 +- Security fix: [bsc#1219243, CVE-2024-0727] + * Add NULL checks where ContentInfo data can be NULL + * Add openssl-CVE-2024-0727.patch + +- Remove "Provides: openssl(cli)" because the executable has been renamed + to openssl-1_1. + +- Because OpenSSL 1.1.1 is no longer default, let's rename engine + directories to contain version of OpenSSL and let unversioned for + the default OpenSSL. [bsc#1194187, bsc#1207472, bsc#1218933] + * /etc/ssl/engines.d -> /etc/ssl/engines1.1.d + * /etc/ssl/engdef.d -> /etc/ssl/engdef1.1.d + * Update patches: + - openssl-1_1-ossl-sli-002-ran-make-update.patch + - openssl-1_1-use-include-directive.patch + +- Set OpenSSL 3.0 as the default openssl [jsc#PED-6570] + * For compatibility with OpenSSL 3.0, the OpenSSL master + configuration file openssl.cnf has been renamed to + openssl-1_1.cnf. The executables openssl, c_rehash, CA.pl and + tsget.pl have been also renamed to openssl-1_1, c_rehash-1_1, + CA-1_1.pl and tsget-1_1.pl, respectively. + * Add openssl-1_1-devel as conflicting with libopenssl-3-devel + * Add openssl-1_1-openssl-config.patch + +- Skip SHA1 test in 20-test_dgst.t when in FIPS mode + * Add openssl-Skip_SHA1-test-in-FIPS-mode.patch + +- Performance enhancements for cryptography from OpenSSL 3.x + [jsc#PED-5086, jsc#PED-3514] + * Add patches: + - openssl-ec-Use-static-linkage-on-nistp521-felem_-square-mul-.patch + - openssl-ec-56-bit-Limb-Solinas-Strategy-for-secp384r1.patch + - openssl-ec-powerpc64le-Add-asm-implementation-of-felem_-squa.patch + - openssl-ecc-Remove-extraneous-parentheses-in-secp384r1.patch + - openssl-powerpc-ecc-Fix-stack-allocation-secp384r1-asm.patch + - openssl-Improve-performance-for-6x-unrolling-with-vpermxor-i.patch + +- Update to 1.1.1w: (jsc#PED-6559) + * Fix POLY1305 MAC implementation corrupting XMM registers on Windows. + The POLY1305 MAC (message authentication code) implementation in OpenSSL + does not save the contents of non-volatile XMM registers on Windows 64 + platform when calculating the MAC of data larger than 64 bytes. Before + returning to the caller all the XMM registers are set to zero rather than + restoring their previous content. The vulnerable code is used only on newer + x86_64 processors supporting the AVX512-IFMA instructions. + The consequences of this kind of internal application state corruption can + be various - from no consequences, if the calling application does not + depend on the contents of non-volatile XMM registers at all, to the worst + consequences, where the attacker could get complete control of the + application process. However given the contents of the registers are just + zeroized so the attacker cannot put arbitrary values inside, the most likely + consequence, if any, would be an incorrect result of some application + dependent calculations or a crash leading to a denial of service. + (CVE-2023-4807) +- Removed patches, already upstream + * openssl-1_1-Fix-file-operations-in-c_rehash.patch + * openssl-CVE-2022-0778-tests.patch + * openssl-CVE-2022-0778.patch + * openssl-CVE-2022-1292.patch + * openssl-CVE-2022-2097.patch + * openssl-CVE-2022-4304.patch + * openssl-CVE-2022-4450-1of2.patch + * openssl-CVE-2022-4450-2of2.patch + * openssl-CVE-2023-0215-1of4.patch + * openssl-CVE-2023-0215-2of4.patch + * openssl-CVE-2023-0215-3of4.patch + * openssl-CVE-2023-0215-4of4.patch + * openssl-CVE-2023-0286.patch + * openssl-CVE-2023-2650.patch + * openssl-1_1-CVE-2023-3817.patch + * openssl-Update-further-expiring-certificates.patch +- Renamed openssl-1_1-FIPS-default-RFC7919.patch + to openssl-1_1-paramgen-default_to_rfc7919.patch + +- Add missing FIPS patches from SLE: + * Add patches: + - bsc1185319-FIPS-KAT-for-ECDSA.patch + - bsc1198207-FIPS-add-hash_hmac-drbg-kat.patch + - openssl-1.1.1-fips-fix-memory-leaks.patch + - openssl-1_1-FIPS-PBKDF2-KAT-requirements.patch + - openssl-1_1-FIPS_drbg-rewire.patch + - openssl-1_1-Zeroization.patch + - openssl-1_1-fips-drbg-selftest.patch + - openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch + - openssl-1_1-jitterentropy-3.4.0.patch + - openssl-1_1-ossl-sli-000-fix-build-error.patch + - openssl-1_1-ossl-sli-001-fix-faults-preventing-make-update.patch + - openssl-1_1-ossl-sli-002-ran-make-update.patch + - openssl-1_1-ossl-sli-003-add-sli.patch + - openssl-1_1-ossl-sli-004-allow-aes-xts-256.patch + - openssl-1_1-ossl-sli-005-EC_group_order_bits.patch + - openssl-1_1-ossl-sli-006-rsa_pkcs1_padding.patch + - openssl-1_1-ossl-sli-007-pbkdf2-keylen.patch + - openssl-1_1-ossl-sli-008-pbkdf2-salt_pass_iteration.patch + - openssl-1_1-serialize-jitterentropy-calls.patch + - openssl-1_1-shortcut-test_afalg_aes_cbc.patch + - openssl-DH.patch + - openssl-FIPS-KAT-before-integrity-tests.patch + - openssl-fips-DH_selftest_shared_secret_KAT.patch + - openssl-fips-kdf-hkdf-selftest.patch + - openssl-kdf-selftest.patch + - openssl-kdf-ssh-selftest.patch + - openssl-kdf-tls-selftest.patch + - openssl-s_client-check-ocsp-status.patch + * Modify patches: + - openssl-1.1.1-fips.patch + - openssl-1_1-FIPS-fix-error-reason-codes.patch + * Remove patches: + - openssl-add_rfc3526_rfc7919.patch + - openssl-fips-dont_run_FIPS_module_installed.patch + - openssl-fips_fix_selftests_return_value.patch + * Add build and runtime dependency on jitterentropy +- Pass over with spec-cleaner + +- Update to 1.1.1v: + * Fix DH_check() excessive time with over sized modulus + (bsc#1213487, CVE-2023-3446). The function DH_check() performs + various checks on DH parameters. One of those checks confirms + that the modulus ("p" parameter) is not too large. Trying to use + a very large modulus is slow and OpenSSL will not normally use + a modulus which is over 10,000 bits in length. However the + DH_check() function checks numerous aspects of the key or + parameters that have been supplied. Some of those checks use the + supplied modulus value even if it has already been found to be + too large. A new limit has been added to DH_check of 32,768 bits. + Supplying a key/parameters with a modulus over this size will + simply cause DH_check() to fail. + * Update openssl.keyring with the OTC members that sign releases + * Rebase openssl-1_1-openssl-config.patch + * Remove security patches fixed upstream: + - openssl-CVE-2023-3446.patch + - openssl-CVE-2023-3446-test.patch +- Update to 1.1.1u: + * Mitigate for the time it takes for `OBJ_obj2txt` to translate gigantic + OBJECT IDENTIFIER sub-identifiers to canonical numeric text form. + OBJ_obj2txt() would translate any size OBJECT IDENTIFIER to canonical + numeric text form. For gigantic sub-identifiers, this would take a very + long time, the time complexity being O(n^2) where n is the size of that + sub-identifier. (CVE-2023-2650, bsc#1211430) + To mitigitate this, `OBJ_obj2txt()` will only translate an OBJECT + IDENTIFIER to canonical numeric text form if the size of that OBJECT + IDENTIFIER is 586 bytes or less, and fail otherwise. + The basis for this restriction is RFC 2578 (STD 58), section 3.5. OBJECT + IDENTIFIER values, which stipulates that OBJECT IDENTIFIERS may have at + most 128 sub-identifiers, and that the maximum value that each sub- + identifier may have is 2^32-1 (4294967295 decimal). + For each byte of every sub-identifier, only the 7 lower bits are part of + the value, so the maximum amount of bytes that an OBJECT IDENTIFIER with + these restrictions may occupy is 32 * 128 / 7, which is approximately 586 + bytes. + Ref: https://datatracker.ietf.org/doc/html/rfc2578#section-3.5 + * Reworked the Fix for the Timing Oracle in RSA Decryption + (CVE-2022-4304, bsc#1207534). The previous fix for this timing side + channel turned out to cause a severe 2-3x performance regression in the + typical use case compared to 1.1.1s. The new fix uses existing constant + time code paths, and restores the previous performance level while fully + eliminating all existing timing side channels. The fix was developed by + Bernd Edlinger with testing support by Hubert Kario. + * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention that + it does not enable policy checking. Thanks to David Benjamin for + discovering this issue. (CVE-2023-0466, bsc#1209873) + * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention that + it does not enable policy checking. Thanks to David Benjamin for + discovering this issue. (CVE-2023-0466, bsc#1209873) + * Fixed an issue where invalid certificate policies in leaf certificates are + silently ignored by OpenSSL and other certificate policy checks are + skipped for that certificate. A malicious CA could use this to + deliberately assert invalid certificate policies in order to circumvent + policy checking on the certificate altogether. + (CVE-2023-0465, bsc#1209878) + * Limited the number of nodes created in a policy tree to mitigate against + CVE-2023-0464. The default limit is set to 1000 nodes, which should be + sufficient for most installations. If required, the limit can be + adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build time define + to a desired maximum number of nodes or zero to allow unlimited growth. + (CVE-2023-0464, bsc#1209624) + * Rebased patch openssl-1_1-openssl-config.patch + * Removed patches: + - openssl-CVE-2023-0464.patch + - openssl-CVE-2023-0465.patch + - openssl-CVE-2023-0466.patch + * Update openssl.keyring with key + A21F AB74 B008 8AA3 6115 2586 B8EF 1A6B A9DA 2D5C (Tomas Mraz) + +- FIPS: Merge libopenssl1_1-hmac package into the library [bsc#1185116] + +- Update to 1.1.1t: + * Fixed X.400 address type confusion in X.509 GeneralName. + There is a type confusion vulnerability relating to X.400 address processing + inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING + but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This + vulnerability may allow an attacker who can provide a certificate chain and + CRL (neither of which need have a valid signature) to pass arbitrary + pointers to a memcmp call, creating a possible read primitive, subject to + some constraints. Refer to the advisory for more information. Thanks to + David Benjamin for discovering this issue. [bsc#1207533, CVE-2023-0286] + This issue has been fixed by changing the public header file definition of + GENERAL_NAME so that x400Address reflects the implementation. It was not + possible for any existing application to successfully use the existing + definition; however, if any application references the x400Address field + (e.g. in dead code), note that the type of this field has changed. There is + no ABI change. + * Fixed Use-after-free following BIO_new_NDEF. + The public API function BIO_new_NDEF is a helper function used for + streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL + to support the SMIME, CMS and PKCS7 streaming capabilities, but may also + be called directly by end user applications. + The function receives a BIO from the caller, prepends a new BIO_f_asn1 + filter BIO onto the front of it to form a BIO chain, and then returns + the new head of the BIO chain to the caller. Under certain conditions, + for example if a CMS recipient public key is invalid, the new filter BIO + is freed and the function returns a NULL result indicating a failure. + However, in this case, the BIO chain is not properly cleaned up and the + BIO passed by the caller still retains internal pointers to the previously + freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO + then a use-after-free will occur. This will most likely result in a crash. + [bsc#1207536, CVE-2023-0215] + * Fixed Double free after calling PEM_read_bio_ex. + The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and + decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload + data. If the function succeeds then the "name_out", "header" and "data" + arguments are populated with pointers to buffers containing the relevant + decoded data. The caller is responsible for freeing those buffers. It is + possible to construct a PEM file that results in 0 bytes of payload data. + In this case PEM_read_bio_ex() will return a failure code but will populate + the header argument with a pointer to a buffer that has already been freed. + If the caller also frees this buffer then a double free will occur. This + will most likely lead to a crash. + The functions PEM_read_bio() and PEM_read() are simple wrappers around + PEM_read_bio_ex() and therefore these functions are also directly affected. + These functions are also called indirectly by a number of other OpenSSL + functions including PEM_X509_INFO_read_bio_ex() and + SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL + internal uses of these functions are not vulnerable because the caller does + not free the header argument if PEM_read_bio_ex() returns a failure code. + [bsc#1207538, CVE-2022-4450] + [Kurt Roeckx, Matt Caswell] + * Fixed Timing Oracle in RSA Decryption. + A timing based side channel exists in the OpenSSL RSA Decryption + implementation which could be sufficient to recover a plaintext across + a network in a Bleichenbacher style attack. To achieve a successful + decryption an attacker would have to be able to send a very large number + of trial messages for decryption. The vulnerability affects all RSA padding + modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. + [bsc#1207534, CVE-2022-4304] + * Rebased openssl-1_1-openssl-config.patch + * Update openssl.keyring with key + 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C (Richard Levitte) + +- Updated openssl.keyring with key A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C +- Update to 1.1.1s: + * Fixed a regression introduced in 1.1.1r version not refreshing the + certificate data to be signed before signing the certificate. +- Update to 1.1.1r: + * Fixed the linux-mips64 Configure target which was missing the + SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that + platform. + * Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was + causing incorrect results in some cases as a result. + * Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to + report correct results in some cases + * Fixed a regression introduced in 1.1.1o for re-signing certificates with + different key sizes + * Added the loongarch64 target + * Fixed a DRBG seed propagation thread safety issue + * Fixed a memory leak in tls13_generate_secret + * Fixed reported performance degradation on aarch64. Restored the + implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid + 32-bit lane assignment in CTR mode") for 64bit targets only, since it is + reportedly 2-17% slower and the silicon errata only affects 32bit targets. + The new algorithm is still used for 32 bit targets. + * Added a missing header for memcmp that caused compilation failure on some + platforms + +- update to 1.1.1q: + * [CVE-2022-2097, bsc#1201099] + * Addresses situations where AES OCB fails to encrypt some bytes + +- Update to 1.1.1p: + * bsc#1185637 - updated certificates required for testing that failed + when date is later than 1 June 2022 + - removed openssl-update_expired_certificates.patch + * [bsc#1200550, CVE-2022-2068] - more shell code injection issues in c_rehash + +- Update to 1.1.1o: [CVE-2022-1292, bsc#1199166] + * Fixed a bug in the c_rehash script which was not properly sanitising + shell metacharacters to prevent command injection. + * Rebased openssl-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch + * Rebased openssl-s390x-assembly-pack-add-support-for-pcc-and-kma-inst.patch +- Added openssl-update_expired_certificates.patch + * Openssl failed tests because of expired certificates. + * bsc#1185637 + * Sourced from https://github.com/openssl/openssl/pull/18446/commits + +- Update to 1.1.1m: + * Avoid loading of a dynamic engine twice. + * Prioritise DANE TLSA issuer certs over peer certs +- Rebased patches: + * openssl-1.1.1-evp-kdf.patch + * openssl-1.1.1-system-cipherlist.patch + +- Drop openssl-no-date.patch + Upstream added support for reproducible builds via SOURCE_DATE_EPOCH in + https://github.com/openssl/openssl/commit/8a8d9e190533ee41e8b231b18c7837f98f1ae231 + thereby making this patch obsolete as builds *should* still be reproducible. + perl-IO-Socket-SSL +- Fix the test t/core.t to build with OpenSSL 3.2.0. [bsc#1218342] + * https://github.com/noxxi/p5-io-socket-ssl/issues/147 + * Add perl-IO-Socket-SSL-Openssl32.patch + +- updated to 2.084 + see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes + 2.084 2023/11/06 + - various fixes for edge cases and build: #136, #141, #142, #143, #145 + - update documentation to reflect default SSL_version + perl-Net-SSLeay +- Use constants X509_VERSION_3 and X509_REQ_VERSION_1 when available (#GH-449) + * Add Use-constants-X509_VERSION_3-and-X509_REQ_VERSION_1-when-available.patch + +- updated to 1.92 + see /usr/share/doc/packages/perl-Net-SSLeay/Changes + 1.92 2022-01-12 + - New stable release incorporating all changes from developer releases 1.91_01 + to 1.91_03. + - Summary of major changes since version 1.90: + - Net::SSLeay now supports stable releases of OpenSSL 3.0. + - OpenSSL 3.0.0 introduces the concept of "providers", which contain + cryptographic algorithm implementations. Many outdated, deprecated and/or + insecure algorithms have been moved to the "legacy" provider, which may + need to be loaded explicitly in order to use them with Net::SSLeay. See + "Low level API: OSSL_LIB_CTX and OSSL_PROVIDER related functions" in the + Net::SSLeay module documentation for details. + - Net::SSLeay's built-in PEM_get_string_PrivateKey() function depends on + algorithms that have moved to the legacy provider described above; if + OpenSSL has been compiled without the legacy provider, the tests + t/local/33_x509_create_cert.t and t/local/63_ec_key_generate_key.t will + fail when the test suite is run. + - TLS 1.1 and below may only be used at security level 0 as of OpenSSL + 3.0.0; if a minimum required security level is imposed (e.g. in an + OpenSSL configuration file managed by the operating system), the tests + t/local/44_sess.t and t/local/45_exporter.t will fail when the test suite + is run. + - Net::SSLeay now supports stable releases of LibreSSL from the 3.2 - 3.4 + series (with the exception of 3.2.2 and 3.2.3 - see "COMPATIBILITY" in the + Net::SSLeay module documentation for details). + - The TLS 1.3 implementation in LibreSSL 3.1 - 3.3, parts of which are + enabled by default, is not fully compatible with the libssl API and may + not function as expected with Net::SSLeay; see "KNOWN BUGS AND CAVEATS" + in the Net::SSLeay module documentation for details. + - A number of new libcrypto/libssl constants and functions are now exposed, + including SSL_CTX_set_keylog_callback() and SSL_CTX_set_msg_callback(), + which are helpful when debugging TLS handshakes. See the release notes for + the 1.91 developer releases below for a full list of newly-exposed + constants and functions. + 1.91_03 2022-01-10 + - Avoid misclassifying Clang as GCC in Test::Net::SSLeay's can_thread() + function. This fixes test failures in 61_threads-cb-crash.t and + 62_threads-ctx_new-deadlock.t on OpenBSD and FreeBSD (and possibly other OSes + too). Fixes GH-350. + - Add the following constants for OpenSSL_version(): + - OPENSSL_CPU_INFO + - OPENSSL_FULL_VERSION_STRING + - OPENSSL_MODULES_DIR + - OPENSSL_VERSION_STRING + These constants are new in OpenSSL 3.0.0 release. + - Update test 03_use.t to print information returned by the new constants. + - Add more information to 03_use.t print output, including printing + OPENSSL_VERSION_NUMBER as a 32bit hex number. + - Add the following constants for OPENSSL_info() added in OpenSSL 3.0.0. + - OPENSSL_INFO_CONFIG_DIR + - OPENSSL_INFO_CPU_SETTINGS + - OPENSSL_INFO_DIR_FILENAME_SEPARATOR + - OPENSSL_INFO_DSO_EXTENSION + - OPENSSL_INFO_ENGINES_DIR + - OPENSSL_INFO_LIST_SEPARATOR + - OPENSSL_INFO_MODULES_DIR + - OPENSSL_INFO_SEED_SOURCE + - Expose OPENSSL_info(), OPENSSL_version_major(), + OPENSSL_version_minor(), OPENSSL_version_patch(), + OPENSSL_version_pre_release() and + OPENSSL_version_build_metadata() added in OpenSSL + 3.0.0. Update 03_use.t diagnostics and 04_basic.t tests to + use these functions. + - Clarify documentation of OpenSSL_version_num(), SSLeay(), + SSLeay_version() and OpenSSL_version(). + - Add notes to OpenSSL_version_num() and SSLeay() on how to + determine if the library is OpenSSL or LibreSSL and how to + interpret the version number these functions return. + - Add constants OPENSSL_VERSION_MAJOR, OPENSSL_VERSION_MINOR + and OPENSSL_VERSION_PATCH. Update + OPENSSL_version_major/minor/patch documentation to describe + how these library functions relate to Net-SSLeay compile + time constants. Add tests to verify the constants and + functions return equal values. + 1.91_02 2021-12-29 + - On OpenVMS, detect vendor SSL111 product based on OpenSSL 1.1.x. + - Cast the return value of OCSP_SINGLERESP_get0_id to fix a + const/non-const mismatch warning that broke the build on OpenVMS. + - Create SSL_CTXs with Test::Net::SSLeay's new_ctx() function for tests that + are broken with LibreSSL 3.2. Partially fixes GH-232. + - In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY + flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.2 + versions from 3.2.4 onwards. Fixes the remainder of GH-232. + - Note in the Net::SSLeay documentation that the TLS 1.3 implementation in + LibreSSL 3.1 - 3.3, parts of which are enabled by default, is not + libssl-compatible. See the "KNOWN BUGS AND CAVEATS" section of + lib/Net/SSLeay.pod for details. + - Add constants for, but not limited to, + SSL_CTX_set_msg_callback and SSL_set_msg_callback functions: + SSL3_RT_* for record content types, SSL3_MT_* for Handshake + and ChangeCipherSpec message types, SSL2_VERSION to + complement the list of existing SSL and TLS version + constants and SSL2_MT_* for SSLv2 Handshake messages. + - Expose SSL_CTX_set_keylog_callback and + SSL_CTX_get_keylog_callback available with OpenSSL 1.1.1pre1 + and later. + - Enhance 10_rand.t RAND_file_name tests: tests are no longer + affected by the runtime environment variables, HOME and + RANDFILE. These variables are insted controlled by the tests + with local %ENV. Problems related to RAND_file_name were + discussed in Github issue GH-152, and there might still be + cases when, for example, setuid is used because of OpenSSL's + use of glibc secure_getenv() and related functions. Address + RAND_file_name differences between OpenSSL versions. Note in + SSLeay.pod that RAND_file_name() can return undef with + LibreSSL and recent OpenSSL versions. + - Removed the following exportable symbols from SSLeay.pm: + - SESSION, clear_error and err have never been defined. + - add_session, flush_sessions and remove_session were + removed in Net::SSLeay 1.04 + - Undocumented X509_STORE_CTX_set_flags() was removed in + Net::SSLeay 1.37 when X509_VERIFY_PARAM_* functions were + added. These are preferred over directly setting the flags. + - Clarified Changes entry for release 1.75 to state that + CTX_v2_new is not removed from Net::SSLeay. SSLv2 is + completely removed in OpenSSL 1.1.0. + - Beginning with OpenSSL 3.0.0-alpha17, SSL_CTX_get_options() + and related functions return uint64_t instead of long. For + this reason constant() in constant.c and Net::SSLeay must + also be able to return 64bit constants. Add uint64_t + definitions to typemap file and update constant() and + options functions to use uint64_t with OpenSSL 3.0.0 and + later when Perl is compiled with 64bit integers. With 32bit + integers, the functions remain as they are: constant() + functions return double and options functions return + long. This partially fixes GH-315, 32bit integer Perls need + to be handled separately. + - Work around macOS Monterey build failure during 'perl + Makefile.PL' that causes perl to exit with 'WARNING: + .../perl is loading libcrypto in an unsafe way' or similar + message. This fixes GH-329. Thanks to Daniel J. Luke for the + report and John Napiorkowski for additional help. + 1.91_01 2021-10-24 + - Correct X509_STORE_CTX_init() return value to integer. Previous + versions of Net::SSLeay return nothing. + - Update tests to call close() to avoid problems seen with + test 44_sess.t, and possibly other tests, running on older + Windows Perl versions. Also add some missing calls in tests + to shutdown and free ssl structures. + - Fix multiple formatting errors in the documentation for Net::SSLeay. + Thanks to John Jetmore. + - Check for presence of libssl headers in Makefile.PL, and exit with an + error instead of generating an invalid Makefile if they cannot be found. + Fixes RT#105189. Thanks to James E Keenan for the report. + - Added support for SSL_CTX_set_msg_callback/SSL_set_msg_callback + Thanks to Tim Aerts. + - Adjust time in ASN1_TIME_timet based on current offset to GMT to + address GH-148. Thanks to Steffen Ullrich. + - Multiple updates to tests to match OpenSSL 3.0 behaviour. + Thanks to Michal Josef Špaček. + - OpenSSL 3.0 related changes in tests include: + - TLSv1 and TLSv1.1 require security level 0 starting with 3.0 alpha 5. + - SSL_CTX_set_ciphersuites() and SSL_set_ciphersuites() ignore + unknown ciphersuites starting with 3.0 alpha 11. + - Error code and error string packing and formatting changes. + - PEM_get_string_PrivateKey default algorithm requires legacy provider. + - See OpenSSL manual page migration_guide(7) for more information about + changes in OpenSSL 3.0. + - Automatically detect OpenSSL installed via Homebrew on ARM-based macOS + systems. Thanks to Graham Knop for the patch. + - Account for the divergence in TLSv1.3 ciphersuite names between OpenSSL and + LibreSSL, which was causing failures of some TLSv1.3 tests with LibreSSL. + - In 36_verify.t, account for the presence of the X509_V_FLAG_LEGACY_VERIFY + flag (signalling the use of the legacy X.509 verifier) in LibreSSL 3.3.2 and + above. + - In 43_misc_functions.t, account for the fact that LibreSSL 3.2.0 and above + implement TLSv1.3 without exposing a TLS1_3_VERSION constant. + - Expose OpenSSL 3.0 functions + OSSL_LIB_CTX_get0_global_default, OSSL_PROVIDER_load, + OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload, + OSSL_PROVIDER_available, OSSL_PROVIDER_do_all + OSSL_PROVIDER_get0_name and OSSL_PROVIDER_self_test. + Add test files 22_provider.t, 22_provider_try_load.t and + 22_provider_try_load_zero_retain.t. + - With OpenSSL 3.0 and later, the legacy provider is loaded in + 33_x509_create_cert.t to allow PEM_get_string_PrivateKey to + continue working until its default encryption method is + updated. Fixes GH-272 and closes GH-273. + - Remove the test suite's optional dependency on the non-core modules + Test::Exception, Test::NoWarnings and Test::Warn. Tests that verify + Net::SSLeay's behaviour when errors occur are now executed regardless of the + availability of these modules. + - Fully automate the process of changing the list of constants exported by + Net::SSLeay. Fixes GH-313. + - Perform function autoloading tests in the test suite. Fixes GH-311. + - In 36_verify.t, account for the fact that the X509_V_FLAG_LEGACY_VERIFY flag + (signalling the use of the legacy X.509 verifier) is no longer exposed as of + LibreSSL 3.4.1. Fixes GH-324. + +- Fix cpanspec.yml + +- Fix cpanspec.yml preamble section. + +- Fix autoupdate build: + * Add required build and test dependencies + * Update spec file and add cpanspec.yml + +- update to 1.90: + - New stable release incorporating all changes from developer releases + 1.89_01 to 1.89_05. + - Summary of major changes since version 1.88: + - Formalised libssl version support policy: all stable versions of OpenSSL + in the 0.9.8 - 1.1.1 branches (with the exception of 0.9.8 - 0.9.8b) and + all stable releases of LibreSSL in the 2.0 - 3.1 series are supported. + The LibreSSL 3.2 series is not yet fully supported because its TLSv1.3 + implementation is not currently libssl-compatible. + - Added support for LibreSSL on Windows when built with Visual C++. + - Exposed P_X509_CRL_add_extensions, several SSL_CIPHER functions, and + several stack functions. + - Fixed crashes in the callback functions CTX_set_next_proto_select_cb and + CTX_set_alpn_select_cb. + - The test suite is now compatible with OpenSSL 1.1.1e onwards, as well as + OpenSSL security level 2 (the default on many Linux distributions). + postgresql16 +- Upgrade to 16.2: + * bsc#1219679, CVE-2024-0985: Tighten security restrictions + within REFRESH MATERIALIZED VIEW CONCURRENTLY. + One step of a concurrent refresh command was run under weak + security restrictions. If a materialized view's owner could + persuade a superuser or other high-privileged user to perform a + concurrent refresh on that view, the view's owner could control + code executed with the privileges of the user running REFRESH. + Fix things so that all user-determined code is run as the + view's owner, as expected + * If you use GIN indexes, you may need to reindex after updating + to this release. + * LLVM 18 is now supported. + * https://www.postgresql.org/docs/release/16.2/ + protobuf -- Fix a potential DoS issue in protobuf-cpp and protobuf-python, - CVE-2022-1941, bsc#1203681 - * Add protobuf-CVE-2022-1941.patch -- Fix a potential DoS issue when parsing with binary data in - protobuf-java, CVE-2022-3171, bsc#1204256 - * Add protobuf-CVE-2022-3171.patch -- Refresh protobuf-CVE-2021-22570.patch -- Backport changes from 3.16.x tree for apply recent CVE patches - * Add protobuf-51026d922970e06475f005b39287963594134b96.patch - * Add protobuf-6ee16a9c60e734104aeb738503fe3f411c97bd88.patch - * Add protobuf-73e0d748b9acdc40b693f2879ce82ecb1a849b81.patch - * Add protobuf-7bff8393cab939bfbb9b5c69b3fe76b4d83c41ee.patch - * Add protobuf-4f02f056b5cea99052bfdfb6698afe47a3cf2964.patch - * Add protobuf-763c3588740b97e8e80b1b1a1a2dc4f417647133.patch - * Add protobuf-6c92f9dff1807c142edf6780d775b58a3b078591.patch - * Add protobuf-4e93585e8bb234efeacb7737b8d080968c5ab91e.patch - * Add protobuf-58d4420e2dd8a3cd354fff9db0052881c25369ce.patch -- Reorganize patch set ordering - -- Fix potential Denial of Service in protobuf-java in the parsing procedure - for binary data, CVE-2021-22569, bsc#1194530 - * Add protobuf-improve-performance-of-parsing-unknown-fields-in-Java.patch - -- Fix incorrect parsing of nullchar in the proto symbol, CVE-2021-22570, - bsc#1195258 - * Add protobuf-CVE-2021-22570.patch +- update to 25.1: + * Raise warnings for deprecated python syntax usages + * Add support for extensions in CRuby, JRuby, and FFI Ruby + * Add support for options in CRuby, JRuby and FFI (#14594) +- update to 25.0: + * Implement proto2/proto3 with editions + * Defines Protobuf compiler version strings as macros and + separates out suffix string definition. + * Add utf8_validation feature back to the global feature set. + * Setting up version updater to prepare for poison pills and + embedding version info into C++, Python and Java gencode. + * Merge the protobuf and upb Bazel repos + * Editions: Introduce functionality to protoc for generating + edition feature set defaults. + * Editions: Migrate edition strings to enum in C++ code. + * Create a reflection helper for ExtensionIdentifier. + * Editions: Provide an API for C++ generators to specify their + features. + * Editions: Refactor feature resolution to use an intermediate + message. + * Publish extension declarations with declaration + verifications. + * Editions: Stop propagating partially resolved feature sets to + plugins. + * Editions: Migrate string_field_validation to a C++ feature + * Editions: Include defaults for any features in the generated + pool. + * Protoc: parser rejects explicit use of map_entry option + * Protoc: validate that reserved range start is before end + * Protoc: support identifiers as reserved names in addition to + string literals (only in editions) + * Drop support for Bazel 5. + * Allow code generators to specify whether or not they support + editions. + [#] C++ + * Set `PROTOBUF_EXPORT` on + `InternalOutOfLineDeleteMessageLite()` + * Update stale checked-in files + * Apply PROTOBUF_NOINLINE to declarations of some functions + that want it. + * Implement proto2/proto3 with editions + * Make JSON UTF-8 boundary check inclusive of the largest + possible UTF-8 character. + * Reduce `Map::size_type` to 32-bits. Protobuf containers can't + have more than that + * Defines Protobuf compiler version strings as macros and + separates out suffix string definition. + * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated + oneof accessors. + * Fix bug in reflection based Swap of map fields. + * Add utf8_validation feature back to the global feature set. + * Setting up version updater to prepare for poison pills and + embedding version info into C++, Python and Java gencode. + * Add prefetching to arena allocations. + * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated + repeated and map field accessors. + * Editions: Migrate edition strings to enum in C++ code. + * Create a reflection helper for ExtensionIdentifier. + * Editions: Provide an API for C++ generators to specify their + features. + * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated + string field accessors. + * Editions: Refactor feature resolution to use an intermediate + message. + * Fixes for 32-bit MSVC. + * Publish extension declarations with declaration + verifications. + * Export the constants in protobuf's any.h to support DLL + builds. + * Implement AbslStringify for the Descriptor family of types. + * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated + message field accessors. + * Editions: Stop propagating partially resolved feature sets to + plugins. + * Editions: Migrate string_field_validation to a C++ feature + * Editions: Include defaults for any features in the generated + pool. + * Introduce C++ feature for UTF8 validation. + * Protoc: validate that reserved range start is before end + * Remove option to disable the table-driven parser in protoc. + * Lock down ctype=CORD in proto file. + * Support split repeated fields. + * In OSS mode omit some extern template specializations. + * Allow code generators to specify whether or not they support + editions. + [#] Java + * Implement proto2/proto3 with editions + * Remove synthetic oneofs from Java gencode field accessor + tables. + * Timestamps.parse: Add error handling for invalid + hours/minutes in the timezone offset. + * Defines Protobuf compiler version strings as macros and + separates out suffix string definition. + * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated + oneof accessors. + * Add missing debugging version info to Protobuf Java gencode + when multiple files are generated. + * Fix a bad cast in putBuilderIfAbsent when already present due + to using the result of put() directly (which is null if it + currently has no value) + * Setting up version updater to prepare for poison pills and + embedding version info into C++, Python and Java gencode. + * Fix a NPE in putBuilderIfAbsent due to using the result of + put() directly (which is null if it currently has no value) + * Update Kotlin compiler to escape package names + * Add MapFieldBuilder and change codegen to generate it and the + put{field}BuilderIfAbsent method. + * Introduce recursion limit in Java text format parsing + * Consider the protobuf.Any invalid if typeUrl.split("/") + returns an empty array. + * Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated. + * Fixed Python memory leak in map lookup. + * Loosen upb for json name conflict check in proto2 between + json name and field + * Defines Protobuf compiler version strings as macros and + separates out suffix string definition. + * Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated + oneof accessors. + * Ensure Timestamp.ToDatetime(tz) has correct offset + * Do not check required field for upb python MergeFrom + * Setting up version updater to prepare for poison pills and + embedding version info into C++, Python and Java gencode. + * Merge the protobuf and upb Bazel repos + * Comparing a proto message with an object of unknown returns + NotImplemented + * Emit __slots__ in pyi output as a tuple rather than a list + for --pyi_out. + * Fix a bug that strips options from descriptor.proto in + Python. + * Raise warings for message.UnknownFields() usages and navigate + to the new add + * Add protobuf python keyword support in path for stub + generator. + * Add tuple support to set Struct + * ### Python C-Extension (Default) + * Comparing a proto message with an object of unknown returns + NotImplemented + * Check that ffi-compiler loads before using it to define + tasks. + [#] UPB (Python/PHP/Ruby C-Extension) + * Include .inc files directly instead of through a filegroup + * Loosen upb for json name conflict check in proto2 between + json name and field + * Add utf8_validation feature back to the global feature set. + * Do not check required field for upb python MergeFrom + * Merge the protobuf and upb Bazel repos + * Added malloc_trim() calls to Python allocator so RSS will + decrease when memory is freed + * Upb: fix a Python memory leak in ByteSize() + * Support ASAN detection on clang + * Upb: bugfix for importing a proto3 enum from within a proto2 + file + * Expose methods needed by Ruby FFI using UPB_API + * Fix `PyUpb_Message_MergeInternal` segfault -- Fix Requires for python3 to python3-six. +- build against modern python on sle15 -- Add missing dependency of python subpackages on python-six - (bsc#1177127). +- Build with source and target levels 8 + * fixes build with JDK21 +- Install the pom file with the new %%mvn_install_pom macro +- Do not install the pom-only artifacts, since the %%mvn_install_pom + macro resolves the variables at the install time + +- update to 23.4: + * Add dllexport_decl for generated default instance. + * Deps: Update Guava to 32.0.1 + +- update to 23.3: + C++ + * Regenerate stale files + * Use the same ABI for static and shared libraries on non- + Windows platforms + * Add a workaround for GCC constexpr bug + Objective-C + * Regenerate stale files + UPB (Python/PHP/Ruby C-Extension) + * Fixed a bug in `upb_Map_Delete()` that caused crashes in + map.delete(k) for Ruby when string-keyed maps were in use. + Compiler + * Add missing header to Objective-c generator + * Add a workaround for GCC constexpr bug + Java + * Rollback of: Simplify protobuf Java message builder by + removing methods that calls the super class only. + Csharp + * [C#] Replace regex that validates descriptor names +- drop 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch (upstream) + +- Add patch to fix linking ThreadSafeArena: + * 0001-Use-the-same-ABI-for-static-and-shared-libraries-on-.patch +- Drop the protobuf-source package, no longer used + +- update to 22.5: + C++ + * Add missing cstdint header + * Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700) + * Avoid using string(JOIN..., which requires cmake 3.12 + * Explicitly include GTest package in examples + * Bump Abseil submodule to 20230125.3 (#12660) +- update to 22.4: + C++ + * Fix libprotoc: export useful symbols from .so + * Fix btree issue in map tests. + Python + * Fix bug in _internal_copy_files where the rule would fail in + downstream repositories. + Other + * Bump utf8_range to version with working pkg-config (#12584) + * Fix declared dependencies for pkg-config + * Update abseil dependency and reorder dependencies to ensure + we use the version specified in protobuf_deps. + * Turn off clang::musttail on i386 + +- drop python2 handling +- fix version handling and package the private libs again + +- Fix confusion in versions + +- Mention the rpmlintrc file in the spec. + +- Make possible to build on older systems, like SLE12 that miss + some of the used macros. + +- update to v22.3 + UPB (Python/PHP/Ruby C-Extension) + * Remove src prefix from proto import + * Fix .gitmodules to use the correct absl branch + * Remove erroneous dependency on googletest +- update to 22.2: + Java + * Add version to intra proto dependencies and add kotlin stdlib + dependency + * Add $ back for osgi header + * Remove $ in pom files +- update to 22.1: + * Add visibility of plugin.proto to python directory + * Strip "src" from file name of plugin.proto + * Add OSGi headers to pom files. + * Remove errorprone dependency from kotlin protos. + * Version protoc according to the compiler version number. +- update to 22.0: + * This version includes breaking changes to: Cpp. + Please refer to the migration guide for information: + https://protobuf.dev/support/migration/#compiler-22 + * [Cpp] Migrate to Abseil's logging library. + * [Cpp] `proto2::Map::value_type` changes to `std::pair`. + * [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream, + and DefaultFieldComparator classes. + * [Cpp] Add a dependency on Abseil (#10416) + * [Cpp] Remove all autotools usage (#10132) + * [Cpp] Add C++20 reserved keywords + * [Cpp] Dropped C++11 Support + * [Cpp] Delete Arena::Init + * [Cpp] Replace JSON parser with new implementation + * [Cpp] Make RepeatedField::GetArena non-const in order to + support split RepeatedFields. + * long list of bindings specific fixes see + https://github.com/protocolbuffers/protobuf/releases/tag/v22.0 +- python sub packages version is set 4.22.3 as defined in + python/google/protobuf/__init__.py to stay compatible +- skip python2 builds by default +- drop patches: + * 10355.patch, + * gcc12-disable-__constinit-with-c++-11.patch (merged upstream) +- added patches: + * add-missing-stdint-header.patch added for compile fixes + +- Enable LTO (boo#1133277). + +- update to v21.12: + * Python + * Fix broken enum ranges (#11171) + * Stop requiring extension fields to have a sythetic oneof (#11091) + * Python runtime 4.21.10 not works generated code can not load valid + proto. + +- update to 21.11: + * Python + * Add license file to pypi wheels (#10936) + * Fix round-trip bug (#10158) + +- update to 21.10: + * Java + * Use bit-field int values in buildPartial to skip work on unset groups of + fields. (#10960) + * Mark nested builder as clean after clear is called (#10984) + +- update to 21.9: + * Ruby + * Replace libc strdup usage with internal impl to restore musl compat (#10818) + * Auto capitalize enums name in Ruby (#10454) (#10763) + * Other + * Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721) + * C++ + * 21.x No longer define no_threadlocal on OpenBSD (#10743) + * Java + * Mark default instance as immutable first to avoid race during static initialization of default instances (#10771) + * Refactoring java full runtime to reuse sub-message builders and prepare to + migrate parsing logic from parse constructor to builder. + * Move proto wireformat parsing functionality from the private "parsing + constructor" to the Builder class. + * Change the Lite runtime to prefer merging from the wireformat into mutable + messages rather than building up a new immutable object before merging. This + way results in fewer allocations and copy operations. + * Make message-type extensions merge from wire-format instead of building up + instances and merging afterwards. This has much better performance. + * Fix TextFormat parser to build up recurring (but supposedly not repeated) + sub-messages directly from text rather than building a new sub-message and + merging the fully formed message into the existing field. + +- update to 21.6: + C++: + * Reduce memory consumption of MessageSet parsing + +- update to 21.5: + PHP + * Added getContainingOneof and getRealContainingOneof to descriptor. + * fix PHP readonly legacy files for nested messages + Python + * Fixed comparison of maps in Python. + +- add 10355.patch to fix soversioning + +- update to 21.4: + * Reduce the required alignment of ArenaString from 8 to 4 + +- update to 21.3: + * C++ + * Add header search paths to Protobuf-C++.podspec (#10024) + * Fixed Visual Studio constinit errors (#10232) + * Fix #9947: make the ABI compatible between debug and non-debug builds (#10271) + * UPB + * Allow empty package names (fixes behavior regression in 4.21.0) + * Fix a SEGV bug when comparing a non-materialized sub-message (#10208) + * Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name) + * for x in mapping now yields keys rather than values, to match Python + conventions and the behavior of the old library. + * Lookup operations now correctly reject unhashable types as map keys. + * We implement repr() to use the same format as dict. + * Fix maps to use the ScalarMapContainer class when appropriate + * Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717) + * PHP + * Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041) + * Python + * Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118) + * Bazel + * Add back a filegroup for :well_known_protos (#10061) + +- Update to 21.2: +- C++ + - cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614) + - Escape GetObject macro inside protoc-generated code (#9739) + - Update CMake configuration to add a dependency on Abseil (#9793) + - Fix cmake install targets (#9822) + - Use __constinit only in GCC 12.2 and up (#9936) +- Java + - Update protobuf_version.bzl to separate protoc and per-language java … (#9900) +- Python + - Increment python major version to 4 in version.json for python upb (#9926) + - The C extension module for Python has been rewritten to use the upb library. + - This is expected to deliver significant performance benefits, especially when + parsing large payloads. There are some minor breaking changes, but these + should not impact most users. For more information see: + https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates +- PHP + - [PHP] fix PHP build system (#9571) + - Fix building packaged PHP extension (#9727) + - fix: reserve "ReadOnly" keyword for PHP 8.1 and add compatibility (#9633) + - fix: phpdoc syntax for repeatedfield parameters (#9784) + - fix: phpdoc for repeatedfield (#9783) + - Change enum string name for reserved words (#9780) + - chore: [PHP] fix phpdoc for MapField keys (#9536) + - Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996) +- Ruby + - Allow pre-compiled binaries for ruby 3.1.0 (#9566) + - Implement respond_to? in RubyMessage (#9677) + - [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722) + - Do not use range based UTF-8 validation in truffleruby (#9769) + - Improve range handling logic of RepeatedField (#9799) +- Other + - Fix invalid dependency manifest when using descriptor_set_out (#9647) + - Remove duplicate java generated code (#9909) + +- Do not use %%autosetup, but %%setup and %%patch on other line + * Allows building on SLE-12-SP5 + +- Add temporary patch gcc12-disable-__constinit-with-c++-11.patch + that addresses gh#protocolbuffers/protobuf#9916. + +- Remove change_desc_db.patch, because underlying bug in + gh#googleapis/python-api-core#372 has been fixed. + +- Update to 3.20.1: + - PHP + - Fix building packaged PHP extension (#9727) + - Fixed composer.json to only advertise compatibility with + PHP 7.0+. (#9819) + - Ruby + - Disable the aarch64 build on macOS until it can be fixed. (#9816) + - Other + - Fix versioning issues in 3.20.0 +- Update to 3.20.1: + - Ruby + - Dropped Ruby 2.3 and 2.4 support for CI and releases. + (#9311) + - Added Ruby 3.1 support for CI and releases (#9566). + - Message.decode/encode: Add recursion_limit option + (#9218/#9486) + - Allocate with xrealloc()/xfree() so message allocation is + visible to the + - Ruby GC. In certain tests this leads to much lower memory + usage due to more + - frequent GC runs (#9586). + - Fix conversion of singleton classes in Ruby (#9342) + - Suppress warning for intentional circular require (#9556) + - JSON will now output shorter strings for double and float + fields when possible + - without losing precision. + - Encoding and decoding of binary format will now work + properly on big-endian + - systems. + - UTF-8 verification was fixed to properly reject surrogate + code points. + - Unknown enums for proto2 protos now properly implement + proto2's behavior of + - putting such values in unknown fields. + - Java + - Revert "Standardize on Array copyOf" (#9400) + - Resolve more java field accessor name conflicts (#8198) + - Fix parseFrom to only throw InvalidProtocolBufferException + - InvalidProtocolBufferException now allows arbitrary wrapped + Exception types. + - Fix bug in FieldSet.Builder.mergeFrom + - Flush CodedOutputStream also flushes underlying + OutputStream + - When oneof case is the same and the field type is Message, + merge the + - subfield. (previously it was replaced.)’ + - Add @CheckReturnValue to some protobuf types + - Report original exceptions when parsing JSON + - Add more info to @deprecated javadoc for set/get/has + methods + - Fix initialization bug in doc comment line numbers + - Fix comments for message set wire format. + - Kotlin + - Add test scope to kotlin-test for protobuf-kotlin-lite + (#9518) + - Add orNull extensions for optional message fields. + - Add orNull extensions to all proto3 message fields. + - Python + - Dropped support for Python < 3.7 (#9480) + - Protoc is now able to generate python stubs (.pyi) with + - -pyi_out + - Pin multibuild scripts to get manylinux1 wheels back + (#9216) + - Fix type annotations of some Duration and Timestamp + methods. + - Repeated field containers are now generic in field types + and could be used in type annotations. + - Protobuf python generated codes are simplified. Descriptors + and message classes' definitions are now dynamic created in + internal/builder.py. + - Insertion Points for messages classes are discarded. + - has_presence is added for FieldDescriptor in python + - Loosen indexing type requirements to allow valid index() + implementations rather than only PyLongObjects. + - Fix the deepcopy bug caused by not copying + message_listener. + - Added python JSON parse recursion limit (default 100) + - Path info is added for python JSON parse errors + - Pure python repeated scalar fields will not able to pickle. + Convert to list first. + - Timestamp.ToDatetime() now accepts an optional tzinfo + parameter. If specified, the function returns + a timezone-aware datetime in the given time zone. If + omitted or None, the function returns a timezone-naive UTC + datetime (as previously). + - Adds client_streaming and server_streaming fields to + MethodDescriptor. + - Add "ensure_ascii" parameter to json_format.MessageToJson. + This allows smaller JSON serializations with UTF-8 or other + non-ASCII encodings. + - Added experimental support for directly assigning numpy + scalars and array. + - Improve the calculation of public_dependencies in + DescriptorPool. + - [Breaking Change] Disallow setting fields to numpy + singleton arrays or repeated fields to numpy + multi-dimensional arrays. Numpy arrays should be indexed or + flattened explicitly before assignment. + - Compiler + - Migrate IsDefault(const std::string*) and + UnsafeSetDefault(const std::string*) + - Implement strong qualified tags for TaggedPtr + - Rework allocations to power-of-two byte sizes. + - Migrate IsDefault(const std::string*) and + UnsafeSetDefault(const std::string*) + - Implement strong qualified tags for TaggedPtr + - Make TaggedPtr Set...() calls explicitly spell out the + content type. + - Check for parsing error before verifying UTF8. + - Enforce a maximum message nesting limit of 32 in the + descriptor builder to + - guard against stack overflows + - Fixed bugs in operators for RepeatedPtrIterator + - Assert a maximum map alignment for allocated values + - Fix proto1 group extension protodb parsing error + - Do not log/report the same descriptor symbol multiple + times if it contains + - more than one invalid character. + - Add UnknownFieldSet::SerializeToString and + SerializeToCodedStream. + - Remove explicit default pointers and deprecated API from + protocol compiler + - Arenas + - Change Repeated*Field to reuse memory when using arenas. + - Implements pbarenaz for profiling proto arenas + - Introduce CreateString() and CreateArenaString() for + cleaner semantics + - Fix unreferenced parameter for MSVC builds + - Add UnsafeSetAllocated to be used for one-of string + fields. + - Make Arena::AllocateAligned() a public function. + - Determine if ArenaDtor related code generation is + necessary in one place. + - Implement on demand register ArenaDtor for + InlinedStringField + - C++ + - Enable testing via CTest (#8737) + - Add option to use external GTest in CMake (#8736) + - CMake: Set correct sonames for libprotobuf-lite.so and + libprotoc.so (#8635) (#9529) + - Add cmake option protobuf_INSTALL to not install files + (#7123) + - CMake: Allow custom plugin options e.g. to generate mocks + (#9105) + - CMake: Use linker version scripts (#9545) + - Manually *struct Cord fields to work better with arenas. + - Manually destruct map fields. + - Generate narrower code + - Fix #9378 by removing + - shadowed cached_size field + - Remove GetPointer() and explicit nullptr defaults. + - Add proto_h flag for speeding up large builds + - Add missing overload for reference wrapped fields. + - Add MergedDescriptorDatabase::FindAllFileNames() + - RepeatedField now defines an iterator type instead of + using a pointer. + - Remove obsolete macros GOOGLE_PROTOBUF_HAS_ONEOF and + GOOGLE_PROTOBUF_HAS_ARENAS. + - PHP + - Fix: add missing reserved classnames (#9458) + - PHP 8.1 compatibility (#9370) + - C# + - Fix trim warnings (#9182) + - Fixes NullReferenceException when accessing + FieldDescriptor.IsPacked (#9430) + - Add ToProto() method to all descriptor classes (#9426) + - Add an option to preserve proto names in JsonFormatter + (#6307) + - Objective-C + - Add prefix_to_proto_package_mappings_path option. (#9498) + - Rename proto_package_to_prefix_mappings_path to + package_to_prefix_mappings_path. (#9552) + - Add a generation option to control use of forward + declarations in headers. (#9568) +- Add change_desc_db.patch to fix + gh#googleapis/python-api-core#372 and + gh#protocolbuffers/protobuf#9867 + +- Change Requires: zlib-devel to pkgconfig(zlib) so as not to conflict with libz-ng-compat1. + +- update to 3.19.4: + Python: + * Make libprotobuf symbols local on OSX to fix issue #9395 (#9435) + Ruby: + * Fixed a data loss bug that could occur when the number of optional fields + in a message is an exact multiple of 32 + PHP: + * Fixed a data loss bug that could occur when the number of optional fields + in a message is an exact multiple of 32. + +- Update to 3.19.3: + C++: + * Make proto2::Message::DiscardUnknownFields() non-virtual + * Separate RepeatedPtrField into its own header file + * For default floating point values of 0, consider all bits significant + * Fix shadowing warnings + * Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment + Java: + * Improve performance characteristics of UnknownFieldSet parsing + * For default floating point values of 0, consider all bits significant + * Annotate //java/com/google/protobuf/util/... with nullness annotations + * Use ArrayList copy constructor + Bazel: + * Ensure that release archives contain everything needed for Bazel + * Align dependency handling with Bazel best practices + Javascript: + * Fix ReferenceError: window is not defined when getting the global object + Ruby: + * Fix memory leak in MessageClass.encode + * Override Map.clone to use Map's dup method + * Ruby: build extensions for arm64-darwin + * Add class method Timestamp.from_time to ruby well known types + * Adopt pure ruby DSL implementation for JRuby + * Add size to Map class + * Fix for descriptor_pb.rb: google/protobuf should be required first + Python: + * Proto2 DecodeError now includes message name in error message + * Make MessageToDict convert map keys to strings + * Add python-requires in setup.py + * Add python 3.10 + +- Remove two build requires that are not needed + +- Update to 3.17.3: + C++ + * Introduce FieldAccessListener. + * Stop emitting boilerplate {Copy/Merge}From in each ProtoBuf class + * Provide stable versions of SortAndUnique(). + * Make sure to cache proto3 optional message fields when they are cleared. + * Expose UnsafeArena methods to Reflection. + * Use std::string::empty() rather than std::string::size() > 0. + * [Protoc] C++ Resolved an issue where NO_DESTROY and CONSTINIT are in incorrect order (#8296) + * Fix PROTOBUF_CONSTINIT macro redefinition (#8323) + * Delete StringPiecePod (#8353) + * Create a CMake option to control whether or not RTTI is enabled (#8347) + * Make util::Status more similar to absl::Status (#8405) + * The ::pb namespace is no longer exposed due to conflicts. + * Allow MessageDifferencer::TreatAsSet() (and friends) to override previous + calls instead of crashing. + * Reduce the size of generated proto headers for protos with string or + bytes fields. + * Move arena() operation on uncommon path to out-of-line routine + * For iterator-pair function parameter types, take both iterators by value. + * Code-space savings and perhaps some modest performance improvements in + * RepeatedPtrField. + * Eliminate nullptr check from every tag parse. + * Remove unused _$name$cached_byte_size fields. + * Serialize extension ranges together when not broken by a proto field in the + middle. + * Do out-of-line allocation and deallocation of string object in ArenaString. + * Streamline ParseContext::ParseMessage to avoid code bloat and improve + performance. + * New member functions RepeatedField::Assign, RepeatedPtrField::{Add, Assign}. + on an error path. + * util::DefaultFieldComparator will be final in a future version of protobuf. + * Subclasses should inherit from SimpleFieldComparator instead. + Kotlin + * Introduce support for Kotlin protos (#8272) + * Restrict extension setter and getter operators to non-nullable T. + Java + * Fixed parser to check that we are at a proper limit when a sub-message has + finished parsing. + * updating GSON and Guava to more recent versions (#8524) + * Reduce the time spent evaluating isExtensionNumber by storing the extension + ranges in a TreeMap for faster queries. This is particularly relevant for + protos which define a large number of extension ranges, for example when + each tag is defined as an extension. + * Fix java bytecode estimation logic for optional fields. + * Optimize Descriptor.isExtensionNumber. + * deps: update JUnit and Truth (#8319) + * Detect invalid overflow of byteLimit and return InvalidProtocolBufferException as documented. + * Exceptions thrown while reading from an InputStream in parseFrom are now + included as causes. + * Support potentially more efficient proto parsing from RopeByteStrings. + * Clarify runtime of ByteString.Output.toStringBuffer(). + * Added UnsafeByteOperations to protobuf-lite (#8426) + Python + * Add MethodDescriptor.CopyToProto() (#8327) + * Remove unused python_protobuf.{cc,h} (#8513) + * Start publishing python aarch64 manylinux wheels normally (#8530) + * Fix constness issue detected by MSVC standard conforming mode (#8568) + * Make JSON parsing match C++ and Java when multiple fields from the same + oneof are present and all but one is null. + * Fix some constness / char literal issues being found by MSVC standard conforming mode (#8344) + * Switch on "new" buffer API (#8339) + * Enable crosscompiling aarch64 python wheels under dockcross manylinux docker image (#8280) + * Fixed a bug in text format where a trailing colon was printed for repeated field. + * When TextFormat encounters a duplicate message map key, replace the current + one instead of merging. + Ruby + * Add support for proto3 json_name in compiler and field definitions (#8356) + * Fixed memory leak of Ruby arena objects. (#8461) + * Fix source gem compilation (#8471) + * Fix various exceptions in Ruby on 64-bit Windows (#8563) + * Fix crash when calculating Message hash values on 64-bit Windows (#8565) + General + * Support M1 (#8557) + +- Update to 3.15.8: + - Fixed memory leak of Ruby arena objects (#8461) + +- update to 3.15.7: + C++ + * Remove the ::pb namespace (alias) (#8423) + Ruby + * Fix unbounded memory growth for Ruby <2.7 (#8429) + * Fixed message equality in cases where the message type is different (#8434) + +- Can't assume non-existence of python38 macros in Leap. + gh#openSUSE/python-rpm-macros#107 + Test for suse_version instead. Only Tumbleweed has and needs the + python_subpackage_only support. + +- update to 3.15.6: + Ruby + * Fixed bug in string comparison logic (#8386) + * Fixed quadratic memory use in array append (#8379) + * Fixed SEGV when users pass nil messages (#8363) + * Fixed quadratic memory usage when appending to arrays (#8364) + * Ruby <2.7 now uses WeakMap too, which prevents memory leaks. (#8341) + * Fix for FieldDescriptor.get(msg) (#8330) + * Bugfix for Message.[] for repeated or map fields (#8313) + PHP + * read_property() handler is not supposed to return NULL (#8362) + Protocol Compiler + * Optional fields for proto3 are enabled by default, and no longer require + the --experimental_allow_proto3_optional flag. + C++ + * Do not disable RTTI by default in the CMake build (#8377) + * Create a CMake option to control whether or not RTTI is enabled (#8361) + * Fix PROTOBUF_CONSTINIT macro redefinition (#8323) + * MessageDifferencer: fixed bug when using custom ignore with multiple + unknown fields + * Use init_seg in MSVC to push initialization to an earlier phase. + * Runtime no longer triggers -Wsign-compare warnings. + * Fixed -Wtautological-constant-out-of-range-compare warning. + * DynamicCastToGenerated works for nullptr input for even if RTTI is disabled + * Arena is refactored and optimized. + * Clarified/specified that the exact value of Arena::SpaceAllocated() is an + implementation detail users must not rely on. It should not be used in + unit tests. + * Change the signature of Any::PackFrom() to return false on error. + * Add fast reflection getter API for strings. + * Constant initialize the global message instances + * Avoid potential for missed wakeup in UnknownFieldSet + * Now Proto3 Oneof fields have "has" methods for checking their presence in + C++. + * Bugfix for NVCC + * Return early in _InternalSerialize for empty maps. + * Adding functionality for outputting map key values in proto path logging + output (does not affect comparison logic) and stop printing 'value' in the + path. The modified print functionality is in the + MessageDifferencer::StreamReporter. + * Fixed https://github.com/protocolbuffers/protobuf/issues/8129 + * Ensure that null char symbol, package and file names do not result in a + crash. + * Constant initialize the global message instances + * Pretty print 'max' instead of numeric values in reserved ranges. + * Removed remaining instances of std::is_pod, which is deprecated in C++20. + * Changes to reduce code size for unknown field handling by making uncommon + cases out of line. + * Fix std::is_pod deprecated in C++20 (#7180) + * Fix some -Wunused-parameter warnings (#8053) + * Fix detecting file as directory on zOS issue #8051 (#8052) + * Don't include sys/param.h for _BYTE_ORDER (#8106) + * remove CMAKE_THREAD_LIBS_INIT from pkgconfig CFLAGS (#8154) + * Fix TextFormatMapTest.DynamicMessage issue#5136 (#8159) + * Fix for compiler warning issue#8145 (#8160) + * fix: support deprecated enums for GCC < 6 (#8164) + * Fix some warning when compiling with Visual Studio 2019 on x64 target (#8125) + Python + * Provided an override for the reverse() method that will reverse the internal + collection directly instead of using the other methods of the BaseContainer. + * MessageFactory.CreateProtoype can be overridden to customize class creation. + * Fix PyUnknownFields memory leak (#7928) + * Add macOS big sur compatibility (#8126) + JavaScript + * Generate `getDescriptor` methods with `*` as their `this` type. + * Enforce `let/const` for generated messages. + * js/binary/utils.js: Fix jspb.utils.joinUnsignedDecimalString to work with + negative bitsLow and low but non-zero bitsHigh parameter. (#8170) + PHP + * Added support for PHP 8. (#8105) + * unregister INI entries and fix invalid read on shutdown (#8042) + * Fix PhpDoc comments for message accessors to include "|null". (#8136) + * fix: convert native PHP floats to single precision (#8187) + * Fixed PHP to support field numbers >=2**28. (#8235) + * feat: add support for deprecated fields to PHP compiler (#8223) + * Protect against stack overflow if the user derives from Message. (#8248) + * Fixed clone for Message, RepeatedField, and MapField. (#8245) + * Updated upb to allow nonzero offset minutes in JSON timestamps. (#8258) + Ruby + * Added support for Ruby 3. (#8184) + * Rewrote the data storage layer to be based on upb_msg objects from the + upb library. This should lead to much better parsing performance, + particularly for large messages. (#8184). + * Fill out JRuby support (#7923) + * [Ruby] Fix: (SIGSEGV) gRPC-Ruby issue on Windows. memory alloc infinite + recursion/run out of memory (#8195) + * Fix jruby support to handle messages nested more than 1 level deep (#8194) + Java + * Avoid possible UnsupportedOperationException when using CodedInputSteam + with a direct ByteBuffer. + * Make Durations.comparator() and Timestamps.comparator() Serializable. + * Add more detailed error information for dynamic message field type + validation failure + * Removed declarations of functions declared in java_names.h from + java_helpers.h. + * Now Proto3 Oneof fields have "has" methods for checking their presence in + Java. + * Annotates Java proto generated *_FIELD_NUMBER constants. + * Add -assumevalues to remove JvmMemoryAccessor on Android. + C# + * Fix parsing negative Int32Value that crosses segment boundary (#8035) + * Change ByteString to use memory and support unsafe create without copy (#7645) + * Optimize MapField serialization by removing MessageAdapter (#8143) + * Allow FileDescriptors to be parsed with extension registries (#8220) + * Optimize writing small strings (#8149) + +- Updated URL to https://github.com/protocolbuffers/protobuf +- Update to v3.14.0 + Protocol Compiler + * The proto compiler no longer requires a .proto filename when it is not + generating code. + * Added flag `--deterministic_output` to `protoc --encode=...`. + * Fixed deadlock when using google.protobuf.Any embedded in aggregate options. + C++ + * Arenas are now unconditionally enabled. cc_enable_arenas no longer has + any effect. + * Removed inlined string support, which is incompatible with arenas. + * Fix a memory corruption bug in reflection when mixing optional and + non-optional fields. + * Make SpaceUsed() calculation more thorough for map fields. + * Add stack overflow protection for text format with unknown field values. + * FieldPath::FollowAll() now returns a bool to signal if an out-of-bounds + error was encountered. + * Performance improvements for Map. + * Minor formatting fix when dumping a descriptor to .proto format with + DebugString. + * UBSAN fix in RepeatedField + * When running under ASAN, skip a test that makes huge allocations. + * Fixed a crash that could happen when creating more than 256 extensions in + a single message. + * Fix a crash in BuildFile when passing in invalid descriptor proto. + * Parser security fix when operating with CodedInputStream. + * Warn against the use of AllowUnknownExtension. + * Migrated to C++11 for-range loops instead of index-based loops where + possible. This fixes a lot of warnings when compiling with -Wsign-compare. + * Fix segment fault for proto3 optional + * Adds a CMake option to build `libprotoc` separately + Java + * Bugfix in mergeFrom() when a oneof has multiple message fields. + * Fix RopeByteString.RopeInputStream.read() returning -1 when told to read + 0 bytes when not at EOF. + * Redefine remove(Object) on primitive repeated field Lists to avoid + autoboxing. + * Support "\u" escapes in textformat string literals. + * Trailing empty spaces are no longer ignored for FieldMask. + * Fix FieldMaskUtil.subtract to recursively remove mask. + * Mark enums with `@java.lang.Deprecated` if the proto enum has option + `deprecated = true;`. + * Adding forgotten duration.proto to the lite library + Python + * Print google.protobuf.NullValue as null instead of "NULL_VALUE" when it is + used outside WKT Value/Struct. + * Fix bug occurring when attempting to deep copy an enum type in python 3. + * Add a setuptools extension for generating Python protobufs + * Remove uses of pkg_resources in non-namespace packages + * [bazel/py] Omit google/__init__.py from the Protobuf runtime + * Removed the unnecessary setuptools package dependency for Python package + * Fix PyUnknownFields memory leak + PHP + * Added support for "==" to the PHP C extension + * Added `==` operators for Map and Array + * Native C well-known types + * Optimized away hex2bin() call in generated code + * New version of upb, and a new hash function wyhash in third_party + * add missing hasOneof method to check presence of oneof fields + Go: + * Update go_package options to reference google.golang.org/protobuf module. + C#: + * annotate ByteString.CopyFrom(ReadOnlySpan) as SecuritySafeCritical + * Fix C# optional field reflection when there are regular fields too + * Fix parsing negative Int32Value that crosses segment boundary + Javascript: + * JS: parse (un)packed fields conditionally +- from version 3.13.0 + PHP: + * The C extension is completely rewritten. The new C extension has significantly + better parsing performance and fixes a handful of conformance issues. It will + also make it easier to add support for more features like proto2 and proto3 presence. + * The new C extension does not support PHP 5.x. PHP 5.x users can still use pure-PHP. + C++: + * Removed deprecated unsafe arena string accessors + * Enabled heterogeneous lookup for std::string keys in maps. + * Removed implicit conversion from StringPiece to std::string + * Fix use-after-destroy bug when the Map is allocated in the arena. + * Improved the randomness of map ordering + * Added stack overflow protection for text format with unknown fields + * Use std::hash for proto maps to help with portability. + * Added more Windows macros to proto whitelist. + * Arena constructors for map entry messages are now marked "explicit" + (for regular messages they were already explicit). + * Fix subtle aliasing bug in RepeatedField::Add + * Fix mismatch between MapEntry ByteSize and Serialize with respect to unset + fields. + Python: + * JSON format conformance fixes: + * Reject lowercase t for Timestamp json format. + * Print full_name directly for extensions (no camelCase). + * Reject boolean values for integer fields. + * Reject NaN, Infinity, -Infinity that is not quoted. + * Base64 fixes for bytes fields: accept URL-safe base64 and missing padding. + * Bugfix for fields/files named "async" or "await". + * Improved the error message when AttributeError is returned from __getattr__ + in EnumTypeWrapper. + Java: + * Fixed a bug where setting optional proto3 enums with setFooValue() would + not mark the value as present. + * Add Subtract function to FieldMaskUtil. + C#: + * Dropped support for netstandard1.0 (replaced by support for netstandard1.1). + This was required to modernize the parsing stack to use the `Span` + type internally + * Add `ParseFrom(ReadOnlySequence)` method to enable GC friendly + parsing with reduced allocations and buffer copies + * Add support for serialization directly to a `IBufferWriter` or + to a `Span` to enable GC friendly serialization. + The new API is available as extension methods on the `IMessage` type + * Add `GOOGLE_PROTOBUF_REFSTRUCT_COMPATIBILITY_MODE` define to make + generated code compatible with old C# compilers (pre-roslyn compilers + from .NET framework and old versions of mono) that do not support + ref structs. Users that are still on a legacy stack that does + not support C# 7.2 compiler might need to use the new define + in their projects to be able to build the newly generated code + * Due to the major overhaul of parsing and serialization internals, + it is recommended to regenerate your generated code to achieve the best + performance (the legacy generated code will still work, but might incur + a slight performance penalty). + +- Fix the python subpackage generation + gh#openSUSE/python-rpm-macros#79 + +- Support multiple python3 flavors gh#openSUSE/python-rpm-macros#66 + +- Update to version 3.12.3; notable changes since 3.11.4: + Protocol Compiler + * [experimental] Singular, non-message typed fields in proto3 now support + presence tracking. This is enabled by adding the "optional" field label and + passing the --experimental_allow_proto3_optional flag to protoc. + * For usage info, see docs/field_presence.md. + * During this experimental phase, code generators should update to support + proto3 presence, see docs/implementing_proto3_presence.md for instructions. + * Allow duplicate symbol names when multiple descriptor sets are passed on + the command-line, to match the behavior when multiple .proto files are passed. + * Deterministic `protoc --descriptor_set_out` (#7175) + Objective-C + * Tweak the union used for Extensions to support old generated code. #7573 + * Fix for the :protobuf_objc target in the Bazel BUILD file. (#7538) + * [experimental] ObjC Proto3 optional support (#7421) + * Block subclassing of generated classes (#7124) + * Use references to Obj C classes instead of names in descriptors. (#7026) + * Revisit how the WKTs are bundled with ObjC. (#7173) + C++ + * Simplified the template export macros to fix the build for mingw32. (#7539) + * [experimental] Added proto3 presence support. + * New descriptor APIs to support proto3 presence. + * Enable Arenas by default on all .proto files. + * Documented that users are not allowed to subclass Message or MessageLite. + * Mark generated classes as final; inheriting from protos is strongly discouraged. + * Add stack overflow protection for text format with unknown fields. + * Add accessors for map key and value FieldDescriptors. + * Add FieldMaskUtil::FromFieldNumbers(). + * MessageDifferencer: use ParsePartial() on Any fields so the diff does not + fail when there are missing required fields. + * ReflectionOps::Merge(): lookup messages in the right factory, if it can. + * Added Descriptor::WellKnownTypes enum and Descriptor::well_known_type() + accessor as an easier way of determining if a message is a Well-Known Type. + * Optimized RepeatedField::Add() when it is used in a loop. + * Made proto move/swap more efficient. + * De-virtualize the GetArena() method in MessageLite. + * Improves performance of json_stream_parser.cc by factor 1000 (#7230) + * bug: #7076 undefine Windows OUT and OPTIONAL macros (#7087) + * Fixed a bug in FieldDescriptor::DebugString() that would erroneously print + an "optional" label for a field in a oneof. + * Fix bug in parsing bool extensions that assumed they are always 1 byte. + * Fix off-by-one error in FieldOptions::ByteSize() when extensions are present. + * Clarified the comments to show an example of the difference between + Descriptor::extension and DescriptorPool::FindAllExtensions. + * Add a compiler option 'code_size' to force optimize_for=code_size on all + protos where this is possible. + Ruby + * Re-add binary gems for Ruby 2.3 and 2.4. These are EOL upstream, however + many people still use them and dropping support will require more + coordination. + * [experimental] Implemented proto3 presence for Ruby. (#7406) + * Stop building binary gems for ruby <2.5 (#7453) + * Fix for wrappers with a zero value (#7195) + * Fix for JSON serialization of 0/empty-valued wrapper types (#7198) + * Call "Class#new" over rb_class_new_instance in decoding (#7352) + * Build extensions for Ruby 2.7 (#7027) + * assigning 'nil' to submessage should clear the field. (#7397) + Java + * [experimental] Added proto3 presence support. + * Mark java enum _VALUE constants as @Deprecated if the enum field is deprecated + * reduce size for enums with allow_alias set to true. + * Sort map fields alphabetically by the field's key when printing textproto. + * Fixed a bug in map sorting that appeared in -rc1 and -rc2 (#7508). + * TextFormat.merge() handles Any as top level type. + * Throw a descriptive IllegalArgumentException when calling + getValueDescriptor() on enum special value UNRECOGNIZED instead of + ArrayIndexOutOfBoundsException. + * Fixed an issue with JsonFormat.printer() where setting printingEnumsAsInts() + would override the configuration passed into includingDefaultValueFields(). + * Implement overrides of indexOf() and contains() on primitive lists returned + for repeated fields to avoid autoboxing the list contents. + * Add overload to FieldMaskUtil.fromStringList that accepts a descriptor. + * [bazel] Move Java runtime/toolchains into //java (#7190) + Python + * [experimental] Added proto3 presence support. + * [experimental] fast import protobuf module, only works with cpp generated code linked in. + * Truncate 'float' fields to 4 bytes of precision in setters for pure-Python + implementation (C++ extension was already doing this). + * Fixed a memory leak in C++ bindings. + * Added a deprecation warning when code tries to create Descriptor objects + directly. + * Fix unintended comparison between bytes and string in descriptor.py. + * Avoid printing excess digits for float fields in TextFormat. + * Remove Python 2.5 syntax compatibility from the proto compiler generated _pb2.py module code. + * Drop 3.3, 3.4 and use single version docker images for all python tests (#7396) + JavaScript + * Fix js message pivot selection (#6813) + PHP + * Persistent Descriptor Pool (#6899) + * Implement lazy loading of php class for proto messages (#6911) + * Correct @return in Any.unpack docblock (#7089) + * Ignore unknown enum value when ignore_unknown specified (#7455) + C# + * [experimental] Add support for proto3 presence fields in C# (#7382) + * Mark GetOption API as obsolete and expose the "GetOptions()" method on descriptors instead (#7491) + * Remove Has/Clear members for C# message fields in proto2 (#7429) + * Enforce recursion depth checking for unknown fields (#7132) + * Fix conformance test failures for Google.Protobuf (#6910) + * Cleanup various bits of Google.Protobuf (#6674) + * Fix latest ArgumentException for C# extensions (#6938) + * Remove unnecessary branch from ReadTag (#7289) + Other + * Add a proto_lang_toolchain for javalite (#6882) + * [bazel] Update gtest and deprecate //external:{gtest,gtest_main} (#7237) + * Add application note for explicit presence tracking. (#7390) + * Howto doc for implementing proto3 presence in a code generator. (#7407) + +- Python: Add requirement on python-six + +- Update to version 3.11.4; notable changes since 3.9.2: + * C++: Make serialization method naming consistent + * C++: Moved ShutdownProtobufLibrary() to message_lite.h. For + backward compatibility a declaration is still available + in stubs/common.h, but users should prefer message_lite.h + * C++: Removed non-namespace macro EXPECT_OK() + * C++: Removed mathlimits.h from stubs in favor of using + std::numeric_limits from C++11 + * C++: Support direct pickling of nested messages + * C++: Disable extension code gen for C# + * C++: Switch the proto parser to the faster MOMI parser + * C++: Unused imports of files defining descriptor extensions + will now be reported + * C++: Add proto2::util::RemoveSubranges to remove multiple + subranges in linear time + * C++: Support 32 bit values for ProtoStreamObjectWriter to Struct + * C++: Removed the internal-only header coded_stream_inl.h and + the internal-only methods defined there + * C++: Enforced no SWIG wrapping of descriptor_database.h + (other headers already had this restriction) + * C++: Implementation of the equivalent of the MOMI parser for + serialization. This removes one of the two serialization + routines, by making the fast array serialization routine + completely general. SerializeToCodedStream can now be + implemented in terms of the much much faster array + serialization. The array serialization regresses slightly, + but when array serialization is not possible this wins big + * C++: Add move constructor for Reflection's SetString + * Java: Remove the usage of MethodHandle, so that Android users + prior to API version 26 can use protobuf-java + * Java: Publish ProGuard config for javalite + * Java: Include unknown fields when merging proto3 messages in + Java lite builders + * Java: Have oneof enums implement a separate interface (other + than EnumLite) for clarity + * Java: Opensource Android Memory Accessors + * Java: Change ProtobufArrayList to use Object[] instead of + ArrayList for 5-10% faster parsing + * Java: Make a copy of JsonFormat.TypeRegistry at the protobuf + top level package. This will eventually replace + JsonFormat.TypeRegistry + * Java: Add Automatic-Module-Name entries to the Manifest + * Python: Add float_precision option in json format printer + * Python: Optionally print bytes fields as messages in unknown + fields, if possible + * Python: Experimental code gen (fast import protobuf module) + which only work with cpp generated code linked in + * Python: Add descriptor methods in descriptor_pool are deprecated + * Python: Added delitem for Python extension dict + * JavaScript: Remove guard for Symbol iterator for jspb.Map + * JavaScript: Remove deprecated boolean option to getResultBase64String() + * JavaScript: Change the parameter types of binaryReaderFn in + ExtensionFieldBinaryInfo to (number, ?, ?) + * JavaScript: Create dates.ts and time_of_days.ts to mirror Java + versions. This is a near-identical conversion of + c.g.type.util.{Dates,TimeOfDays} respectively + * JavaScript: Migrate moneys to TypeScript + * PHP: Increase php7.4 compatibility + * PHP: Implement lazy loading of php class for proto messages + * Ruby: Support hashes for struct initializers + * C#: Experimental proto2 support is now officially available + * C#: Change _Extensions property to normal body rather than expression + * Objective C: Remove OSReadLittle* due to alignment requirements + * Other: Override CocoaPods module to lowercase + * further bugfixes and optimisations python3 +- Refresh CVE-2023-27043-email-parsing-errors.patch to + gh#python/cpython!111116, fixing bsc#1210638 (CVE-2023-27043). + qemu +- Try to solve the qemu-kvm dependency issues on all arches + (see, e.g., bsc#1218684) + * [openSUSE][RPM] Create the legacy qemu-kvm symlink for all arches + +- Update the service file to use OBS-scm (by fvogt) +- Various fixes: + * [openSUSE][RPM] Fix enabling features on non-x86_64 (bsc#1220011, bsc#1219818) + * [openSUSE][RPM] Disable test-crypto-secret in linux-user build + * [openSUSE] Update ipxe submodule reference (bsc#1219733, bsc#1219722) + * [openSUSE][RPM] spec: allow building without spice + +- Fix a build issue of OVMF caused by + https://gitlab.com/qemu-project/qemu/-/issues/2064: + * target/i386: fix incorrect EIP in PC-relative translation blocks + * target/i386: Do not re-compute new pc with CF_PCREL + +- Update to latest upstream release, 8.2.0: + The full list of changes are available at: https://wiki.qemu.org/ChangeLog/8.2 + Highlights include: + * New virtio-sound device emulation + * New virtio-gpu rutabaga device emulation used by Android emulator + * New hv-balloon for dynamic memory protocol device for Hyper-V guests + * New Universal Flash Storage device emulation + * Network Block Device (NBD) 64-bit offsets for improved performance + * dump-guest-memory now supports the standard kdump format + * ARM: Xilinx Versal board now models the CFU/CFI, and the TRNG device + * ARM: CPU emulation support for cortex-a710 and neoverse-n2 + * ARM: architectural feature support for PACQARMA3, EPAC, Pauth2, FPAC, + FPACCOMBINE, TIDCP1, MOPS, HBC, and HPMN0 + * HPPA: CPU emulation support for 64-bit PA-RISC 2.0 + * HPPA: machine emulation support for C3700, including Astro memory + controller and four Elroy PCI bridges + * LoongArch: ISA support for LASX extension and PRELDX instruction + * LoongArch: CPU emulation support for la132 + * RISC-V: ISA/extension support for AIA virtualization support via KVM, + and vector cryptographic instructions + * RISC-V: Numerous extension/instruction cleanups, fixes, and reworks + * s390x: support for vfio-ap passthrough of crypto adapter for + protected + virtualization guests + * Tricore: support for TC37x CPU which implements ISA v1.6.2 + * Tricore: support for CRCN, FTOU, FTOHP, and HPTOF instructions + * x86: Zen support for PV console and network devices +- Patch added (from upstream stable tree): + * include/ui/rect.h: fix qemu_rect_init() mis-assignment + rav1e +- Update to version 0.6.6: + * Sync the assembly with dav1d + * Additional improvements and cleanups + * Overall speed-up typically 5.2% +- Change soname to 0_6, and at the same time set min version for + cargo-c BuildRequires to > 0.9.26, as this is needed for the new + soname to be built correctly. +- Modernize _service and spec to more current way of doing rust + packaging. +- Use ldconfig_scriptlets macro for post(un) handling. +- Fix license tag to BSD-2-Clause AND ISC + +- Fix license tag to BSD-2-Clause and AOMPL-1.0. + +- Update to version 0.6.4+0: + * Safety critical bounds checking is off-by-one in sgrproj_box_ab_internal + * Initialize `low` array in a more rust-like way in `kmeans` + * Rework mutable borrows for symbol_with_update + * Drop explicit size for macro symbol_with_update + * Use const generics for CDFContextLog + * Fix undefined behavior in CDFContextLogOps + * ec: Simplify lr_compute function + * Use a bit counter instead of a byte counter in WriterRecorder + * Minimize bounds checks in pred functions + * Use generics for BD-8 on sgrproj functions + * Use saturating_sub in sgrproj_sum_finish + * Move bounds checks out of hot loop in sgrproj + * Ensure quantizer values are non-zero with a const fn + * Optimize base quants using NonZero integers (#3115) + * Move quant tables to separate file to improve organization (#3113) + * Use is_power_of_two method in divu_gen + * Fix rounding issue in HBD CDEF code + * Hint that creating a region from an empty plane is unlikely + * Minor optimization to take_slice + * Clean up cdef_dist + * Minor optimizations + * Optimizations for weighted_sse + * Add HBD AVX2 assembly for SAD (#3099) + * ec: Manually inline `msb()` and `ilog()` for clarity (#3104) + * Comment regarding cnt being unused + * Improve naming + * Use a bit counter instead of a byte counter in EC + * Add 10-bit cdef_dist ASM + * Optimise sad_plane_internal + * Save some bounds checks on me_stats + * Minor optimization to av1_get_mv_joint + * Use chunks_exact for performance in diff method + * Integrate CfL AC x86 assembly functions + * benches: Fix alignment issue for cfl_rdo + * Move luma_ac to predict module + * Extract luma_ac_internal with const generics + * Optimise plane::as_region + * Optimise BlockSize::from_width_and_height_opt + * Improve vectorization in get_sad + * Template entropy coding functions to help optimiser + * Enable SSE2/AVX512ICL put/prep/avg x86 assembly + * Enable AVX2 12-bit Inverse Transform x86 assembly + * Enable new SSE4.1 HBD Inverse Transform x86 assembly + * Pin assert_cmd, predicates and clap in Cargo.toml for rust 1.60.0 + * Prepare for release + * Fix header coding for level_idx < 7. + +- Update to version 0.6.2+0: + * Prepare for release + * Fix new clippy lints for Rust 1.66 + * Drop BUILT_TIME_UTC + * Shorten progress text + * Bump built to 0.5.2 + * Make git2 optional + * Simplify the version string + * Specify default threads behavior + * Fix the capi deps +- Removed dependency on libgit2 + * Added rav1e-cargo-no-git-default.patch + +- Update to version 0.6.1+0: + * Fix the capi deps + * Revert "x86: Disable 8x16 16bpc inverse transforms for SSE4.1" + * inverse_transform_add: Align to dav1d EOB convention + * x86: Disable 8x16 16bpc inverse transforms for SSE4.1 + * CI: Fix up deploy workflow + * Add C API for level. + * Add level to API and CLI. + * CI: Correct format of target_cpu for x86_64 in deploy workflow + * Produced optimized binary versions from CI + * Write level stored in sequence struct. + * Bump actions/download-artifact from 2 to 3 + * Bump actions/upload-artifact from 2 to 3 + * Bump actions/cache from 2 to 3 + * Update deps + * Update cargo-c binaries url + * Add Dependabot configuration for GitHub Actions updates + * tests: Add three-pass encode with target bitrate + * Add SIMD helpers to speed up Rust get_sad (#3050) + * Replace last 16x4 and 4x16 avx2 hbd satd intrinsics with asm (#3051) + * x86: Add AVX2 HBD SATD asm for 8x8-transformed blocks (#3048) + * Bump minimum rustc to 1.60, required by clap 4 + * Update clap to 4.0 + * Remove unused regex dependency + * Cleanup log level parsing + * Replace actions-rs/toolchain with dtolnay/rust-toolchain + * Remove action-rs/cargo + * rate: Retire and separate TwoPassOutParams + * rate: Estimate target quantizer on first pass + * segmentation: Reset min_segment on data update + * Replace AVX2 HBD SATD intrinsics with ASM, for some block sizes (#3039) + * Remove arrayref dependency + * Fix new clippy lints + * Move v_frame to its own repository + * Add scales and segment thresholds to dump_lookahead_data + * Fix UB in pred_max test + * Delete build.sh + * bin: Admit more than 2 encoder passes + * Create new speed level 8, drop level 7 + * Keep the version line compatible with 0.5 + * Add back shorthand for `--verbose` and `--quiet` (#3022) + * Mention cargo-criterion + * Bump criterion version + * Update to criterion non-deprecated api + * Prepare for 0.6.0 release + * bin: Bring --photon-noise out from under unstable feature + * Update guide on how to produce target-specific builds + * CI: Deploy rav1e-ch binary tuned for modern x86_64 + * build: Handle absent CARGO_CFG_TARGET_FEATURE + * Calculate geometric mean for DistortionScale::inv_mean() + * Convert plane-level distortion scales to fixed-point + * Expand precision of DistortionScale to Q14 + * Preserve intermediate precision in get_weighted_sse + * Add DistortionScale::blog64() + * Bump several dependencies + * Remove duplicated constants + * Remove aq_strength configuration + * logexp: Correct integer part in blog32_q11 + * logexp: Correct rounding bias in blog32_q11 + * Fix new clippy lints from Rust nightly (#3006) + * Use approximate binary log in Q11 for segmentation_optimize + * Add polynomial approximations of a binary exponential and logarithm. + * segmentation: Avoid reallocation in collect::>() + * logexp: Add a fixed-point binary log in Q24 for u32 to i32 + * logexp: Rewrite blog64 so that it is const + * rate: Pivot to util::logexp functions + * logexp: Add assertion for q57 input range + * logexp: Add binary exponential in Q24 format, saturated to 47 bits. + * logexp: Add conversions between 64-bit Q57 and 32-bit Q24. + * logexp: Add tests for bexp64 and blog64 + * logexp: Add 64-bit binary exponentiation and logarithm in Q57. + * kmeans: Split k-independent inner loop into its own function + * kmeans: Tidy up all but the inner loop + * segmentation: Change precision of log(scale) to Q23 + * Add missing code for segmentation with --tune Psnr + * Derive segments by k-means of spatiotemporal scales + * Add an implementation for k-means + * Remove vergen and use built to provide the same information + * Updating QUALITY_&_SPEED_FEATURES document in regards to libaom + * Adjust chroma offsets for frame-mean spatiotemporal scale + * Compute segmentation map thresholds from the offsets + * Implement From for DistortionScale + * Use fixed-sized array in luma/chroma pred mode counts (#2989) + * Add T.35 metadata C API. + * Bump console + dav1d-sys + system-deps + * CI: Pull in dev packages from Ubuntu Kinetic + * Implement SegmentationLevel::Full again + * segmentation: Limit minimum segment to avoid lossless mode + * Use spatiotemporal scales relative to frame mean + * Clean up encode_partition_topdown() (#2984) + * CI: Fix clippy:borrow_deref_ref warnings + * CI: Fix clippy::manual_range_contains warnings + * CI: Fix clippy::derive_partial_eq_without_eq warnings + * Fix aarch64 satd compilation on gcc + * Remove always-true if statement in encode_partition_topdown() (#2980) + * Add aarch64 NEON 8-bit SATD assembly for 4x4-transformed block sizes (#2972) + * Retune constants for ssim_boost + * Add enhanced version info + * Add T.35 metadata support. + * Simplify badges in README + * Remove travis badge + * CI: Switch to codecov + * CI: Do not consider crates directory for code coverage + * Stabilize the --film-grain-table parameter + * Compute segmentation offsets dynamically + * CI: macos-11 is the latest version + * CI: Update checkout action to v3 + * CI: Remove if construct to skip CI + * Remove unused .travis CI + * Remove unmaintained gitlab CI + * CI: Remove default linker paths on Windows + * CI: Deploy rav1e-ch in a new job + * CI: Improve Windows toolchains + * Optimize `BlockSize::from_width_and_height_opt` + * Use external crate for grain table generation and parsing + * Optimize write_uleb128 function + * ci: Use release-no-lto profile for gnu deploy on Windows + * Add a release-no-lto profile + * Avoid taking ownership of Arc> in scenechange API (#2958) + * Disable undocumented_unsafe_blocks lint due to false positive regression + * Rewrite argument parsing to use Clap's derives + * Reuse plane allocations in estimate_intra_costs (#2957) + * Use a RwLock in frame_me_stats + * Replace as_tile_state_mut with a an apply function + * Simplify full_pixel_me + * Simplify the tile iterator + * Simplify the lifetime + * Move TileStateMut::enc_stats where is used + * Do not double collect the stats + * Simplify the tiler lifetimes + * Reuse me stats for lookahead + * Merge estimate_motion and motion_estimation into one function + * x86: Fix relocations in `sad_plane` + * Bump versions of aom and dav1d in CI (#2953) + * x86: Reduce code size in 8-bit film grain AVX-512 asm + * x86: Add high bit-depth film grain AVX-512 (Ice Lake) asm + * arm: Only produce the PAC/BTI .note section when targeting ELF + * arm: Add comments to #endif and #else in nonobvious cases + * arm: itx: Do clipping in all narrowing downshifts + * x86: Add 8-bit film grain AVX-512 (Ice Lake) asm + * build: Make "film_grain" vs "filmgrain" DSP file names consistent + * x86: Fix data being stored below the stack pointer in SSSE3 itx asm + * x86: Remove redundant labels and undefs in SSSE3 itx asm + * x86: Update x86inc.asm + * arm64: Add Armv8.3-A PAC support to assembly files + * x86: Add high bit-depth ipred filter AVX-512 (Ice Lake) asm + * x86: Add high bit-depth pal_pred AVX-512 (Ice Lake) asm + * x86: Add high bit-depth ipred smooth AVX-512 (Ice Lake) asm + * x86: Add high bit-depth ipred paeth AVX-512 (Ice Lake) asm + * x86/itx: Add 16x16 12bpc AVX2 transforms + * x86: Add mc.resize AVX-512 (Ice Lake) asm + * x86: Improve high bit-depth film grain AVX2 asm + * x86: Improve 8-bit film grain AVX2 asm + * x86: Fix overflow in 10-bit IDCT4 + * arm32: mc16: Fix out of bounds reads/writes in 8tap/bilin w2/w4 for vertical OBMC + * arm32: mc: Fix out of bounds reads/writes in 8tap/bilin w2/w4 for vertical OBMC + * arm64: mc16: Fix out of bounds reads/writes in 8tap/bilin w2/w4 for vertical OBMC + * arm64: mc: Fix out of bounds reads/writes in 8tap/bilin w2/w4 for vertical OBMC + * x86: Add high bitdepth mc(t)_scaled SSSE3 asm + * x86: Fix branch condition in high bit-depth put_bilin.h SSSE3 asm + * x86: Improve AVX2 generate_grain asm + * x86: Add 10-bit sgr AVX-512 (Ice Lake) asm + * x86: Add 8-bit mc(t)_scaled SSSE3 32-bit asm + * x86/itx: Add 16x8 12bpc AVX2 transforms + * x86/itx: Add 8x16 12bpc AVX2 transforms + * AArch64 Neon: Replace XTN, XTN2 pairs with single UZP1 + * AArch64 Neon: Use CMLT instead of SSHR to compute sign + * x86: Fix AVX/SSE state transitions in AVX-512 4x4 inverse transforms + * x86: Add high bitdepth wiener AVX-512 (Ice Lake) asm + * x86/itx: Add 16x4 12bpc AVX2 transforms + * x86/itx: Add 4x16 12bpc AVX2 transforms + * x86/itx: Convert 8bpc WHT to SSE2 + * x86: Fix edge padding in wiener_filter7_16bpc_ssse3 + * x86: Add high bitdepth mc blend AVX-512 (Ice Lake) asm + * x86: Add high bitdepth mc warp_affine_8x8 AVX-512 (Ice Lake) asm + * x86: Add high bitdepth mc bidir AVX-512 (Ice Lake) asm + * x86: Add high bitdepth mc bilin/8-tap AVX-512 (Ice Lake) asm + * x86/itx: Add 8x8 12bpc AVX2 transforms + * x86/itx: Add 8x4 12bpc AVX2 transforms + * x86/itx: Add 4x8 12bpc AVX2 transforms + * x86: Fix invalid memory access in cdef_filter_8x8_8bpc_avx512icl + * x86/itx: Add clipping to iadst 4x16 + * Remove lpf_stride parameter from LR filters + * Allow CDEF and LR to run sbrows in parallel + * arm64: Add Armv8.5-A BTI support to assembly files + * arm64: Change br instructions to ret for function returns + * x86/itx: Add 12-bit 4x4 transforms in AVX2 + * x86/itx: Rename rax to r6 + * x86/itx: Name constants more explicit + * x86: Add deblock loop filters AVX-512 (Ice Lake) asm + * x86: Add sgr AVX-512 (Ice Lake) asm + * x86: Add wiener_filter AVX-512 (Ice Lake) asm + * x86: Add ipred_filter AVX-512 (Ice Lake) asm + * x86: Add ipred dc/h/v/paeth/smooth/pal_pred AVX-512 (Ice Lake) asm + * x86: Add inverse transforms AVX-512 (Ice Lake) asm + * x86: Add blend AVX-512 (Ice Lake) asm + * x86: Add warp_affine_8x8 AVX-512 (Ice Lake) asm + * x86: Add mc 8-tap AVX-512 (Ice Lake) asm + * x86: Add mc put_bilin AVX-512 (Ice Lake) asm + * x86: Remove the option to disable AVX-512 + * x86: Add high bitdepth mc(t)_scaled AVX2 asm + * Simplify sgr_x_by_x calculations + * x86: Optimize shifts in 8-bit wiener_filter asm + * Support distinct 10 and 12 bit inverse transform implementations + * fix-up: x86: Add put/prep_bilin_scaled AVX2 asm + * fix-up: x86: Add bpc suffix to mc functions + * x86: Add high bitdepth cfl_ac_444 AVX2 asm + * x86: Improve high bitdepth cfl_ac AVX2 asm + * x86: Automatically convert SSE asm to AVX when compiling for AVX targets + * x86: Add 8-bit w_mask_422 and w_mask_444 SSSE3 asm + * x86: Improve high bitdepth cdef_filter AVX2 asm + * x86: Prefer tzcnt over bsr in cdef sec_shift calculations + * x86/itx: 64x64 inverse dct transforms hbd/sse4 + * x86/itx: 64x32 inverse dct transforms hbd/sse4 + * x86/itx: 64x16 inverse dct transforms hbd/sse4 + * x86/itx: 32x64 inverse dct transforms hbd/sse4 + * x86/itx: 16x64 inverse dct transforms hbd/sse4 + * x86: Add high bitdepth cdef_filter SSSE3 asm + * cdef: Remove redundant clipping + * itx/x86: rewrite .transpose4x8packed so it uses only m0-3,4&6 + * itx/x86: replace idct8x8.transpose with idct8x4.transpose4x8packed + * x86/itx: add 1/sqrt(2) (rect2) multiply macro + * x86/itx: share pass2 loop between {16,32}x32 dct^2 functions + * x86/itx: combine .write_8x8 and .round{1,2,3,4} into a single function + * x86/itx: combine .write_8x4 and .round{1,2} into a single function + * x86/itx: split dct/adst/identity pass=2 implementations for 16x8 + * x86/itx: 32x32 inverse dct transforms hbd/sse4 + * x86/itx: 32x16 inverse dct transforms hbd/sse4 + * x86/itx: 32x8 inverse dct transforms hbd/sse4 + * x86/itx: 16x32 inverse dct transforms hbd/sse4 + * x86/itx: 8x32 inverse dct transforms hbd/sse4 + * x86: Add high bitdepth mc.resize SSSE3 asm + * x86: Fix minor things in mc.resize_8bpc_ssse3 + * x86: Add high bitdepth mc.resize AVX2 asm + * x86: Add minor improvement to mc.resize_8bpc_avx2 + * x86: Add bpc suffix to mc functions + * x86/itx: merge pass=2 rounding and writing operations + * x86/itx: 32x{8,16,32} & {8,16}x32 idtx transforms hbd/sse4 + * x86/itx: replace .transpose8x8 with 2 calls to .transpose4x8packed + * x86/itx: document third argument in INV_TXFM_WxH_FN macros + * x86: Rewrite sgr8 SSSE3 asm + * x86: Add minor improvements to sgr16 SSSE3 asm + * x86/itx: 16x16 inverse transforms hbd/sse4 + * x86/itx: 16x8 inverse transforms hbd/sse4 + * x86/itx: 16x4 inverse transforms hbd/sse4 + * x86inc: Support memory operands in src1 in 3-operand instructions + * x86inc: Add stack probing on Windows + * Properly fix LOAD_MM_PERMUTATION for AVX-512 + * Replace abs() as unsigned with dedicated alternative. + * v_frame: Disable missing const fn clippy lint + * ci: Ignore tools for code coverage analysis + * ci: Ignore asm for code coverage analysis + * Reimplement sad_row as sad_plane (#2943) + * Remove explicit VEX coding from sad ASM (#2941) + * Rewrite x86 SAD row intrinsics in ASM + * Split `write_coeffs_lv_map` into smaller functions + * ci: Do not consider some directories for coverage + * Remove unused lifetime. + * ci: Enable source-based code coverage + * Silence unused variable warning. + * Use to_le_bytes in copy_to_raw_u8 (#2932) + * Improve codegen of copy_from_raw_u8 (#2930) + * Use const generics for downscale factor (#2927) + * Implement grain synthesis via photon noise tables + * Treat paths as OsString. + * Change muxer to use AsRef arguments. + * Remove a broken hawktracer annotation + * Break the scenechange module into smaller parts + * Add a mock around rayon for disabling threading + * Disable missing const fn clippy lint + * Use 64-bits for calculating 8x8 variance + * Avoid temporary allocation of block importance costs + * Remove unnecessary clones from metrics calculation + * rate: add assertion for q57 input range (#2911) + * Change non-square partition to search below the threshold + * Move complex pred modes for keyframes to s2 + * Fix memory leak when temporal RDO not in use + * Enable suboptimal_flops clippy lint (#2908) + * Also apply custom clippy lints to ivf and v_frame + * Fixes to existing clippy lints + * Enable linting functions that could be const + * Enable extra documentation lints + * Organize existing clippy lints + * Avoid multiple inlining of residual loop in SAD intrinsics (#2903) + * Improve storage of invalid and SEF frame invariants + * Fix pyramid and frame type tests + * Fix unnecessary auto-vectorization in residual loop of SAD intrinsics (#2897) + * Use a debian mirror with https support + * Update aom version and shasums for CI + * New clippy fixes from Rust 1.59 + * Fix new deprecation warnings from Clap 3.1.0 + * Cache and reuse intra costs from scenechange (#2895) + * Init Motion Est: Refine mvs when subsampling reduced + * Fix confusing scale factor (#2891) + * Speed up estimate_inter_costs again (#2890) + * Speed up estimate_inter_costs (#2889) + * Handle edges by cropping in initial motion estimation + * Simplify importance block sum in `estimate_importance_block_difference` (#2885) + * Add safety asserts for mc assembly callers + * Update to Edition 2021 + * Bump minimum Rustc to 1.56 + * Omit loop restoration on fully skipped areas + * Fix new clippy lints + * Improve codegen of `Plane::downsampled` + * Fix scale of motion estimation threshold + * Use const generics for stride_sse + * Make the doctests compile only + * Put doctests code in a separate test + * Bump minimum rust version to 1.54.0 + * Update to clap3 + * Refactor TxfmType to not have an invalid variant + * Improve codegen of av1_round_shift_array + * Use const generics for hadamard transforms (#2877) + * Add x86 assembly for cdef distortion + * Fix underflow that can occur in cdef distortion + * Use cdef_dist on smaller block and edges + * Display info for all y4m error types + * Allow passing cropped blocks sad and satd + * Fix overflow in cdef distortion + * Refactor `BlockSize` to not have an invalid variant (#2866) + * Skip transform mode search based on transform cost estimate + * Improve autovectorization of `downscale_in_place` + * Fix doc comments in speedsettings.rs + * Change non_square_partition feature to a threshold + * Silence repetitive warning on Rust nightly + * Do not call put/prep avx2 functions for ssse3 + * Organize speed settings into sub-structs + * Mark SpeedSettings struct as non-exhaustive + * Refactor the SpeedSettings impl + * Merge `no_scene_detection` and `fast_scene_detection` into one field + * Move rdo_lookahead_frames to SpeedSettings + * CI: Update to libaom to 3.2.0-2 + * Update a help message to be more relevant (#2853) + * Fix stable clippy lints for Rust 1.57 + * Use nasm-rs for nasm version check + * Better autovectorization of `spatiotemporal_scale` + * CI: Run cargo-c in offline mode + * Replace float sqrt+divide with fixed point rsqrt + * Perform UMH before resorting to full search + * CI: Always use latest grcov version + * CI: Always use latest cargo-c version + * Extend the rayon API mock to include scope() + * CI: Move to Debian Unstable for aom and dav1d + +- resolve bsc#1194113 (CVE-2018-25023) +- resolve bsc#1194119 (CVE-2021-45710) + s390-tools +- Upgrade s390-tools to version 2.31 (jsc#PED-3275, jsc#PED-3223) +- General: + * common.mak: Set default C/C++ standard to gnu11/gnu++11 +- Add new tools / libraries: + * pvapconfig: Tool to automatically configure APQNs in SE KVM guests + * s390-tools: Provide pre-commit configuration +- Changes of existing tools: + * cpuplugd: Adjust to CPU 0 being no longer hotpluggable + * dbginfo.sh: Check for Dynamic Partition Mode + * dbginfo.sh: Update man page and copyright + * rust/pv: Add user-data signing and verifying + * rust/pvsecret: Add user defined signatures and verifications + * zdev/dracut: Consolidate device configuration +- Bug Fixes: + * dbginfo.sh: Fix relative path on script copy + * libkmipclient: Fix build with libxml2-2.12.0 + * pvsecret: Fix panic if empty file is used as host key document + * rust/pv: Fix 'elided_lifetimes_in_associated_constant' warning + +- Updated read_values.c (bsc#1219227) + samba +- Remove -x from bash shebang update-apparmor-samba-profile; + (bsc#1218431). + +- Update to 4.19.4 + * net changesecretpw cannot set the machine account password if + secrets.tdb is empty; (bso#13577). + * For generating doc, take, if defined, env XML_CATALOG_FILES; + (bso#15540). + * Trivial C typo in nsswitch/winbind_nss_netbsd.c; (bso#15541). + * vfs_linux_xfs is incorrectly named; (bso#15542). + * systemd stumbled over copyright-message at smbd startup; + (bso#15377). + * Following intermediate abolute share-local symlinks is + broken; (bso#15505). + * ctdb RELEASE_IP causes a crash in release_ip if a connection + to a non-public address disconnects first; (bso#15523). + * shadow_copy2 broken when current fileset's directories are + removed; (bso#15544). + * smbd does not detect ctdb public ipv6 addresses for + multichannel exclusion; (bso#15534). + * 'force user = localunixuser' doesn't work if 'allow trusted + domains = no' is set; (bso#15469). + * smbget debug logging doesn't work; (bso#15525). + * smget: username in the smburl and interactive password entry + doesn't work; (bso#15532). + * smbget auth function doesn't set values for password prompt + correctly; (bso#15538). + * Unable to copy and write files from clients to Ceph cluster + via SMB Linux gateway with Ceph VFS module; (bso#15440). + * Multichannel refresh network information; (bso#15547). + +- Update to 4.19.3 + * sid_strings test broken by unix epoch > 1700000000; + (bso#15520). + * smbd crashes if asked to return full information on close of + a stream handle with delete on close disposition set; + (bso#15487). + * smbd: fix close order of base_fsp and stream_fsp in + smb_fname_fsp_destructor(); (bso#15521). + * Improve logging for failover scenarios; (bso#15499). + * Files without "read attributes" NFS4 ACL permission are not + listed in directories; (bso#15093). + * CVE-2018-14628 [SECURITY] Deleted Object tombstones visible + in AD LDAP to normal users; (bso#13595). + * Kerberos TGS-REQ with User2User does not work for normal + accounts; (bso#15492). + * vfs_gpfs stat calls fail due to file system permissions; + (bso#15507). + * Samba doesn't build with Python 3.12; (bso#15513). + sg3_utils +- Fix missing SCSI_MODEL and other fields for "sg_inq --export" + (bsc#1219874) + +- Fix spurious warning for non-SCSI devices (boo#1218666) +- Add 00-scsi-sg3_config.rules to dracut.conf (jsc#PED-6226, bsc#1219289) + +- Upstream bug fixes for sg3_utils 1.48 (bsc#1218591) + * sg_turs: fix missing CDB on several codepaths + * sg_dd: fix bug that identified all block devices as NVME + * rescan-scsi-bus.sh: avoid root FS going read-only with + "rescan-scsi-bus.sh -r" (gh#doug-gilbert/sg3_utils#46) + shared-mime-info +- Explicitly use gcc 13 on SLE. + +- Update to 2.4 + * Restore mimetype name for *.bz2 and *.tar.bz2 + * Improve detection of application/mac-binhex40 + * Add application/x-msdownload and subtypes + * Add Windows app store types + * Give Windows Installer packages the package icon + * Lower priority for text/x-mpsub's magic, so it doesn't match + pcb-drillFile.drl + * Add application/x-powershell + * Add application/wasm + * Change comment of text/x-mpsub + * Change comment of text/x-mpl2 + * Add text/x-component + * Give higher priority to the more specific image/apng magic + * Recognize *.jfif as image/jpeg + * Add application/its+xml + * Add text/x-vb + * Add text/x-basic + * Add new group "chemical" in update-mime-database + * Add mimetype for Protein Data Bank (pdb) files + * Remove too generic magic from application/x-pak + * Add application/json5 + * Add text/vbscript.encode + * Add text/jscript.encode + * Add text/jscript as synonym of text/javascript + * Fix backwards relationship between text/javascript and + application/ecmascript + * Add application/vnd.cups-ppd + * Add application/x-ms-shortcut + * Give application/x-mswinurl the link icon + +- Update to version 2.3: + * Add DOS/Windows batch file type + * Add Gerber and Excellon drill files + * Add JPEG XR mime type + * Add Modrinth modpack + * Add OpenVPN profile + * Add Portable Font Resource application/font-tdpfr. + * Add TAK audio mime type + * Add application/vnd.microsoft.windows.thumbnail-cache + * Add application/vnd.ms-officetheme + * Add application/x-bzip for bzip2's deprecated predecessor bzip + * Add application/x-bzip3 + * Add application/x-fishscript and application/x-nuscript + * Add application/x-ms-pdb + * Add application/x-zpaq + * Add definition and test file for StuffIt X archives. + * Add image/apng + * Add mime type for Typst files + * Add mimetype application/x-lmdb + * Add mimetype for Blueprint source code + * Add mimetype for CBOR + * Add mimetype for Devicetree source code + * Add mimetype for ERIS link files + * Add mimetype for Flattened Devicetree (binary) + * Add mimetype for Quite OK Image Format (QOI) + * Add perf data file type + * Add subclass information for .ppt and .xls + * Add support for newer AAXC Audible Audiobook format + * Add text/julia for Julia source code + * Add text/x-nim and text/x-nimscript + * Add todo.txt mime type + * Add two new languages + * Avoid meson errors when 'build-tools' is set to false + * Bump magic priority for application/ovf + * CI: Use dnf5 instead of dnf + * Change descriptions to say LibreOffice rather than OpenOffice + * Don't install man page on Windows + * Fix description for audio/x-xi + * Give application/x-raw-floppy-disk-image the floppy media icon + * Give generic optical disk images the optical media icon + * Identify .pdb files without a signature match as + application/vnd.palm + * Improve matching for message/rfc822 + * Lengthen image/png magic + * Make application/pgp-* not inherit from text/plain + * Make application/vnd.squashfs a subclass of + application/vnd.efi.img + * Make update-mime-database compatible with MSVC (by porting it + to C++) + * Prefer application/java-archive to application/x-java-archive + * Prefer application/vnd.efi.img over + application/x-raw-disk-image + * Prefer application/vnd.efi.iso over application/x-cd-image + * Prefer audio/vnd.wave over audio/x-wav + * Prefer video/vnd.avi over video/x-msvideo + * Remove "##" magic for matlab files + * Rename application/x-bzip to application/x-bzip2 + * Revert "use Title Case for mime type description" + * Update application/sieve. + * Updated to latest xdgmime + * add tiled map editor map and tileset files + * application/javascript: Rename to text/javascript + * application/vnd.dart: use IANA registered type + * application/vnd.dbf: use IANA registered type + * application/yaml: use IANA registered type + * audio/x-wav: Add missing sub-class relationship with + application/x-riff + * buildsystem - add options for building tests and translations + * ci: Use ci-templates to build image + * ci: Use detached pipelines + * icons for 3d model formats + * spec: Clarify that namespaceURI can be empty + * text/markdown: add x-office-document generic-icon + * text/vnd.familysearch.gedcom: use IANA registered type + * use Sentence case for mime type descriptions + * use Title Case for mime type description + * video/vnd.youtube.yt: add magic + * video/vnd.youtube.yt: use IANA registered type +- Add generic c++_compiler BuildRequires: shared-mime-info now + depends on a c++ compiler. + +- Filter out dependency on /usr/bin/pkg-config: this package is + installed on basically all systems, but it also contains a .pc + file. Splitting this into a -devel package seems not reasonable. + sharutils +- add sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch + +- No longer recommend -lang: supplements are in use. + +- Add -fcommon to optflags. This fixes (boo#1160292), and can be + removed if upstream releases a version which compiles with + - fno-common + +- Drop mailx BuildRequires. The "sync directories over mail" feature + has been removed in 4.11.1. + +- gnulib-libio.patch: Update gnulib for libio.h removal +- Use %license for COPYING + -- remove useless automake dependency - -- add automake as buildrequire to avoid implicit dependency - -- Recommends instead of require lang package. - -- create sharutils-lang - -- Update to 4.11.1. Changes since 2.6.3: - 4.11.1: - * mail-files was completely broken and cannot be in use. Removed. - mailshar (its wrapper script) also remvoed. - 4.10: - * test and handle clobber option correctly in generated scripts. - 4.9: - * Fix up quoting some more in the shar script messages. - Translators will not have to worry over shell quoting any more. - 4.7.1: - * uudecode will not create output file names with trailing white space - 4.7: - * fix a grammatical typo in doc/uuencode.1 - * relicense the product under GPL version 3. -- Remove unneeded dummy.diff. -- Prefix all patches with pacckage name. - -- updated patches to apply with fuzz=0 - systemd +- Import commit 3638837d2aff1d18dd677a9e663b379ccbbb7576 + fbf9f32eb7 test/test-shutdown.py: optionally display the test I/Os in a dedicated log file + cd012774df test-69: send SIGTERM to ask systemd-nspawn to properly stop the container + d883b83244 man: Document ranges for distributions config files and local config file + +- Import commit 3638837d2aff1d18dd677a9e663b379ccbbb7576 (merge of v254.9) +- Add 5012-Revert-macro-terminate-the-temporary-VA_ARGS_FOREACH.patch + The reverted commit introduced in v254.9 bumped the requirement on the version + of gcc from 4.7 to 8 which is not OK for a stable release, especially since + the backported commit does not fix any issue per se. + +- Move systemd-reboot.service from udev to the main package as this service is + useful in containers. + +- Update the version of libbpf dlopened by systemd (weak dependency) (bsc#1219440) + +- Remove gpt-auto generator (bsc#1218671) + The generator is not reliable when the devices it operates on are DM devices + and when ESP is mounted via /etc/fstab and it interfers badly in such cases. + Until SP6 this generator was present but remained disabled due to the fact + that "LoaderDevicePartUUID" EFI variable was not exported by Grub. Given this + fact and that SLE doesn't rely on this generator to mount any partitions on a + GPT disk, the generator is simply removed from udev for now. + +- Add patches that implement [jsc#PED-5659] + 5003-cgroup-rename-TasksMax-structure-to-CGroupTasksMax.patch + 5004-bus-print-properties-ignore-CGROUP_LIMIT_MAX-for-Mem.patch + 5005-bus-print-properties-prettify-more-unset-properties.patch + 5006-cgroup-Add-EffectiveMemoryMax-EffectiveMemoryHigh-an.patch + 5007-test-Convert-rlimit-test-to-subtest-of-generic-limit.patch + 5008-test-Add-effective-cgroup-limits-testing.patch + 5009-cgroup-Restrict-effective-limits-with-global-resourc.patch + 5010-cgroup-Rename-effective-limits-internal-table.patch + 5011-cgroup-Add-EffectiveMemoryMax-compatibility-for-cgro.patch + They are temporarily put in quarantine to get broader testing but should be + eventually moved to the git repo (except the latest patch, which is SUSE + specific). + +- Add 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch + 5002-Revert-udev-revert-workarounds-for-issues-caused-by-.patch + It seems that systemd upstream has a dubious way to fix broken code these + days... let's revert these hacks until a final decision is taken to solve + https://github.com/systemd/systemd/issues/28141. See also + https://github.com/systemd/systemd/pull/30075. + +- Remove pam-config call from post scriptlet of systemd-32bit as the full + package already does that. + +- Import commit 69555aed64578449a7c00aa9f6651faca26bdb7d (merge of v254.8) + It includes the following fix: + 029272750f resolved: actually check authenticated flag of SOA transaction (bsc#1218297 CVE-2023-7008) + For a complete list of changes, visit: + https://github.com/openSUSE/systemd/compare/327b885182f19f795f3af635bce0adc264bfb334...69555aed64578449a7c00aa9f6651faca26bdb7d + - Update 1017-efi-workarounds-for-building-PEs-with-gcc7.patch + systemd-presets-common-SUSE +- Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked + (bsc#1200731 ltc#198485 https://github.com/ibm-power-utilities/powerpc-utils/pull/84) + Support both the old and new service to avoid complex version interdependency. + util-linux +- Add file conflict of util-linux-tty-tools and busybox-util-linux. + +- Upgrade to version 2.39.3 (PED-7694): + * libblkid: add support for bcachefs sub-device labels + * libblkid: detect large bcachefs superblocks + * libblkid: validate that NTFS sector_size is a power of two + * libblkid: report endianness for VXFS + * libmount: Fix regression when mounting with atime + * libmount: accept '\' as escape for options separator + * libmount: gracefully handle NULL path in mnt_resolve_target() + * libmount: report statx in features list + * libsmartcols: handle nameless tables in export format + * libuuid: avoid truncation of clocks.txt to improve performance + * lscpu: fix caches separator for --parse= + * lscpu: Add Phytium FTC862 cpu model + * lsfd: fix the form for the optional argument of --inet option + in manpage + * lsfd: avoid a case of undefined behavior + * lsfd: fix a memory leak + * lslogins: fix -y option formatting in manpage + * more: avoid an out-of-bound access + * setpriv: fix some group argument completion + * setterm: avoid restoring flags from uninitialized memory + * umount: handle bindmounts during --recursive + * other changes, see: + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.39/v2.39.3-ReleaseNotes + * Changes from 2.39.2: + * libblkid: fix topology chain types mismatch + * libmount: + * handle failure to apply flags as part of a mount operation + * improve EPERM interpretation + * update documentation for MNT_ERR_APPLYFLAGS + * use mount(2) for remount on Linux < 5.14 + * use some MS_* flags as superblock flags + * setarch: add PER_LINUX_FDPIC fallback + * uuidd: improve man page for -cont-clock + * wall: do not error for ttys that do not exist + * zramctl: add hint about supported algorithms + * other changes, see: + https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.39/v2.39.2-ReleaseNotes + * Changes from 2.39.1: + * Various bug fixes including problem with parsing mount options. + https://www.kernel.org/pub/linux/utils/util-linux/v2.39/v2.39.1-ReleaseNotes + * Changes from 2.39: + * blkpr: New command to run persistent reservations ioctls on a device. + * pipesz: New command to set or examine pipe and FIFO buffer sizes. + * waitpid: New command to wait for arbitrary processes. + * mount, libmount: Supports new file descriptors based mount kernel API. + * mount, libmount: New mount options X-mount.idmap=, X-mount.auto-fstypes, + X-mount.{owner,group,mode}=, rootcontext=@target. + * renice: Supports posix-compliant -n (via POSIXLY_CORRECT) and add a new + option --relative. + * dmesg: Supports subsecond granularity for --since and --until. + * dmesg: Option --level accepts '+' prefix or postfix for a level name to specify + all higher or all lower levels. + * blkid, libblkid: Supports bcachefs. + * fstrim: New option --types to filter out by filesystem types. + * lsblk: --nvme and --virtio are new options to filter out devices. + * lsblk: Improves detection of hotplug and removable status. + * nsenter: New option --env for allowing environment variables inheritance. + * namei: New option -Z to report SELinux contexts. + * Many other new features and fixes. For complete list see + https://kernel.org/pub/linux/utils/util-linux/v2.39/v2.39-ReleaseNotes + * Changes from 2.38.1: + * column: fix buffer overflow when -l specified, fix greedy mode + on -l + * dmesg: fix --since and --until + * libmount: when moving a mount point, all sub mount entries in + utab should also be updated (bsc#1198731) + * libuuid: improve cache handling (bsc#1201959, PED-1150) + * lsblk: fix JSON output when without --bytes + * lsfd:fix crash triggered by an empty filter expression + * sulogin: fix includes (obsoletes linux-fs.patch) + * Many other fixes, improvements and code cleanup. For the + complete list see + https://www.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38.1-ReleaseNotes + * Changes from 2.38: + * first release with translated util-linux man-pages + * mount: new options --mkdir as shortcut for X-mount.mkdir + * mount, libmount: new mount options X-mount.subdir= + * lsfd: new command + * dmesg: new option --json to print kernel log in JSON format + * libfdisk: improved to set correct CHS addresses in MBR + * fstrim: ignores all /ect/fstab entries with X-fstrim.notrim + (jsc#SLE-17942) + * hardlink: now supports reflinks and new option --method= + * hwclock: new command line options --param-get and --param-set + * irqtop: new option --cpu-stat + * libblkid: supports zoned disks for btrfs + * lsblk: new options --noempty to ignore all devices with zero + size, and --zoned to print information about zones + * mkswap: new option --quiet + * nsenter: new option --wdns to change working directory within + namespace + * rename: new options --all and --last to replace all or last + occurrences of expression rather than the first one + * su: now resets RLIMIT_AS, RLIMIT_{NICE,RTPRIO}, RLIMIT_FSIZE + and RLIMIT_NOFILE reourse limits. + * unshare: new options --map-users= and --map-groups= to map + block of group IDs; new option --map-auto to map the first + block of user IDs owned by the effective user from /etc/subuid + * wdctl: new options --setpregovernor to set pre-timeout governor + name, and --setpretimeout to set watchdog pre-timeout in + seconds + * Many other new features and fixes. For the complete list see + https://www.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38-ReleaseNotes +- Port patches/libmount-print-a-blacklist-hint-for-unknown-filesyst.patch +- Drop upstreamed patches: util-linux-sulogin4bsc1175514.patch, + blockdev-remove-nbsp.patch, + util-linux-fstrim-implement-X-fstrim.notrim.patch, + util-linux-uuidd-fix-lock-state.patch, + util-linux-libuuid-extend-cache.patch (better upstream + implementation exists), + util-linux-uuidd-prevent-root-owning.patch (it should not happen + in the re-implemented libuuid), + util-linux-agetty-resolve-tty-if-stdin-is-specified.patch, + util-linux-libmount-moving-mount-point-sub-mounts.patch, + util-linux-libmount-fix-and-improve-utab-on-ms_move.patch, + util-linux-libuuid-uuid_parse-overrun.patch, + util-linux-libuuid-improve-cache-handling.patch, + util-linux-libuuid-continuous-clock-handling.patch, + util-linux-libuuid-check-clock-value.patch, + util-linux-fix-tests-when-at-symbol-in-path.patch, + util-linux-flock-limitations.patch, + util-linux-libuuid-avoid-truncate-clocks.txt-to-improve-perform.patch. +- Disable failing check fadvise/drop on ppc64le (test file does not + appear in the kernel cache at all). + +- Minor multibuild fixes (PED-307): + * Restore /bin symlinks in util-linux-systemd. + * Restore compatibility supplements and split-provides. + * Update safety check instructions. + * Prevent propagating of structured comments to scriptlets. + +- Convert to multibuild (PED-307) + xorg-x11-server -- U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch - * SELinux unlabeled GLX PBuffer (CVE-2024-0408, bsc#1218845) -- U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch - * SELinux context corruption (CVE-2024-0409, bsc#1218846) - -- bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch - * Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer - (CVE-2023-6816, bsc#1218582) -- bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch - bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch - bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch - * Reattaching to different master device may lead to out-of-bounds memory - access ((CVE-2024-0229, bsc#1218583) -- bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch - * Heap buffer overflow in XISendDeviceHierarchyEvent - (CVE-2024-21885, bsc#1218584) -- bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch - bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch - * Heap buffer overflow in DisableDevice (CVE-2024-21886, bsc#1218585) +- Release 21.1.11 also covers fixes for security issue CVE-2022-46340 + and bug numbers bsc#1205874, bsc#1217765 + +- Release 21.1.11 covers fixes for the following bug numbers, which + are not mentioned in this changelog before: bsc#1218845, + bsc#1218846, bsc#1216261, bsc#1216133, bsc#1216135 + +- Release 21.1.11 supersedes the following patches still used with + xorg-x11-server 21.1.4 on sle15-sp5/Leap 15.5 and not mentioned in + this changelog as superseded before: + * U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch + * U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch + * U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch + * U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch + * U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch + * U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch + * bsc1218582-0001-dix-allocate-enough-space-for-logical-button-maps.patch + * bsc1218583-0001-dix-Allocate-sufficient-xEvents-for-our-DeviceStateN.patch + * bsc1218583-0002-dix-fix-DeviceStateNotify-event-calculation.patch + * bsc1218583-0003-Xi-when-creating-a-new-ButtonClass-set-the-number-of.patch + * bsc1218584-0001-Xi-flush-hierarchy-events-after-adding-removing-mast.patch + * bsc1218585-0001-Xi-do-not-keep-linked-list-pointer-during-recursion.patch + * bsc1218585-0002-dix-when-disabling-a-master-float-disabled-slaved-de.patch + * U_bsc1218845-glx-Call-XACE-hooks-on-the-GLX-buffer.patch + * U_bsc1218846-ephyr-xwayland-Use-the-proper-private-key-for-cursor.patch + +- xserver sources of this release fixes segfault in Xvnc (bsc#1219311) + +- no longer (build-)require obsolete Xprint/XprintUtil + +- Update to version 21.1.11 + * This release contains fixes for the issues reported in today's security + advisory: https://lists.x.org/archives/xorg/2024-January/061525.html + * CVE-2023-6816 (bsc#1218582) + * CVE-2024-0229 (bsc#1218583) + * CVE-2024-21885 (bsc#1218584) + * CVE-2024-21886 (bsc#1218585) + * CVE-2024-0408 + * CVE-2024-0409 +- supersedes the following patches + * U_xephyr-Don-t-check-for-SeatId-anymore.patch + * U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch + * U_bsc1217766-randr-avoid-integer-truncation-in-length-check-of-Pr.patch - -- Add missing fixes on U_bsc1217765-Xi-allocate-enough-XkbActions-for-our-buttons.patch - (bsc#1217765). + - ------------------------------------------------------------------ -- U_bsc1216261-0003-dix-always-initialize-pScreen-CloseScreen.patch - * fixes a regresion, which can trigger a segfault in Xwayland on - exit, introduced by - U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch - (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261) - -- U_bsc1216261-0001-mi-fix-CloseScreen-initialization-order.patch - U_bsc1216261-0002-fb-properly-wrap-unwrap-CloseScreen.patch - * Server Damage Object Use-After-Free Local Privilege Escalation - Vulnerability (CVE-2023-5574, ZDI-CAN-21213, bsc#1216261) - -- U_bsc1216133-mi-reset-the-PointerWindows-reference-on-screen-swit.patch - * Use-after-free bug in DestroyWindow (CVE-2023-5380, ZDI-CAN-21608, - bsc#1216133) -- U_bsc1216135-Xi-randr-fix-handling-of-PropModeAppend-Prepend.patch - * fix handling of PropModeAppend/Prepend ((CVE-2023-5367, ZDI-CAN-22153, - bsc#1216135) +- Update to version 21.1.9 + * This release contains fixes for CVE-2023-5367, CVE-2023-5380 + and CVE-2023-5574 as reported in today's security advisory: + https://lists.x.org/archives/xorg-announce/2023-October/003430.html +- adjusted u_Use-better-fallbacks-to-generate-cookies-if-arc4rand.patch + +- Update to version 21.1.8 (CVE-2023-1393): + * This release contains the fix for CVE-2023-1393 + * composite: Fix use-after-free of the COW + * xkbUtils: use existing symbol names instead of deleted + deprecated ones +- Drop U_xserver-composite-Fix-use-after-free-of-the-COW.patch: + Fixed upstream +- Switch back to tarball release, drop source service, add keyring + and sig files. -- U_Xext-fix-invalid-event-type-mask-in-XTestSwapFakeInp.patch - * fixes regression introduced with security update for - CVE-2022-46340 (bsc#1205874) +- Update to version xorg-server-21.1.7: + * This release contains the fix for CVE-2023-0494 in today's security + advisory: + https://lists.x.org/archives/xorg-announce/2023-February/003320.html + It also fixes a second possible OOB access during EnqueueEvent and a + crasher caused by ResourceClientBits not correctly honouring the + MaxClients value in the configuration file. +- supersedes U_Xi-fix-potential-use-after-free-in-DeepCopyPointerCl.patch, + U_xorg-server-oob-read-enqueue-event.patch +- rename u_xorg-server-oob-read-enqueue-event.patch to + U_xorg-server-oob-read-enqueue-event.patch since it's already + upstream + +- Add u_xorg-server-oob-read-enqueue-event.patch: fix an + out-of-bounds read in EnqueueEvent. + +- Update to version xorg-server-21.1.6: + * xserver 21.1.6 + * Xext: fix invalid event type mask in XTestSwapFakeInput + * xkb: fix some possible memleaks in XkbGetKbdByName + * xkb: proof GetCountedString against request length attacks + * xquartz: Fix some formatting + * XQuartz: stub: Call LSOpenApplication instead of fork()/exec() +- drop the following upstream patches: + U_xkb-proof-GetCountedString-against-request-length-at.patch + U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch + +- Update to version xorg-server-21.1.5: + * xkb: reset the radio_groups pointer to NULL after freeing it + * Xi: avoid integer truncation in length check of ProcXIChangeProperty + * Xi: return an error from XI property changes if verification failed + * Xext: free the screen saver resource when replacing it + * Xext: free the XvRTVideoNotify when turning off from the same client + * Xi: disallow passive grabs with a detail > 255 + * Xtest: disallow GenericEvents in XTestSwapFakeInput + * meson: Don't build COMPOSITE for XQuartz + * xquartz: Move default applications list outside of the main executable + * xquartz: Remove unused macro (X11LIBDIR) +- drop the following upstream patches: + U_0007-xkb-reset-the-radio_groups-pointer-to-NULL-after-fre.patch + U_0002-Xi-return-an-error-from-XI-property-changes-if-verif.patch + U_0003-Xi-avoid-integer-truncation-in-length-check-of-ProcX.patch + U_0004-Xi-disallow-passive-grabs-with-a-detail-255.patch + U_0005-Xext-free-the-screen-saver-resource-when-replacing-i.patch + U_0006-Xext-free-the-XvRTVideoNotify-when-turning-off-from-.patch + U_0001-Xtest-disallow-GenericEvents-in-XTestSwapFakeInput.patch + xscreensaver -- Update xscreensaver-disable-upgrade-nagging-message.patch to - cover new messages. (boo#1206345, bsc#1217318) +- update to 6.08: + * fixes for other platforms + +- update to 6.07: + * New hacks, droste, skulloop, papercube and cubocteversion + * xscreensaver-settings was sometimes turning off the DPMS + checkbox + * Log pid of caller of deactivate command, to give a hint about + who is preventing the screen from blanking + * Updates to sphereeversion. + * Added some new map sources to mapscroller. + * Various other minor bug fixes. +- leave a nice notice for a very angry upstream developer in + xscreensaver-disable-upgrade-nagging-message.patch +- drop xscreensaver-bsc1204744.patch, included upstream + +- Drop obsolete patch (bsc#1203594). + - xscreensaver-slideshow-dri-detect.patch +- Use autosetup + +- Added spec file changes to handle hard-coded PAM directories. + * bsc#1204744 -- Drop obsolete patch (bsc#1203594). - - xscreensaver-slideshow-dri-detect.patch -- Use autosetup +- Migration of PAM settings to /usr/lib/pam.d. + +- update to 6.06: + * New hack hextrail + * marbling works again + * Adjust old hacks for higher resolution displays + * X11: More robust desktop image grabbing. + * X11: Various improvements to xscreensaver-settings + * X11: Supports "Lock" messages from systemd, e.g. when + logind.conf has "HandleLidSwitch=lock" instead of "suspend". + * Retired thornbird, which is redundant with discrete. +- drop xscreensaver-gtk3.patch, upstream + +- fix removal of nagging message boo#1206345 + +- update to version 6.05.1: + * Cope with dumb DPMS settings that existed pre-startup. + * Silence new Perl warnings from xscreensaver-getimage-file. + * Fix sonar pthreads crash on recent Pi systems. + * Removed dependence on gdk-pixbuf-xlib-2.0. + * GTK 3 is now required. + * New hacks, nakagin and chompytower. + * Settings dialog shows diagnostics for bad image folders and + feeds. + * URLs for imageDirectory can now point at archive.org + collections. + * Sliders for various "Speed" preferences are easier to use. + * Settings dialog shows saver description below embedded preview. + * Better behavior when zero monitors are attached. + * Improvements to inhibiting blanking while videos are playing: + No longer necessary to hack GNOME and KDE to get them to not + usurp the org.freedesktop.ScreenSaver endpoint. + * unicrud displays character names. + * Updated webcollage. +- Ignore selected unbrecognized options generated by %%configure + (xscreensaver-unrecognized-opts.patch). +- Properly find gtk3 directories (xscreensaver-gtk3.patch). +- Refresh xscreensaver-bug-reports.patch, + xscreensaver-default-screensaver.patch, + xscreensaver-fireworkx-man.patch. +- Fix build with autoconf 2.71: call sed only after autoreconf. + autoconf 2.71 internally calls intltoolize again, overwriting + po/Makefile.in.in. + +- Copy config.rpath from gettext to have autoreconf work for autoconf + 2.71 + xz -- Fix ZDI-CAN-16587 Fix escaping of malicious filenames - (ZDI-CAN-16587 bsc#1198062 CVE-2022-1271) - * bsc1198062.patch +- Build static library on SLE + +- update to 5.4.6: + * Fixed a bug involving internal function pointers in liblzma + not being initialized to NULL. The bug can only be + triggered if lzma_filters_update() is called on a LZMA1 + encoder, so it does not affect xz or any application known + to us that uses liblzma. + * Fixed a regression introduced in 5.4.2 that caused + encoding in the raw format to unnecessarily fail if --suffix + was not used. For instance, the following command no longer + reports that --suffix must be used: + echo foo | xz --format=raw --lzma2 | wc -c + * Fixed an issue on MinGW-w64 builds that prevented + reading from or writing to non-terminal character devices + like NUL. + * Added a new test. + +- Update to version 5.4.5: + * liblzma: + - Fixed an assertion failure that could be triggered by a large + unpadded_size argument. It was verified that there was no + other bug than the assertion failure. + - Fixed a bug that prevented building with Windows Vista + threading when __attribute__((__constructor__)) is not + supported. + * xz now properly handles special files such as "con" or "nul" on + Windows. Before this fix, the following wrote "foo" to the + console and deleted the input file "con_xz": + echo foo | xz > con_xz + xz --suffix=_xz --decompress con_xz + * Small fixes and improvements to the tests. + * Updated translations: Chinese (simplified) and Esperanto. + +- xznew: Remove bashsism. +- build: pass CONFIG_SHELL=/bin/sh to configure: the posix tools + are setting the current SHELL as the shebang, which is overkill: + any posix compliant shell, aka /bin/sh, is sufficient. + +- Update to version 5.4.4: + * liblzma and xzdec can now build against WASI SDK when threading + support is disabled. xz and tests don't build yet. + * documentation update + * translations update + +- Update to version 5.4.3: + * Build system fixes + * Translation updates: Croatian +- update signing key + +- Update license tag, there is GPL-3.0-or-later code too. + +- Update to version 5.4.2: + * All fixes from 5.2.11 that were not included in 5.4.1. + * If xz is built with support for the Capsicum sandbox but running + in an environment that doesn't support Capsicum, xz now runs + normally without sandboxing instead of exiting with an error. + * liblzma: + - Documentation was updated to improve the style, consistency, + and completeness of the liblzma API headers. + - The Doxygen-generated HTML documentation for the liblzma API + header files is now included in the source release and is + installed as part of "make install". All JavaScript is + removed to simplify license compliance and to reduce the + install size. + - Fixed a minor bug in lzma_str_from_filters() that produced + too many filters in the output string instead of reporting + an error if the input array had more than four filters. This + bug did not affect xz. + * Build systems: + - autogen.sh now invokes the doxygen tool via the new wrapper + script doxygen/update-doxygen, unless the command line option + - -no-doxygen is used. + - Added microlzma_encoder.c and microlzma_decoder.c to the + VS project files for Windows and to the CMake build. These + should have been included in 5.3.2alpha. + * Tests: + - Added a test to the CMake build that was forgotten in the + previous release. + - Added and refactored a few tests. + * Translations: + - Updated the Brazilian Portuguese translation. + - Added Brazilian Portuguese man page translation. + +- Build AVX2 enabled hwcaps library for x86_64-v3 + +- update to 5.4.1: + * liblzma: + - Fixed the return value of lzma_microlzma_encoder() if the + LZMA options lc/lp/pb are invalid. Invalid lc/lp/pb options + made the function return LZMA_STREAM_END without encoding + anything instead of returning LZMA_OPTIONS_ERROR. + * Tests: + - Fixed test script compatibility with ancient /bin/sh + versions. Now the five test_compress_* tests should + no longer fail on Solaris 10. + - Added and refactored a few tests. + * Translations: + - Updated the Catalan and Esperanto translations. + - Added Korean and Ukrainian man page translations. + +- update to 5.4.0: + This bumps the minor version of liblzma because new features were + added. The API and ABI are still backward compatible with liblzma + 5.2.x and 5.0.x. + Summary of new features added in the 5.3.x development releases: + * liblzma: + - Added threaded .xz decompressor lzma_stream_decoder_mt(). + It can use multiple threads with .xz files that have multiple + Blocks with size information in Block Headers. The threaded + encoder in xz has always created such files. + Single-threaded encoder cannot store the size information in + Block Headers even if one used LZMA_FULL_FLUSH to create + multiple Blocks, so this threaded decoder cannot use multiple + threads with such files. + If there are multiple Streams (concatenated .xz files), one + Stream will be decompressed completely before starting the + next Stream. + - A new decoder flag LZMA_FAIL_FAST was added. It makes the + threaded decompressor report errors soon instead of first + flushing all pending data before the error location. + - New Filter IDs: + * LZMA_FILTER_ARM64 is for ARM64 binaries. + * LZMA_FILTER_LZMA1EXT is for raw LZMA1 streams that don't + necessarily use the end marker. + - Added lzma_str_to_filters(), lzma_str_from_filters(), and + lzma_str_list_filters() to convert a preset or a filter chain + string to a lzma_filter[] and vice versa. These should make + it easier to write applications that allow users to specify + custom compression options. + - Added lzma_filters_free() which can be convenient for freeing + the filter options in a filter chain (an array of lzma_filter + structures). + - lzma_file_info_decoder() to makes it a little easier to get + the Index field from .xz files. This helps in getting the + uncompressed file size but an easy-to-use random access + API is still missing which has existed in XZ for Java for + a long time. + - Added lzma_microlzma_encoder() and lzma_microlzma_decoder(). + It is used by erofs-utils and may be used by others too. + The MicroLZMA format is a raw LZMA stream (without end marker) + whose first byte (always 0x00) has been replaced with + bitwise-negation of the LZMA properties (lc/lp/pb). It was + created for use in EROFS but may be used in other contexts + as well where it is important to avoid wasting bytes for + stream headers or footers. The format is also supported by + XZ Embedded (the XZ Embedded version in Linux got MicroLZMA + support in Linux 5.16). + The MicroLZMA encoder API in liblzma can compress into a + fixed-sized output buffer so that as much data is compressed + as can be fit into the buffer while still creating a valid + MicroLZMA stream. This is needed for EROFS. + - Added lzma_lzip_decoder() to decompress the .lz (lzip) file + format version 0 and the original unextended version 1 files. + Also lzma_auto_decoder() supports .lz files. + - lzma_filters_update() can now be used with the multi-threaded + encoder (lzma_stream_encoder_mt()) to change the filter chain + after LZMA_FULL_BARRIER or LZMA_FULL_FLUSH. + - In lzma_options_lzma, allow nice_len = 2 and 3 with the match + finders that require at least 3 or 4. Now it is internally + rounded up if needed. + - CLMUL-based CRC64 on x86-64 and E2K with runtime processor + detection. On 32-bit x86 it currently isn't available unless + - -disable-assembler is used which can make the non-CLMUL + CRC64 slower; this might be fixed in the future. + - Building with --disable-threads --enable-small + is now thread-safe if the compiler supports + __attribute__((__constructor__)). + * xz: + - Using -T0 (--threads=0) will now use multi-threaded encoder + even on a single-core system. This is to ensure that output + from the same xz binary is identical on both single-core and + multi-core systems. + - --threads=+1 or -T+1 is now a way to put xz into + multi-threaded mode while using only one worker thread. + The + is ignored if the number is not 1. + - A default soft memory usage limit is now used for compression + when -T0 is used and no explicit limit has been specified. + This soft limit is used to restrict the number of threads + but if the limit is exceeded with even one thread then xz + will continue with one thread using the multi-threaded + encoder and this limit is ignored. If the number of threads + is specified manually then no default limit will be used; + this affects only -T0. + This change helps on systems that have very many cores and + using all of them for xz makes no sense. Previously xz -T0 + could run out of memory on such systems because it attempted + to reserve memory for too many threads. + This also helps with 32-bit builds which don't have a large + amount of address space that would be required for many + threads. The default soft limit for -T0 is at most 1400 MiB + on all 32-bit platforms. + - Previously a low value in --memlimit-compress wouldn't cause + xz to switch from multi-threaded mode to single-threaded mode + if the limit cannot otherwise be met; xz failed instead. Now + xz can switch to single-threaded mode and then, if needed, + scale down the LZMA2 dictionary size too just like it already + did when it was started in single-threaded mode. + - The option --no-adjust no longer prevents xz from scaling down + the number of threads as that doesn't affect the compressed + output (only performance). Now --no-adjust only prevents + adjustments that affect compressed output, that is, with + - -no-adjust xz won't switch from multi-threaded mode to + single-threaded mode and won't scale down the LZMA2 + dictionary size. + - Added a new option --memlimit-mt-decompress=LIMIT. This is + used to limit the number of decompressor threads (possibly + falling back to single-threaded mode) but it will never make + xz refuse to decompress a file. This has a system-specific + default value because without any limit xz could end up + allocating memory for the whole compressed input file, the + whole uncompressed output file, multiple thread-specific + decompressor instances and so on. Basically xz could + attempt to use an insane amount of memory even with fairly + common files. The system-specific default value is currently + the same as the one used for compression with -T0. + The new option works together with the existing option + - -memlimit-decompress=LIMIT. The old option sets a hard limit + that must not be exceeded (xz will refuse to decompress) + while the new option only restricts the number of threads. + If the limit set with --memlimit-mt-decompress is greater + than the limit set with --memlimit-compress, then the latter + value is used also for --memlimit-mt-decompress. + - Added new information to the output of xz --info-memory and + new fields to the output of xz --robot --info-memory. + - In --lzma2=nice=NUMBER allow 2 and 3 with all match finders + now that liblzma handles it. + - Don't mention endianness for ARM and ARM-Thumb filters in + - -long-help. The filters only work for little endian + instruction encoding but modern ARM processors using + big endian data access still use little endian + instruction encoding. So the help text was misleading. + In contrast, the PowerPC filter is only for big endian + 32/64-bit PowerPC code. Little endian PowerPC would need + a separate filter. + - Added decompression support for the .lz (lzip) file format + version 0 and the original unextended version 1. It is + autodetected by default. See also the option --format on + the xz man page. + - Sandboxing enabled by default: + * Capsicum (FreeBSD) + * pledge(2) (OpenBSD) + * Scripts now support the .lz format using xz. + * A few new tests were added. + * The liblzma-specific tests are now supported in CMake-based + builds too ("make test"). + +- update to 5.2.10: + * xz: Don't modify argv[] when parsing the --memlimit* and + - -block-list command line options. This fixes confusing + arguments in process listing (like "ps auxf"). + * GNU/Linux only: Use __has_attribute(__symver__) to detect if + that attribute is supported. This fixes build on Mandriva where + Clang is patched to define __GNUC__ to 11 by default (instead + of 4 as used by Clang upstream). + * liblzma: + - Fixed an infinite loop in LZMA encoder initialization + if dict_size >= 2 GiB. + - Fixed two cases of invalid free() that can happen if + a tiny allocation fails in encoder re-initialization + or in lzma_filters_update(). These bugs had some + similarities with the bug fixed in 5.2.7. + - Fixed lzma_block_encoder() not allowing the use of + LZMA_SYNC_FLUSH with lzma_code() even though it was + documented to be supported. The sync-flush code in + the Block encoder was already used internally via + lzma_stream_encoder(), so this was just a missing flag + in the lzma_block_encoder() API function. + - GNU/Linux only: Don't put symbol versions into static + liblzma as it breaks things in some cases (and even if + it didn't break anything, symbol versions in static + libraries are useless anyway). The downside of the fix + is that if the configure options --with-pic or --without-pic + are used then it's not possible to build both shared and + static liblzma at the same time on GNU/Linux anymore; + with those options --disable-static or --disable-shared + must be used too. +- drop unused xz-devel-static which is no longer supported when using + - -with-pic (which is needed for shared libs) + +- Rename xz-static-devel -> xz-devel-static to follow the general + naming used in openSUSE. + +- Update to 5.2.8: + * xz: + - If xz cannot remove an input file when it should, this + is now treated as a warning (exit status 2) instead of + an error (exit status 1). This matches GNU gzip and it + is more logical as at that point the output file has + already been successfully closed. + - Fix handling of .xz files with an unsupported check type. + Previously such printed a warning message but then xz + behaved as if an error had occurred (didn't decompress, + exit status 1). Now a warning is printed, decompression + is done anyway, and exit status is 2. This used to work + slightly before 5.0.0. In practice this bug matters only + if xz has been built with some check types disabled. As + instructed in PACKAGERS, such builds should be done in + special situations only. + - Fix "xz -dc --single-stream tests/files/good-0-empty.xz" + which failed with "Internal error (bug)". That is, + - -single-stream was broken if the first .xz stream in + the input file didn't contain any uncompressed data. + - Fix displaying file sizes in the progress indicator when + working in passthru mode and there are multiple input files. + Just like "gzip -cdf", "xz -cdf" works like "cat" when the + input file isn't a supported compressed file format. In + this case the file size counters weren't reset between + files so with multiple input files the progress indicator + displayed an incorrect (too large) value. + * liblzma: + - API docs in lzma/container.h: + * Update the list of decoder flags in the decoder + function docs. + * Explain LZMA_CONCATENATED behavior with .lzma files + in lzma_auto_decoder() docs. + - OpenBSD: Use HW_NCPUONLINE to detect the number of + available hardware threads in lzma_physmem(). + - Fix use of wrong macro to detect x86 SSE2 support. + __SSE2_MATH__ was used with GCC/Clang but the correct + one is __SSE2__. The first one means that SSE2 is used + for floating point math which is irrelevant here. + The affected SSE2 code isn't used on x86-64 so this affects + only 32-bit x86 builds that use -msse2 without -mfpmath=sse + (there is no runtime detection for SSE2). It improves LZMA + compression speed (not decompression). + - Fix the build with Intel C compiler 2021 (ICC, not ICX) + on Linux. It defines __GNUC__ to 10 but doesn't support + the __symver__ attribute introduced in GCC 10. + * Scripts: Ignore warnings from xz by using --quiet --no-warn. + This is needed if the input .xz files use an unsupported + check type. + * Translations: + - Updated Croatian and Turkish translations. + - One new translations wasn't included because it needed + technical fixes. It will be in upcoming 5.4.0. No new + translations will be added to the 5.2.x branch anymore. + - Renamed the French man page translation file from + fr_FR.po to fr.po and thus also its install directory + (like /usr/share/man/fr_FR -> .../fr). + - Man page translations for upcoming 5.4.0 are now handled + in the Translation Project. + * Update doc/faq.txt a little so it's less out-of-date. + +- Move localised man pages to lang subpackage + +- update to 5.2.7: + * liblzma: + - Add API doc note about the .xz decoder LZMA_MEMLIMIT_ERROR bug. + - Add dest and src NULL checks to lzma_index_cat. + The documentation states LZMA_PROG_ERROR can be returned from + lzma_index_cat. Previously, lzma_index_cat could not return + LZMA_PROG_ERROR. Now, the validation is similar to + lzma_index_append, which does a NULL check on the index + parameter. + - Fix copying of check type statistics in lzma_index_cat(). + The check type of the last Stream in dest was never copied to + dest->checks (the code tried to copy it but it was done too late). + This meant that the value returned by lzma_index_checks() would + only include the check type of the last Stream when multiple + lzma_indexes had been concatenated. + In xz --list this meant that the summary would only list the + check type of the last Stream, so in this sense this was only + a visual bug. However, it's possible that some applications + use this information for purposes other than merely showing + it to the users in an informational message. I'm not aware of + such applications though and it's quite possible that such + applications don't exist. + Regular streamed decompression in xz or any other application + doesn't use lzma_index_cat() and so this bug cannot affect them. + - Stream decoder: Fix restarting after LZMA_MEMLIMIT_ERROR. + If lzma_code() returns LZMA_MEMLIMIT_ERROR it is now possible + to use lzma_memlimit_set() to increase the limit and continue + decoding. This was supposed to work from the beginning but + there was a bug. With other decoders (.lzma or threaded .xz) + this already worked correctly. + - lzma_filters_copy: Keep dest[] unmodified if an error occurs. + lzma_stream_encoder() and lzma_stream_encoder_mt() always assumed + this. Before this patch, failing lzma_filters_copy() could result + in free(invalid_pointer) or invalid memory reads in stream_encoder.c + or stream_encoder_mt.c. + To trigger this, allocating memory for a filter options structure + has to fail. These are tiny allocations so in practice they very + rarely fail. + Certain badness in the filter chain array could also make + lzma_filters_copy() fail but both stream_encoder.c and + stream_encoder_mt.c validate the filter chain before + trying to copy it, so the crash cannot occur this way. + - lzma_index_append: Add missing integer overflow check. + The documentation in src/liblzma/api/lzma/index.h suggests that + both the unpadded (compressed) size and the uncompressed size + are checked for overflow, but only the unpadded size was checked. + The uncompressed check is done first since that is more likely to + occur than the unpadded or index field size overflows. + - Vaccinate against an ill patch from RHEL/CentOS 7. + * xzgrep: + - Fix compatibility with old shells. + Turns out that some old shells don't like apostrophes (') inside + command substitutions. The problem was introduced by commits + 69d1b3fc29677af8ade8dc15dba83f0589cb63d6 (2022-03-29), + bd7b290f3fe4faeceb7d3497ed9bf2e6ed5e7dc5 (2022-07-18), and + a648978b20495b7aa4a8b029c5a810b5ad9d08ff (2022-07-19). + 5.2.6 is the only stable release that included + this problem. + * Translations: Add Turkish translation. + +- update to 5.2.6 (CVE-2022-1271, bsc#1198062): + * xz: + - The --keep option now accepts symlinks, hardlinks, and + setuid, setgid, and sticky files. + - When copying metadata from the source file to the destination + file, don't try to set the group (GID) if it is already set + correctly. This avoids a failure on OpenBSD (and possibly on + a few other OSes) where files may get created so that their + group doesn't belong to the user, and fchown(2) can fail even + if it needs to do nothing. + - Cap --memlimit-compress to 2000 MiB instead of 4020 MiB on + MIPS32 because on MIPS32 userspace processes are limited + to 2 GiB of address space. + * liblzma: + - Fixed a missing error-check in the threaded encoder. If a + small memory allocation fails, a .xz file with an invalid + Index field would be created. Decompressing such a file would + produce the correct output but result in an error at the end. + Thus this is a "mild" data corruption bug. Note that while + a failed memory allocation can trigger the bug, it cannot + cause invalid memory access. + - The decoder for .lzma files now supports files that have + uncompressed size stored in the header and still use the + end of payload marker (end of stream marker) at the end + of the LZMA stream. Such files are rare but, according to + the documentation in LZMA SDK, they are valid. + doc/lzma-file-format.txt was updated too. + - Improved 32-bit x86 assembly files: + * Support Intel Control-flow Enforcement Technology (CET) + * Use non-executable stack on FreeBSD. + * xzgrep: + - Fixed arbitrary command injection via a malicious filename + (CVE-2022-1271, ZDI-CAN-16587). A standalone patch for + this was released to the public on 2022-04-07. A slight + robustness improvement has been made since then and, if + using GNU or *BSD grep, a new faster method is now used + that doesn't use the old sed-based construct at all. This + also fixes bad output with GNU grep >= 3.5 (2020-09-27) + when xzgrepping binary files. + - Fixed detection of corrupt .bz2 files. + - Improved error handling to fix exit status in some situations + and to fix handling of signals: in some situations a signal + didn't make xzgrep exit when it clearly should have. It's + possible that the signal handling still isn't quite perfect + but hopefully it's good enough. + - Documented exit statuses on the man page. + - xzegrep and xzfgrep now use "grep -E" and "grep -F" instead + of the deprecated egrep and fgrep commands. + - Fixed parsing of the options -E, -F, -G, -P, and -X. The + problem occurred when multiple options were specied in + a single argument, for example, + echo foo | xzgrep -Fe foo + treated foo as a filename because -Fe wasn't correctly + split into -F -e. + - Added zstd support. + * xzdiff/xzcmp: + - Fixed wrong exit status. Exit status could be 2 when the + correct value is 1. + - Documented on the man page that exit status of 2 is used + for decompression errors. + - Added zstd support. + * xzless: + - Fix less(1) version detection. It failed if the version number + from "less -V" contained a dot. + +- use https urls. + +- Upgrade old rpm constructs. + +- Update to 5.2.5: + * liblzma: + - Fixed several C99/C11 conformance bugs. Now the code is clean + under gcc/clang -fsanitize=undefined. Some of these changes + might have a negative effect on performance with old GCC + versions or compilers other than GCC and Clang. The configure + option --enable-unsafe-type-punning can be used to (mostly) + restore the old behavior but it shouldn't normally be used. + - Improved API documentation of lzma_properties_decode(). + - Added a very minor encoder speed optimization. + * xz: + - Fixed a crash in "xz -dcfv not_an_xz_file". All four options + were required to trigger it. The crash occurred in the + progress indicator code when xz was in passthru mode where + xz works like "cat". + - Fixed an integer overflow with 32-bit off_t. It could happen + when decompressing a file that has a long run of zero bytes + which xz would try to write as a sparse file. Since the build + system enables large file support by default, off_t is + normally 64-bit even on 32-bit systems. + - Fixes for --flush-timeout: + * Fix semi-busy-waiting. + * Avoid unneeded flushes when no new input has arrived + since the previous flush was completed. + - Added a special case for 32-bit xz: If --memlimit-compress is + used to specify a limit that exceeds 4020 MiB, the limit will + be set to 4020 MiB. The values "0" and "max" aren't affected + by this and neither is decompression. This hack can be + helpful when a 32-bit xz has access to 4 GiB address space + but the specified memlimit exceeds 4 GiB. This can happen + e.g. with some scripts. + - Capsicum sandbox is now enabled by default where available + (FreeBSD >= 10). The sandbox debug messages (xz -vv) were + removed since they seemed to be more annoying than useful. + +- Do not recommend lang package. The lang package already has a supplements. + +- Use FAT LTO objects in order to provide proper static library. +- xz 5.2.4: + * liblzma: + - Allow 0 as memory usage limit instead of returning + LZMA_PROG_ERROR. Now 0 is treated as if 1 byte was specified, + which effectively is the same as 0. + - Use "noexcept" keyword instead of "throw()" in the public + headers when a C++11 (or newer standard) compiler is used. + - Added a portability fix for recent Intel C Compilers. + * xz: + - Fix "xz --list --robot missing_or_bad_file.xz" which would + try to print an unitialized string and thus produce garbage + output. Since the exit status is non-zero, most uses of such + a command won't try to interpret the garbage output. + - "xz --list foo.xz" could print "Internal error (bug)" in a + corner case where a specific memory usage limit had been set. + yast2-installation +- Restore the selected products after reloading the package + manager, properly install all products for new modules and + extensions when upgrading from SLE12 (bsc#1218391) +- 4.6.10 + yast2-network +- Consider firmware configured interfaces as non bridgeable + (bsc#1218595). +- 4.6.8 + yast2-packager +- SLE HPC is not a base product anymore, it is replaced by + SLES + HPC module, added migration mapping (jsc#PED-7841) +- 4.6.7 + +- Fixed ERB template loading in self update, if the template + cannot be found using a relative path then fallback to the + absolute path (bsc#1219174) +- 4.6.6 + yast2-storage-ng +- jsc#PED-6407 + - new env variable YAST_REUSE_LVM for reusing LVM in new + installation. It can be used as linuxrc boot param. +- 4.6.15 +