Container summary for

SUSE-IU-2022:811-1

This update for gpg2 fixes the following security issue:

• CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2' option (bsc#1096745).

This update for curl provides the following fix:

• Use OPENSSL_config() instead of CONF_modules_load_file() to avoid crashes due to conflicting openssl engines. (bsc#1086367)

This update for rsyslog fixes the following security issue:

• CVE-2015-3243: Prevent weak permissions for generated log files, which allowed local users to obtain sensitive information (bsc#935393).

This update for perl fixes the following issues:

• CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files (bsc#1096718)

This update for timezone provides the following fixes:

• North Korea switches back from +0830 to +09 on 2018-05-05.
• Ireland's standard time is in the summer, with negative DST offset to standard time used in Winter. (bsc#1073299)
• yast2-country is no longer setting TIMEZONE in /etc/sysconfig/clock and is calling systemd timedatectl instead. Do not set /etc/localtime on timezone package updates to avoid setting an incorrect timezone. (bsc#1093392)

This update for bind provides the following fix:

• Fixed ldapdump to use a temporary pseudo nameserver that conforms to BIND's expected syntax. Prior versions would not work correctly with an LDAP backed DNS server. (bsc#965748)
• Add SPF records in dnszone-schema file. (bsc#901577)

This update for mozilla-nss provides the following fixes:

• Update to NSS 3.36.4 required by Firefox 60.0.2. (bsc#1096515)
• Fix a problem that would cause connections to a server that was recently upgraded to TLS 1.3 to result in a SSL_RX_MALFORMED_SERVER_HELLO error.
• Fix a rare bug with PKCS#12 files.
• Use relro linker option.

This update for glibc fixes the following security issues:

• CVE-2017-18269: An SSE2-optimized memmove implementation for i386 did not correctly perform the overlapping memory check if the source memory range spaned the middle of the address space, resulting in corrupt data being produced by the copy operation. This may have disclosed information to context-dependent attackers, resulted in a denial of service or code execution (bsc#1094150).
• CVE-2018-11236: Prevent integer overflow on 32-bit architectures when processing very long pathname arguments to the realpath function, leading to a stack-based buffer overflow (bsc#1094161).
• CVE-2018-11237: An AVX-512-optimized implementation of the mempcpy function may have writen data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper (bsc#1092877, bsc#1094154).

This update for e2fsprogs fixes the following issues:
Security issues fixed:

• CVE-2015-0247: Fixed couple of heap overflows in e2fsprogs (fsck, dumpe2fs, e2image...) (bsc#915402).
• CVE-2015-1572: Fixed potential buffer overflow in closefs() (bsc#918346).

• bsc#1038194: generic/405 test fails with /dev/mapper/thin-vol is inconsistent on ext4 file system.
• bsc#1009532: resize2fs hangs when trying to resize a large ext4 file system.
• bsc#960273: xfsprogs does not call %{?regenerate_initrd_post}.

ca-certificates-mozilla was updated to the 2.24 state of the Mozilla NSS Certificate store. (bsc#1100415)
Following CAs were removed:

• S-TRUST_Universal_Root_CA
• TC_TrustCenter_Class_3_CA_II
• TUeRKTRUST_Elektronik_Sertifika_Hizmet_Saglayicisi_H5

This update for rpm fixes the following issues:
This security vulnerability was fixed:

• CVE-2017-7500: Fixed symlink attacks during RPM installation (bsc#943457)

This update for systemd provides the following fixes:

• systemctl: Mask always reports the same unit names when different unknown units are passed. (bsc#1095973)
• systemctl: Check the existence of all units, not just the first one.
• scsi_id: Fix the prefix for pre-SPC inquiry reply. (bsc#1039099)
• device: Make sure to always retroactively start device dependencies. (bsc#1088052)
• locale-util: On overlayfs FTW_MOUNT causes nftw(3) to not list *any* files.
• Fix pattern to detect distribution.
• install: The 'user' and 'global' scopes are equivalent for user presets. (bsc#1093851)
• install: Search for preset files in /run (#7715)
• install: Consider globally enabled units as 'enabled' for the user. (bsc#1093851)
• install: Consider non-Alias=/non-DefaultInstance= symlinks as 'indirect' enablement.
• install: Only consider names in Alias= as 'enabling'.
• udev: Whitelist mlx4_core locally-administered MAC addresses in the persistent rule generator. (bsc#1083158)
• man: Updated systemd-analyze blame description for service-units with Type=simple. (bsc#1091265)
• fileio: Support writing atomic files with timestamp.
• fileio.c: Fix incorrect mtime
• Drop runtime dependency on dracut, otherwise systemd pulls in tools to generate the initrd even in container/chroot installations that don't have a kernel. For environments where initrd matters, dracut should be pulled via a pattern. (bsc#1098569)
• An update broke booting with encrypted partitions on NVMe (bsc#1095096)

This update for cups fixes the following issues:
The following security vulnerabilities were fixed:

• Fixed a local privilege escalation to root and sandbox bypasses in the scheduler
• CVE-2018-4180: Fixed a local privilege escalation to root in dnssd backend (bsc#1096405)
• CVE-2018-4181: Limited local file reads as root via cupsd.conf include directive (bsc#1096406)
• CVE-2018-4182: Fixed a sandbox bypass due to insecure error handling (bsc#1096407)
• CVE-2018-4183: Fixed a sandbox bypass due to profile misconfiguration (bsc#1096408)

This update for curl fixes the following issues:
Security issue fixed:

• CVE-2018-0500: Fix a SMTP send heap buffer overflow (bsc#1099793).

This update for ca-certificates-mozilla fixes the following issues:
Updated to the 2.26 state of the Mozilla NSS Certificate store. (bsc#1104780)

• removed server auth rights from following CAs:

• removed CA

• new CA added:

This update for growpart provides the following fix:

• Support btrfs resize and handle ro setup in rootgrow. (bsc#1097455, bsc#1098681)

This update for libtirpc fixes the following issues:

• rpcinfo: send RPC getport call as specified via parameter (bsc#1072183)

This update for dracut fixes the following issues:

• Fix an issue with static network setups (bsc#1091099)
• Fix cat: write error: Broken pipe error (bsc#1094603)
• Pickup multipath files in /etc/multipath/conf.d (bsc#1048551)
• Load all keymaps for a given locale (bsc#1065058)

This update for xfsprogs fixes the following issues:

• avoid divide-by-zero when hardware reports optimal i/o size as 0 (bsc#1089777)
• repair: shift inode back into place if corrupted by bad log replay (bsc#1105396).

This update for docker fixes the following issues:

• Build the client binary with -buildmode=pie to fix issues on POWER. (bsc#1100727)
• Fix an issue where changed AppArmor profiles don't actually get applied on Docker daemon reboot. (bsc#1099277)
• Update to AppArmor patch so that signal mediation also works for signals between in-container processes. (bsc#1073877)
• Do not log incorrect warnings when attempting to inject non-existent host files. (bsc#1065609)

This update for curl fixes the following issues:
This security issue was fixed:

• CVE-2018-14618: Prevent integer overflow in the NTLM authentication code (bsc#1106019)

• Use OPENSSL_config instead of CONF_modules_load_file() to avoid crashes due to openssl engines conflicts (bsc#1086367)

This update for zlib provides the following fixes:

• Speedup zlib on power8. (fate#325307)
• Add safeguard against negative values in uInt. (bsc#1071321)

This update for openldap2 provides the following fix:

• Fix slapd segfaults in mdb_env_reader_dest. (bsc#1089640)

This update for gnutls fixes the following security issues:

• Improved mitigations against Lucky 13 class of attacks
• CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery (bsc#1105460)
• CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant (bsc#1105459)
• CVE-2018-10844: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (bsc#1105437)
• CVE-2017-10790: The _asn1_check_identifier function in Libtasn1 caused a NULL pointer dereference and crash (bsc#1047002)

This update for openssl-1_1 to 1.1.0i fixes the following issues:
These security issues were fixed:

• CVE-2018-0732: During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server could have sent a very large prime value to the client. This caused the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack (bsc#1097158)
• Make problematic ECDSA sign addition length-invariant
• Add blinding to ECDSA and DSA signatures to protect against side channel attacks

• When unlocking a pass phrase protected PEM file or PKCS#8 container, we now allow empty (zero character) pass phrases.
• Certificate time validation (X509_cmp_time) enforces stricter compliance with RFC 5280. Fractional seconds and timezone offsets are no longer allowed.
• Fixed a text canonicalisation bug in CMS
• Add openssl(cli) Provide so the packages that require the openssl binary can require this instead of the new openssl meta package (bsc#1101470)

This update for sudo fixes the following issues:

• fix permissions for /var/lib/sudo and /var/lib/sudo/ts (bsc#1097643)

This update for ca-certificates fixes the following issues:

• Changed 'openssl' requirement to 'openssl(cli)' (bsc#1101470)

This update for python3 fixes the following issues:

• Add -fwrapv to OPTS, which is default for python3 for bugs which are caused by avoiding it. (bsc#1107030)

This update for bash provides the following fixes:

• Bugfix: Parse settings in inputrc for all screen TERM variables starting with 'screen.' (bsc#1095661)
• Make the generation of bash.html reproducible. (bsc#1100488)
• Use initgroups(3) instead of setgroups(2) to fix the usage of suid programs. (bsc#1095670)
• Fix a problem that could cause hash table bash uses to store exit statuses from asynchronous processes to develop loops in circumstances involving long-running scripts that create and reap many processes.
• Fix a problem that could cause the shell to loop if a SIGINT is received inside of a SIGINT trap handler.
• Fix cases where a failing readline command (e.g., delete-char at the end of a line) can cause a multi-character key sequence to 'back up' and attempt to re-read some of the characters in the sequence.
• Fix a problem when sourcing a file from an interactive shell, that setting the SIGINT handler to the default and typing ^C would cause the shell to exit.

This update for libxml2 fixes the following security issues:

• CVE-2018-9251: The xz_decomp function allowed remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1088279)
• CVE-2018-14567: Prevent denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint (bsc#1105166)
• CVE-2018-14404: Prevent NULL pointer dereference in the xmlXPathCompOpEval() function when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case leading to a denial of service attack (bsc#1102046)

This update for fuse fixes the following issues:

• CVE-2018-10906: fusermount was vulnerable to a restriction bypass when SELinux is active. This allowed non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects (bsc#1101797)

This update for logrotate provides the following fix:

• Ensure the HOME environment variable is set to /root when logrotate is started via systemd. This allows mariadb to rotate its logs when the database has a root password defined. (bsc#1093617)

This update for aaa_base provides the following fixes:

• Let bash.bashrc work even for (m)ksh. (bsc#1104531)
• Fix an error at login if java system directory is empty. (bsc#1102310)

This update for gettext-runtime provides the following fix:

• Reset the length of message string after a line has been removed to fix a crash in msgfmt when writing java source code and the .po file has a POT-Creation-Date header. (bsc#1106843)

This update for python-pyOpenSSL fixes the following issues:

• Handle duplicate certificate addition using X509_STORE_add_cert so it works after upgrading to openssl 1.1.1. (bsc#1110435)

This update for timezone, timezone-java fixes the following issues:
The timezone database was updated to 2018f:

• Volgograd moves from +03 to +04 on 2018-10-28.
• Fiji ends DST 2019-01-13, not 2019-01-20.
• Most of Chile changes DST dates, effective 2019-04-06 (bsc#1104700)
• Corrections to past timestamps of DST transitions
• Use 'PST' and 'PDT' for Philippine time
• minor code changes to zic handling of the TZif format
• documentation updates

• Fixed a zic problem with the 1948-1951 DST transition in Japan (bsc#1112310)

This update for kmod provides the following fixes:

• Allow 'modprobe -c' print the status of 'allow_unsupported_modules' option. (bsc#1112928)

This update for xfsprogs fixes the following issues:

• Explictly disable systemd unit files for scrub (bsc#1105068).

This update for glibc fixes the following issues:

• Fix build on aarch64 with binutils newer than 2.30.
• Fix year 2039 bug for localtime with 64-bit time_t (bsc#1102526)

This update for rpm fixes the following issues:

• On PowerPC64 fix the superfluous TOC. dependency (bsc#1113100)

This update provides the latest time zone definitions (2018g), including the following change:

• Morocco switched from +00/+01 to permanent +01 effective 2018-10-28 (bsc#1113554)

This update for open-iscsi provides the following fixes:

• Fix a core dump which can occur if iscsiuio is started and then immediately stopped. (bsc#1094797)
• Avoid netlink buffer corruption when more than one host tries to xmit packet at the same time. (bsc#1100349)
• Use libkmod instead of running modprobe (bsc#1106685)
• iscsiuio: limit retries of dhpcv6 (bsc#1106694)
• Restore space to output of 'iscsiadm -m node'. (bsc#1111608)
• Fix session info output if iscsid started up and found stale sessions and add ability to limit reconnect retries. (bsc#1088389)

This update for pam fixes the following issues:

• Remove limits for nproc from /etc/security/limits.conf (bsc#1110700)

This update for curl fixes the following issues:

• CVE-2018-16839: A SASL password overflow via integer overflow was fixed which could lead to crashes (bsc#1112758)
• CVE-2018-16840: A use-after-free in SASL handle close was fixed which could lead to crashes (bsc#1112758)
• CVE-2018-16842: A Out-of-bounds Read in tool_msgs.c was fixed which could lead to crashes (bsc#1113660)

This update for systemd fixes the following issues:
Security issues fixed:

• CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632)
• CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665)

• dhcp6: split assert_return() to be more debuggable when hit
• core: skip unit deserialization and move to the next one when unit_deserialize() fails
• core: properly handle deserialization of unknown unit types (#6476)
• core: don't create Requires for workdir if 'missing ok' (bsc#1113083)
• logind: use manager_get_user_by_pid() where appropriate
• logind: rework manager_get_{user|session}_by_pid() a bit
• login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024)
• core: be more defensive if we can't determine per-connection socket peer (#7329)
• core: introduce systemd.early_core_pattern= kernel cmdline option
• core: add missing 'continue' statement
• core/mount: fstype may be NULL
• journald: don't ship systemd-journald-audit.socket (bsc#1109252)
• core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445)
• mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076)
• detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197)
• emergency: make sure console password agents don't interfere with the emergency shell
• man: document that 'nofail' also has an effect on ordering
• journald: take leading spaces into account in syslog_parse_identifier
• journal: do not remove multiple spaces after identifier in syslog message
• syslog: fix segfault in syslog_parse_priority()
• journal: fix syslog_parse_identifier()
• install: drop left-over debug message (#6913)
• Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool.
• Add udev.no-partlabel-links kernel command-line option. This option can be used to disable the generation of the by-partlabel symlinks regardless of the name used. (bsc#1089761)
• man: SystemMaxUse= clarification in journald.conf(5). (bsc#1101040)
• systemctl: load unit if needed in 'systemctl is-active' (bsc#1102908)
• core: don't freeze OnCalendar= timer units when the clock goes back a lot (bsc#1090944)
• Enable or disable machines.target according to the presets (bsc#1107941)
• cryptsetup: add support for sector-size= option (fate#325697)
• nspawn: always use permission mode 555 for /sys (bsc#1107640)
• Bugfix for a race condition between daemon-reload and other commands (bsc#1105031)
• Fixes an issue where login with root credentials was not possible in init level 5 (bsc#1091677)
• Fix an issue where services of type 'notify' harmless DENIED log entries. (bsc#991901)
• Does no longer adjust qgroups on existing subvolumes (bsc#1093753)
• cryptsetup: add support for sector-size= option (#9936) (fate#325697 bsc#1114135)

This update for dracut fixes the following issues:

• Fix fails booting from Intel DCPMEM by adding nfit module. (bsc#1110519)
• Add kernel-syms to list of packages to remove with purge-kernels. (bsc#1104090)
• Skip kernels that cannot be removed by purge-kernels due to dependencies and continue removing other kernels. (bsc#1104090)
• Fix finding btrfs devices. (bsc#1104178)
• Add fix to override ACPI tables via initrd, a kernel config variable changed name. (bsc#1098448)

The GNU Compiler GCC 8 is being added to the Development Tools Module by this update.
The update also supplies gcc8 compatible libstdc++, libgcc_s1 and other gcc derived libraries for the Basesystem module of SUSE Linux Enterprise 15.
Various optimizers have been improved in GCC 8, several of bugs fixed, quite some new warnings added and the error pin-pointing and fix-suggestions have been greatly improved.
The GNU Compiler page for GCC 8 contains a summary of all the changes that have happened:
https://gcc.gnu.org/gcc-8/changes.html
Also changes needed or common pitfalls when porting software are described on:
https://gcc.gnu.org/gcc-8/porting_to.html

This update for libxkbcommon to version 0.8.2 fixes the following issues:

• Fix a few NULL-dereferences, out-of-bounds access and undefined behavior in the XKB text format parser.
• CVE-2018-15853: Endless recursion could have been used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers boolean negation (bsc#1105832).
• CVE-2018-15854: Unchecked NULL pointer usage could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because geometry tokens were desupported incorrectly (bsc#1105832).
• CVE-2018-15855: Unchecked NULL pointer usage could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because the XkbFile for an xkb_geometry section was mishandled (bsc#1105832).
• CVE-2018-15856: An infinite loop when reaching EOL unexpectedly could be used by local attackers to cause a denial of service during parsing of crafted keymap files (bsc#1105832).
• CVE-2018-15857: An invalid free in ExprAppendMultiKeysymList could have been used by local attackers to crash xkbcommon keymap parsers or possibly have unspecified other impact by supplying a crafted keymap file (bsc#1105832).
• CVE-2018-15858: Unchecked NULL pointer usage when handling invalid aliases in CopyKeyAliasesToKeymap could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file (bsc#1105832).
• CVE-2018-15859: Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled (bsc#1105832).
• CVE-2018-15861: Unchecked NULL pointer usage in ExprResolveLhs could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file that triggers an xkb_intern_atom failure (bsc#1105832).
• CVE-2018-15862: Unchecked NULL pointer usage in LookupModMask could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with invalid virtual modifiers (bsc#1105832).
• CVE-2018-15863: Unchecked NULL pointer usage in ResolveStateAndPredicate could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file with a no-op modmask expression (bsc#1105832).
• CVE-2018-15864: Unchecked NULL pointer usage in resolve_keysym could have been used by local attackers to crash (NULL pointer dereference) the xkbcommon parser by supplying a crafted keymap file, because a map access attempt can occur for a map that was never created (bsc#1105832).

This update for nfsidmap fixes the following issues:

• Improve support for SAMBA with Active Directory. (bsc#1098217)

This update for rpcbind fixes the following issues:

• Fix tool stack buffer overflow aborting (bsc#969953)

This update for apparmor fixes the following issues:

• allow dnsmasq to open logfiles (bsc#1111345)

This update for glib2 fixes the following issues:
Security issues fixed:

• CVE-2018-16428: Do not do a NULL pointer dereference (crash). Avoid that, at the cost of introducing a new translatable error message (bsc#1107121).
• CVE-2018-16429: Fixed out-of-bounds read vulnerability ing_markup_parse_context_parse() (bsc#1107116).

• various GVariant parsing issues have been resolved (bsc#1111499)

This update for pam fixes the following issue:
Security issue fixed:

• CVE-2018-17953: Fixed IP address and subnet handling of pam_access.so that was not honoured correctly when a single host was specified (bsc#1115640).

This update for dracut fixes the following issues:

• 98dracut-systemd: Start systemd-vconsole-setup before dracut-cmdline-ask (bsc#1055834)
• Mark the DASD udev rules host-only and handle backslashes in paths for hostonly files (bsc#1090884)

This update for open-iscsi fixes the following issues:

• iscsiuio: Do not flush tx queue on each uio interrupt. This makes ping to such NICs work better (bsc#1102589)
• Not allow multiple sessions just because they were started in parallel (bsc#1107753)

This update for ncurses fixes the following issues:
Security issue fixed:

• CVE-2018-19211: Fixed denial of service issue that was triggered by a NULL pointer dereference at function _nc_parse_entry (bsc#1115929).

• Remove scree.xterm from terminfo data base as with this screen uses fallback TERM=screen (bsc#1103320).

This update for python-cffi fixes the following issues:

• Fix the testsuite of python-cffi like upstream to solve corruption at build (bsc#1111657)

This update for cups fixes the following issues:
Security issue fixed:

• CVE-2018-4700: Fixed extremely predictable cookie generation that is effectively breaking the CSRF protection of the CUPS web interface (bsc#1115750).

This update for tcpdump fixes the following issues:
Security issues fixed:

• CVE-2018-19519: Fixed a stack-based buffer over-read in the print_prefix function (bsc#1117267)

This update for dracut provides the following fix:

• emergency mode: Bring shell and all vital information to all ttys specified as console devices. (fate#325386, bsc#1053248, bsc#937555)

This update for perl fixes the following issues:
Secuirty issues fixed:

• CVE-2018-18311: Fixed integer overflow with oversize environment (bsc#1114674).
• CVE-2018-18312: Fixed heap-buffer-overflow write / reg_node overrun (bsc#1114675).
• CVE-2018-18313: Fixed heap-buffer-overflow read if regex contains \0 chars (bsc#1114681).
• CVE-2018-18314: Fixed heap-buffer-overflow in regex (bsc#1114686).

This update for libnettle fixes the following issues:
Security issues fixed:

• CVE-2018-16869: Fixed a leaky data conversion exposing a manager oracle (bsc#1118086)

This update for MozillaFirefox, mozilla-nss and mozilla-nspr fixes the following issues:
Issues fixed in MozillaFirefox:

• Update to Firefox ESR 60.4 (bsc#1119105)
• CVE-2018-17466: Fixed a buffer overflow and out-of-bounds read in ANGLE library with TextureStorage11
• CVE-2018-18492: Fixed a use-after-free with select element
• CVE-2018-18493: Fixed a buffer overflow in accelerated 2D canvas with Skia
• CVE-2018-18494: Fixed a Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs
• CVE-2018-18498: Fixed a integer overflow when calculating buffer sizes for images
• CVE-2018-12405: Fixed a few memory safety bugs

• Update to NSS 3.40.1 (bsc#1119105)
• CVE-2018-12404: Fixed a cache side-channel variant of the Bleichenbacher attack (bsc#1119069)
• CVE-2018-12384: Fixed an issue in the SSL handshake. NSS responded to an SSLv2-compatible ClientHello with a ServerHello that had an all-zero random. (bsc#1106873)
• CVE-2018-0495: Fixed a memory-cache side-channel attack with ECDSA signatures (bsc#1097410)
• Fixed a decryption failure during FFDHE key exchange
• Various security fixes in the ASN.1 code

• Update mozilla-nspr to 4.20 (bsc#1119105)

This update for containerd, docker and go fixes the following issues:
containerd and docker:

• Add backport for building containerd (bsc#1102522, bsc#1113313)
• Upgrade to containerd v1.1.2, which is required for Docker v18.06.1-ce. (bsc#1102522)
• Enable seccomp support on SLE12 (fate#325877)
• Update to containerd v1.1.1, which is the required version for the Docker v18.06.0-ce upgrade. (bsc#1102522)
• Put containerd under the podruntime slice (bsc#1086185)
• 3rd party registries used the default Docker certificate (bsc#1084533)
• Handle build breakage due to missing 'export GOPATH' (caused by resolution of boo#1119634). I believe Docker is one of the only packages with this problem.

• golang: arbitrary command execution via VCS path (bsc#1081495, CVE-2018-7187)
• Make profile.d/go.sh no longer set GOROOT=, in order to make switching between versions no longer break. This ends up removing the need for go.sh entirely (because GOPATH is also set automatically) (boo#1119634)
• Fix a regression that broke go get for import path patterns containing '...' (bsc#1119706)

This update for gpg2 fixes the following issue:
Security issue fixed:

• CVE-2018-1000858: Fixed a Cross Site Request Forgery(CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF (bsc#1120346).

This update for acl fixes the following issues:

• test: Add helper library to fake passwd/group files.
• quote: Escape literal backslashes. (bsc#953659)

This update for apparmor fixes the following issues:

• Update the last dnsmasq fix for logfiles when running under apparmor (bsc#1111345)

This update for xfsprogs fixes the following issues:

• Fix root inode's parent when it's bogus for sf directory (xfs repair). (bsc#1119063)

This update for suse-build-key fixes the following issues:

• Include the SUSE PTF GPG key in the key directory to avoid it being stripped via %doc stripping in CAASP. (bsc#1044232)

This update for mozilla-nss fixes the following issues:

• The hmac packages used in FIPS certification inadvertently removed in last update: re-added. (bsc#1121207)
• Added 'Suggest:' for libfreebl3 and libsoftokn3 respective -hmac packages to avoid dependency issues during updates (bsc#1090767, bsc#1121045)

This update for wget fixes the following issues:
Security issue fixed:

• CVE-2018-20483: Fixed an information disclosure through file metadata (bsc#1120382)

This update for timezone fixes the following issues:

• Update 2018i: São Tomé and Príncipe switches from +01 to +00 on 2019-01-01. (bsc#1120402)
• Update 2018h: Qyzylorda, Kazakhstan moved from +06 to +05 on 2018-12-21 New zone Asia/Qostanay because Qostanay, Kazakhstan didn't move Metlakatla, Alaska observes PST this winter only Guess Morocco will continue to adjust clocks around Ramadan Add predictions for Iran from 2038 through 2090

This update for chrony fixes the following issues:

• Generate chronyd sysconfig file. (bsc#1117147)

This update for systemd provides the following fixes:
Security issues fixed:

• CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323)
• CVE-2018-16866: Fixed an information leak in journald (bsc#1120323)
• CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919)
• Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971)

• pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498)
• systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933)
• systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723)
• Fixed installation issue with /etc/machine-id during update (bsc#1117063)
• btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753)
• logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591)
• udev: Downgrade message when settting inotify watch up fails. (bsc#1005023)
• udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696)

This update for ca-certificates-mozilla fixes the following issues:
The package was updated to the 2.30 version of the Mozilla NSS Certificate store. (bsc#1121446)
Removed Root CAs:
- AC Raiz Certicamara S.A. - Certplus Root CA G1 - Certplus Root CA G2 - OpenTrust Root CA G1 - OpenTrust Root CA G2 - OpenTrust Root CA G3 - Visa eCommerce Root
Added Root CAs:
- Certigna Root CA (email and server auth) - GTS Root R1 (server auth) - GTS Root R2 (server auth) - GTS Root R3 (server auth) - GTS Root R4 (server auth) - OISTE WISeKey Global Root GC CA (email and server auth) - UCA Extended Validation Root (server auth) - UCA Global G2 Root (email and server auth)

This update for apparmor fixes the following issues:

• Change of path of rpm in lessopen.sh (bsc#1082956, bsc#1117354)
• allow network access in lessopen.sh for reading files on NFS (workaround for bsc#1119937 / lp#1784499)
• dropped check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) (bsc#1120472)
• netconfig: write resolv.conf to /run with link to /etc (fate#325872, bsc#1097370) [patch apparmor-nameservice-resolv-conf-link.patch]

This update for dracut fixes the following issues:

• Ensures that mmc host modules get included properly (bsc#1119037)
• Fixes a missing space in example configs (bsc#1121251)
• Removes rule existence check (bsc#1008352).
• dracut-installkernel: Stops keeping old kernel files as .old (bsc#1112327)

This update for kmod fixes the following issues:

• Fixes module dependency file corruption on parallel invocation (bsc#1118629).
• Allows 'modprobe -c' to print the status of 'allow_unsupported_modules' option.

This update for rsyslog fixes the following issues:

• remove references to obsolete SYSLOG_REQUIRES_NETWORK variable in remote.conf (bsc#1101642)
• ship the missed out 'rsyslog-module-gtls' sub-package (bsc#1119429)

This update for rpm fixes the following issues:

• Add kmod(module) provides to kernel and KMPs (fate#326579).

This update for python3 fixes the following issues:
Security issue fixed:

• CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191)
• CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT (bsc#1120644)

This update for lua53 fixes the following issues:
Security issue fixed:

• CVE-2019-6706: Fixed a use-after-free bug in the lua_upvaluejoin function of lapi.c (bsc#1123043)

This update for curl fixes the following issues:
Security issues fixed:

• CVE-2019-3823: Fixed a heap out-of-bounds read in the code handling the end-of-response for SMTP (bsc#1123378).
• CVE-2019-3822: Fixed a stack based buffer overflow in the function creating an outgoing NTLM type-3 message (bsc#1123377).
• CVE-2018-16890: Fixed a heap buffer out-of-bounds read in the function handling incoming NTLM type-2 messages (bsc#1123371).

This update for glib2 provides the following fix:

• Enable systemtap. (fate#326393, bsc#1090047)

This update for MozillaFirefox, mozilla-nss fixes the following issues:
Security issues fixed:

• CVE-2018-18500: Fixed a use-after-free parsing HTML5 stream (bsc#1122983).
• CVE-2018-18501: Fixed multiple memory safety bugs (bsc#1122983).
• CVE-2018-18505: Fixed a privilege escalation through IPC channel messages (bsc#1122983).
• CVE-2018-12404: Cache side-channel variant of the Bleichenbacher attack (bsc#1119069).

• Update to MozillaFirefox ESR 60.5.0
• Update to mozilla-nss 3.41.1

This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues:
Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork:

• CVE-2018-16873: cmd/go: remote command execution during 'go get -u' (bsc#1118897)
• CVE-2018-16874: cmd/go: directory traversal in 'go get' via curly braces in import paths (bsc#1118898)
• CVE-2018-16875: crypto/x509: CPU denial of service (bsc#1118899)

• Disable leap based builds for kubic flavor (bsc#1121412)
• Allow users to explicitly specify the NIS domainname of a container (bsc#1001161)
• Update docker.service to match upstream and avoid rlimit problems (bsc#1112980)
• Allow docker images larger then 23GB (bsc#1118990)
• Docker version update to version 18.09.0-ce (bsc#1115464)

This update for itstool and python-libxml2-python fixes the following issues:
Package: itstool - Updated version to support Python3. (bnc#1111019)
Package: python-libxml2-python - Fix segfault when parsing invalid data. (bsc#1065270)

This update for systemd fixes the following issues:

• CVE-2019-6454: Overlong DBUS messages could be used to crash systemd (bsc#1125352)

• units: make sure initrd-cleanup.service terminates before switching to rootfs (bsc#1123333)
• logind: fix bad error propagation
• login: log session state 'closing' (as well as New/Removed)
• logind: fix borked r check
• login: don't remove all devices from PID1 when only one was removed
• login: we only allow opening character devices
• login: correct comment in session_device_free()
• login: remember that fds received from PID1 need to be removed eventually
• login: fix FDNAME in call to sd_pid_notify_with_fds()
• logind: fd 0 is a valid fd
• logind: rework sd_eviocrevoke()
• logind: check file is device node before using .st_rdev
• logind: use the new FDSTOREREMOVE=1 sd_notify() message (bsc#1124153)
• core: add a new sd_notify() message for removing fds from the FD store again
• logind: make sure we don't trip up on half-initialized session devices (bsc#1123727)
• fd-util: accept that kcmp might fail with EPERM/EACCES
• core: Fix use after free case in load_from_path() (bsc#1121563)
• core: include Found state in device dumps
• device: fix serialization and deserialization of DeviceFound
• fix path in btrfs rule (#6844)
• assemble multidevice btrfs volumes without external tools (#6607) (bsc#1117025)
• Update systemd-system.conf.xml (bsc#1122000)
• units: inform user that the default target is started after exiting from rescue or emergency mode
• core: free lines after reading them (bsc#1123892)
• sd-bus: if we receive an invalid dbus message, ignore and proceeed
• automount: don't pass non-blocking pipe to kernel.

This update for open-iscsi provides the following fixes:

• qedi: Set buf_size in case of ICMP and ARP packet. (bsc#1116711)
• qedi: Use uio BD index instead on buffer index. (bsc#1116711)
• Fix the output for iscsiadm node/iface print level P1. (bsc#1122938)

This update for xkeyboard-config fixes the following issues:

• Fixes missing mappings for evdev keys KEY_RFKILL and KEY_WWAN. (bsc#1123784)

This update for supportutils fixes the following issues:
Security issues fixed:

• CVE-2018-19640: Fixed an issue where users could kill arbitrary processes (bsc#1118463).
• CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files (bsc#1118460).
• CVE-2018-19639: Fixed a code execution if run with -v (bsc#1118462).
• CVE-2018-19637: Fixed an issue where static temporary filename could allow overwriting of files (bsc#1117776).

• Fixed invalid exit code commands (bsc#1125666).
• Included additional SUSE separation (bsc#1125609).
• Merged added listing of locked packes by zypper.
• Exclude pam.txt per GDPR by default (bsc#1112461).
• Clarified -x functionality in supportconfig(8) (bsc#1115245).
• udev service and provide the whole journal content in supportconfig (bsc#1051797).
• supportconfig collects tuned profile settings (bsc#1071545).
• sfdisk -d no disk device specified (bsc#1043311).
• Added vulnerabilites status check in basic-health.txt (bsc#1105849).
• Added only sched_domain from cpu0.
• Blacklist sched_domain from proc.txt (bsc#1046681).
• Added firewall-cmd info.
• Add ls -lA --time-style=long-iso /etc/products.d/
• Dump lsof errors.
• Added corosync status to ha_info.
• Dump find errors in ib_info.

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork, runc fixes the following issues:
Security issues fixed:

• CVE-2018-16875: Fixed a CPU Denial of Service (bsc#1118899).
• CVE-2018-16874: Fixed a vulnerabity in go get command which could allow directory traversal in GOPATH mode (bsc#1118898).
• CVE-2018-16873: Fixed a vulnerability in go get command which could allow remote code execution when executed with -u in GOPATH mode (bsc#1118897).
• CVE-2019-5736: Effectively copying /proc/self/exe during re-exec to avoid write attacks to the host runc binary, which could lead to a container breakout (bsc#1121967).

• Update shell completion to use Group: System/Shells.
• Add daemon.json file with rotation logs configuration (bsc#1114832)
• Update to Docker 18.09.1-ce (bsc#1124308) and to to runc 96ec2177ae84. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md.
• Update go requirements to >= go1.10
• Use -buildmode=pie for tests and binary build (bsc#1048046 and bsc#1051429).
• Remove the usage of 'cp -r' to reduce noise in the build logs.

This update for dracut fixes the following issues:

• Correct fix for displaying text on emergency consoles (bsc#1124088)
• 95iscsi: handle qedi like bnx2i (bsc#1113712)
• 91zipl: Don't use contents of commented lines (osc#1119499)
• Fix displaying text on emergency consoles (bsc#1124088)
• Remove invalid 'FONT_MAP=none' from vconsole.conf (osc#1013573)

This update for console-setup and kbd provides the following fix:

• Fix Shift-Tab mapping. (bsc#1122361)

This update for dracut fixes the following issues:

• purge-kernels: Avoid endless loop when uninstalling kernels that depend on KMPs which in themselves depend on other packages (bsc#1125327)

This update for supportutils fixes the following issues:

• Dont show error if /proc/fb is not present (bsc#1127069)
• Fixed issue where dasdview got called with wrong arguments (bsc#1109664)
• Clarified -t argument description in help output (bsc#1121043)
• Fixed grep error in NTP when /etc/cron.d is empty (bsc#1127063)
• Collect systemd journal logs with minimum installation (bsc#1094225)
• Fixed tar file generation (bsc#1120049)

This update for bind fixes the following issues:

• Fixes dynamic DNS updates against samba and Microsoft DNS servers (bsc#1094236).

This update for file fixes the following issues:
The following security vulnerabilities were addressed:

• CVE-2018-10360: Fixed an out-of-bounds read in the function do_core_note in readelf.c, which allowed remote attackers to cause a denial of service (application crash) via a crafted ELF file (bsc#1096974)
• CVE-2019-8905: Fixed a stack-based buffer over-read in do_core_note in readelf.c (bsc#1126118)
• CVE-2019-8906: Fixed an out-of-bounds read in do_core_note in readelf. c (bsc#1126119)
• CVE-2019-8907: Fixed a stack corruption in do_core_note in readelf.c (bsc#1126117)

This update for apparmor fixes the following issues:

• apparmor prevents libvirtd from starting (bsc#1127073)
• Start apparmor after filesystem remount (bsc#1123820)

This update for cups fixes the following issues:

• Fixed validation of UTF-8 filenames to avoid crashes (bsc#1118118)

This update for glibc provides the following fixes:

• Fix Haswell CPU string flags. (bsc#1114984)
• Fix waiters-after-spinning case. (bsc#1114993)
• Do not relocate absolute symbols. (bsc#1112570)
• Add glibc-locale-base subpackage containing only C, C.UTF-8 and en_US.UTF-8 locales. (fate#326551)
• Add HWCAP_ATOMICS to HWCAP_IMPORTANT (fate#325962)
• Remove slow paths from math routines. (fate#325815, fate#325879, fate#325880, fate#325881, fate#325882)

This update for gpgme provides the following fix:

• Re-generate keys in Qt tests to not expire. (bsc#1121051)

This update for rsyslog fixes the following issues:

• Set default permission for all log files (bsc#1126233)

This update for cyrus-sasl provides the following fix:

• Fix a problem that was causing syslog to be polluted with messages 'GSSAPI client step 1'. By server context the connection will be sent to the log function but the client content does not have log level information, so there is no way to stop DEBUG level logs. (bsc#1044840)

This update for glibc fixes the following issues:

• Add MAP_SYNC from Linux 4.15 (bsc#1126590)
• Add MAP_SHARED_VALIDATE from Linux 4.15 (bsc#1126590)
• nptl: Preserve error in setxid thread broadcast in coredumps (bsc#1063675, BZ #22153)

This update for aaa_base fixes the following issues:

• Restore old position of ssh/sudo source of profile (bsc#1118364).
• Update logic for JRE_HOME env variable (bsc#1128246)

This update for dracut fixes the following issues:

• Check SUSE kernel module dependencies recursively (bsc#1127891)
• Avoid 'Failed to chown ... Operation not permitted' when run from non-root, by not copying xattrs. (osc#1092178)
• Handle non-versioned dependency in purge-kernels.

This update for sqlite3 to version 3.27.2 fixes the following issue:
Security issue fixed:

• CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 (Magellan) (bsc#1119687).

This update for timezone fixes the following issues:
timezone was updated 2019a:

• Palestine 'springs forward' on 2019-03-30 instead of 2019-03-23
• Metlakatla 'fell back' to rejoin Alaska Time on 2019-01-20 at 02:00
• Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25)
• zic now has an -r option to limit the time range of output data

This update for libnettle to version 3.4.1 fixes the following issues:
Issues addressed and new features:

• Updated to 3.4.1 (fate#327114 and bsc#1129598)
• Fixed a missing break statements in the parsing of PEM input files in pkcs1-conv.
• Fixed a link error on the pss-mgf1-test which was affecting builds without public key support.
• All functions using RSA private keys are now side-channel silent. This applies both to the bignum calculations, which now use GMP's mpn_sec_* family of functions, and the processing of PKCS#1 padding needed for RSA decryption.
• Changes in behavior: The functions rsa_decrypt and rsa_decrypt_tr may now clobber all of the provided message buffer, independent of the actual message length. They are side-channel silent, in that branches and memory accesses don't depend on the validity or length of the message. Side-channel leakage from the caller's use of length and return value may still provide an oracle useable for a Bleichenbacher-style chosen ciphertext attack. Which is why the new function rsa_sec_decrypt is recommended.

This update for libtirpc fixes the following issues:

• Fix a yp_bind_client_create_v3: RPC: Unknown host error (bsc#1126096).
• add an option to enforce connection via protocol version 2 first (bsc#1120689).

This update for apparmor fixes the following issues:

• Add /proc/pid/tcp and /proc/pid/tcp6 entries to the apparmor profile. (bsc#1125439)
• allow network access and notify file creation/access (bsc#1120279)

This update for rpm fixes the following issues:

• This update shortens RPM changelog to after a certain cut off date (bsc#1129753)
• Translate dashes to underscores in kmod provides (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1119414).
• Re-add symset-table from SLE 12 (bsc#1126327).

This update for glibc fixes the following issues:
Security issue fixed:

• CVE-2016-10739: Fixed an improper implementation of getaddrinfo function which could allow applications to incorrectly assume that had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings (bsc#1122729).

• Fixed an issue where pthread_mutex_trylock did not use a correct order of instructions while maintained the robust mutex list due to missing compiler barriers (bsc#1130045).
• Added new Japanese Era name support (bsc#1100396).

This update for chrony fixes the following issues:

• Fix ordering and dependencies of chronyd.service, so that it is started after name resolution is up (bsc#1129914).

This update for wget fixes the following issues:
Security issue fixed:

• CVE-2019-5953: Fixed a buffer overflow vulnerability which might cause code execution (bsc#1131493).

This update for tar fixes the following issues:
Security issues fixed:

• CVE-2019-9923: Fixed a denial of service while parsing certain archives with malformed extended headers in pax_decode_header() (bsc#1130496).
• CVE-2018-20482: Fixed a denial of service when the '--sparse' option mishandles file shrinkage during read access (bsc#1120610).

This update for python3 fixes the following issues:
Security issue fixed:

• CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346).

This update for zlib fixes the following issues:

• Fixes a segmentation fault error (bsc#1110304, bsc#1129576)

This update for samba fixes the following issues:
Security issue fixed:

• CVE-2019-3880: Fixed a path/symlink traversal vulnerability, which allowed an unprivileged user to save registry files outside a share (bsc#1131060).

• Out of bound read in ldb_wildcard_compare
• Hold at most 10 outstanding paged result cookies
• Put 'results_store' into a doubly linked list
• Refuse to build Samba against a newer minor version of ldb

• Fixed update-apparmor-samba-profile script after apparmor switched to using named profiles (bsc#1126377).
• Abide to the load_printers parameter in smb.conf (bsc#1124223).
• Provide the 32bit samba winbind PAM module and its dependend 32bit libraries.

This update for open-iscsi fixes the following issues:

• Fix a regression in behavior of iscsiadm caused by the switch to libopeniscsiusr (bsc#1128972)

• Prevent iscsiuio segmentation fault in case get_tx_pkt fails while sending ARP (bsc#1127913)

This update for gnutls fixes to version 3.6.7 the following issues:
Security issued fixed:

• CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages (bsc#1130682).
• CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API (bsc#1130681).
• CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification (bsc#1118087)

• Update gnutls to support TLS 1.3 (fate#327114)

This update for sqlite3 to version 3.28.0 fixes the following issues:
Security issues fixed:

• CVE-2019-9936: Fixed a heap-based buffer over-read, when running fts5 prefix queries inside transaction (bsc#1130326).
• CVE-2019-9937: Fixed a denial of service related to interleaving reads and writes in a single transaction with an fts5 virtual table (bsc#1130325).

This update for python-Jinja2 to version 2.10.1 fixes the following issues:
Security issues fixed:

• CVE-2019-8341: Fixed a command injection in from_string() (bsc#1125815).
• CVE-2019-10906: Fixed a sandbox escape due to information disclosure via str.format (bsc#1132323).

This update for sg3_utils fixes the following issues:

• Update to version 1.44~763+19.1ed0757: * rescan-scsi-bus.sh: use LUN wildcard in idlist (bsc#1069384) * 40-usb-blacklist.rules: use ID_SCSI_INQUIRY (bsc#840054, bsc#1131482) * Changed versioning scheme (svn r763, pre-release of upstream 1.44, plus 16 SUSE patches, SUSE git commit b2fedfa) * 59-fc-wwpn-id.rules: fix rule syntax (bsc#1133418)
• Spec file: add fc_wwpn_id to generate by-path links for fibrechannel (bsc#1005063)

This update for bzip2 fixes the following issues:
Security issue fixed:

• CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657).

This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues:
Security issues fixed:

• CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967).
• CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013).
• CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897).
• CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898).
• CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899).

• Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).
• Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068).
• Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068).
• docker-test: Improvements to test packaging (bsc#1128746).
• Move daemon.json file to /etc/docker directory (bsc#1114832).
• Revert golang(API) removal since it turns out this breaks >= requires in certain cases (bsc#1114209).
• Fix go build failures (bsc#1121397).

This update for aaa_base fixes the following issue:
* Shell detection in /etc/profile and /etc/bash.bashrc was broken within AppArmor-confined containers (bsc#1096191)

This update for gnutls fixes the following issues:
Security issue fixed:

• CVE-2018-16868: Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification (bsc#1118087).

• Explicitly require libnettle 3.4.1 to prevent missing symbol errors (bsc#1134856).

This update for python3 to version 3.6.8 fixes the following issues:
Security issue fixed:

• CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter (bsc#1130840).

• Fixed broken debuginfo packages by switching off LTO and PGO optimization (bsc#1133452).

This update for curl fixes the following issues:
Security issue fixed:

• CVE-2019-5436: Fixed a heap buffer overflow exists in tftp_receive_packet that receives data from a TFTP server (bsc#1135170).

This update for systemd fixes the following issues:
Security issues fixed:

• CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348).
• CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352).
• CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509).

• logind: fix killing of scopes (bsc#1125604)
• namespace: make MountFlags=shared work again (bsc#1124122)
• rules: load drivers only on 'add' events (bsc#1126056)
• sysctl: Don't pass null directive argument to '%s' (bsc#1121563)
• systemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933)
• udevd: notify when max number value of children is reached only once per batch of events (bsc#1132400)
• sd-bus: bump message queue size again (bsc#1132721)
• Do not automatically online memory on s390x (bsc#1127557)
• Removed sg.conf (bsc#1036463)

This update for sles12sp3-docker-image, sles12sp4-image, system-user-root fixes the following issues:

• CVE-2019-5021: Include an invalidated root password by default, not an empty one (bsc#1134524)

This update for libtasn1 fixes the following issues:
Security issue fixed:

• CVE-2018-1000654: Fixed a denial of service in the asn1 parser (bsc#1105435).

This update for supportutils fixes the following issues:

• Updated to version 3.1.3 + Uses SUSE FTP servers (bsc#1132865) + btrfs quota #43 + supportconfig: open-files: add file flags #44 + Merged etc_info: Add support for .cfg files in /etc dir #46 + Silence warning in rpm backup db collection path #47 + Set files in tarball to 660 instead of 600 #48 + SUSE separation finalized (bsc#1125623) + Default compression through xz, but -z forces bzip2 + Updated man pages (bsc#1088234) + Changed VAR_OPTION_BIN_TIMEOUT_SEC from 300 to 120 + Avoids some IO delays (bsc#1100529) + Corrected supported services help info for -U + Collects iSCSI Target information (bsc#1133844) + FTPES uses --ssl-reqd instead of depricated --ftp-ssl + Defaults to https FTP server uploads (bsc#1134599)

• Updated to version 3.1.2 + Fixed missing sapconf and log (bsc#1081326) + Added timed_log_cmd to hwinfo and showmount commands (bsc#1120967)

This update for libpng16 fixes the following issues:
Security issues fixed:

• CVE-2019-7317: Fixed a use-after-free vulnerability, triggered when png_image_free() was called under png_safe_execute (bsc#1124211).
• CVE-2018-13785: Fixed a wrong calculation of row_factor in the png_check_chunk_length function in pngrutil.c, which could haved triggered and integer overflow and result in an divide-by-zero while processing a crafted PNG file, leading to a denial of service (bsc#1100687)

This update for bind fixes the following issues:
Security issues fixed:

• CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zones (bsc#1126069).
• CVE-2018-5745: Fixed a denial of service vulnerability if a trust anchor rolls over to an unsupported key algorithm when using managed-keys (bsc#1126068).
• CVE-2018-5743: Fixed a denial of service vulnerability which could be caused by to many simultaneous TCP connections (bsc#1133185).
• CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature (bsc#1104129).

This update for vim fixes the following issue:
Security issue fixed:

• CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c (bsc#1137443).

This update for e2fsprogs fixes the following issues:

• Check and fix tails of all bitmap blocks (bsc#1128383)

This update for elfutils fixes the following issues:
Security issues fixed:

• CVE-2017-7607: Fixed a heap-based buffer overflow in handle_gnu_hash (bsc#1033084)
• CVE-2017-7608: Fixed a heap-based buffer overflow in ebl_object_note_type_name() (bsc#1033085)
• CVE-2017-7609: Fixed a memory allocation failure in __libelf_decompress (bsc#1033086)
• CVE-2017-7610: Fixed a heap-based buffer overflow in check_group (bsc#1033087)
• CVE-2017-7611: Fixed a denial of service via a crafted ELF file (bsc#1033088)
• CVE-2017-7612: Fixed a denial of service in check_sysv_hash() via a crafted ELF file (bsc#1033089)
• CVE-2017-7613: Fixed denial of service caused by the missing validation of the number of sections and the number of segments in a crafted ELF file (bsc#1033090)
• CVE-2018-16062: Fixed a heap-buffer overflow in /elfutils/libdw/dwarf_getaranges.c:156 (bsc#1106390)
• CVE-2018-16402: Fixed a denial of service/double free on an attempt to decompress the same section twice (bsc#1107066)
• CVE-2018-16403: Fixed a heap buffer overflow in readelf (bsc#1107067)
• CVE-2018-18310: Fixed an invalid address read problem in dwfl_segment_report_module.c (bsc#1111973)
• CVE-2018-18520: Fixed bad handling of ar files inside are files (bsc#1112726)
• CVE-2018-18521: Fixed a denial of service vulnerabilities in the function arlib_add_symbols() used by eu-ranlib (bsc#1112723)
• CVE-2019-7150: dwfl_segment_report_module doesn't check whether the dyn data read from core file is truncated (bsc#1123685)
• CVE-2019-7665: NT_PLATFORM core file note should be a zero terminated string (bsc#1125007)

This update for python-requests to version 2.20.1 fixes the following issues:
Security issue fixed:

• CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header (bsc#1111622).

This update for libidn fixes the following issue:

• The missing libidn11-32bit compat library package was provided. (bsc#1132869)

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:

• CVE-2019-12819: The function __mdiobus_register() called put_device(), which triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of service. (bsc#1138291)

• CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This used to affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293)

• CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic.

• CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection.

• CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power.

• CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bsc#1136424)

• CVE-2019-10124: An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker could cause a denial of service (bsc#1130699, CVE-2019-10124).

• CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). (bsc#1136586)

• CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It could occur with FUSE requests. (bbsc#1133190)

• CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bsc#1120843)

• CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (bsc#1135281)

• CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019. (bsc##1111331)

• CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603)

• CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing speculative execution which may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019. (bsc#1103186)

• CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bsc#1135278)

• CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bsc#1135278)

• CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a '\0' character. (bsc#1134848)

• CVE-2019-11811: An issue was discovered in the Linux kernel There was a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module was removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c. (bsc#1134397)

• CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions. (bsc#1133188)

• CVE-2019-9003: In the Linux kernel, attackers could trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a 'service ipmievd restart' loop. (bsc#1126704)

• CVE-2018-16880: A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, could trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may have lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.(bsc#1122767)

• CVE-2019-9503: An issue was discoved which meant that brcmfmac frame validation could be bypassed. (bsc#1132828)

• CVE-2019-9500: An issue was discovered that lead to brcmfmac heap buffer overflow. (bsc#1132681)

• CVE-2019-8564: An issue was discoved which meant that brcmfmac frame validation could be bypassed. (bsc#1132673)

• CVE-2017-5753: Systems with microprocessors utilizing speculative execution and branch prediction may have allowed unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

• CVE-2019-3882: A flaw was found in the Linux kernel's vfio interface implementation that permitted violation of the user's locked memory limit. If a device was bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may have caused a system memory exhaustion and thus a denial of service (DoS). (bsc#1131427)

• 9p locks: add mount option for lock retry interval (bsc#1051510).
• 9p: do not trust pdu content for stat item size (bsc#1051510).
• acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).
• acpi / utils: Drop reference in test for device presence (bsc#1051510).
• acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426).
• acpi: Add Hygon Dhyana support ().
• acpi: button: reinitialize button state upon resume (bsc#1051510).
• acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).
• acpi: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bsc#1111666).
• acpi: property: restore _DSD data subnodes GUID comment (bsc#1111666).
• acpica: AML interpreter: add region addresses in global list during initialization (bsc#1051510).
• acpica: Namespace: remove address node from global list after method termination (bsc#1051510).
• alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
• alsa: core: Fix card races between register and disconnect (bsc#1051510).
• alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
• alsa: hda - Add two more machines to the power_save_blacklist (bsc#1051510).
• alsa: hda - Register irq handler after the chip initialization (bsc#1051510).
• alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
• alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510).
• alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510).
• alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
• alsa: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510).
• alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
• alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
• alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#1051510).
• alsa: hda/realtek - EAPD turn on later (bsc#1051510).
• alsa: hda/realtek - Enable micmute LED for Huawei laptops (bsc#1051510).
• alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bsc#1051510).
• alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
• alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#1051510).
• alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#1051510).
• alsa: hda/realtek - Move to ACT_INIT state (bsc#1111666).
• alsa: hda/realtek - Support low power consumption for ALC256 (bsc#1051510).
• alsa: hda/realtek - Support low power consumption for ALC295 (bsc#1051510).
• alsa: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bsc#1111666).
• alsa: hda: Initialize power_state field properly (bsc#1051510).
• alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510).
• alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).
• alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
• alsa: line6: use dynamic buffers (bsc#1051510).
• alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).
• alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
• alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510).
• alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
• alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).
• alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510).
• alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
• alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
• alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
• alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
• alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
• alsa: timer: Coding style fixes (bsc#1051510).
• alsa: timer: Make snd_timer_close() really kill pending actions (bsc#1051510).
• alsa: timer: Make sure to clear pending ack list (bsc#1051510).
• alsa: timer: Revert active callback sync check at close (bsc#1051510).
• alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
• alsa: timer: Unify timer callback process code (bsc#1051510).
• alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
• alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510).
• alsa: usx2y: fix a double free bug (bsc#1051510).
• appletalk: Fix compile regression (bsc#1051510).
• appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
• arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
• arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (bsc#1117158).
• arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).
• arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
• arm64: fix acpi dependencies (bsc#1117158).
• arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
• arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#1051510).
• arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
• arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
• arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
• arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bsc#1051510).
• arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
• arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#1051510).
• arm: OMAP2+: Variable 'reg' in function omap4_dsi_mux_pads() could be uninitialized (bsc#1051510).
• arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
• arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
• arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
• arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bsc#1051510).
• asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
• asoc: fix valid stream condition (bsc#1051510).
• asoc: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510).
• asoc: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).
• asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
• asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
• asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
• asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
• asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
• asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
• asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
• asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510).
• asoc: stm32: fix sai driver name initialisation (bsc#1051510).
• asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
• asoc: topology: free created components in tplg load error (bsc#1051510).
• asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
• asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
• assume flash part size to be 4MB, if it can't be determined (bsc#1127371).
• at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510).
• ath10k: avoid possible string overflow (bsc#1051510).
• ath10k: snoc: fix unbalanced clock error handling (bsc#1111666).
• audit: fix a memleak caused by auditing load module (bsc#1051510).
• b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
• backlight: lm3630a: Return 0 on success in update_status functions (bsc#1051510).
• batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510).
• batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510).
• batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510).
• bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972).
• bcache: add a comment in super.c (bsc#1130972).
• bcache: add code comments for bset.c (bsc#1130972).
• bcache: add comment for cache_set->fill_iter (bsc#1130972).
• bcache: add identifier names to arguments of function definitions (bsc#1130972).
• bcache: add missing SPDX header (bsc#1130972).
• bcache: add MODULE_DESCRIPTION information (bsc#1130972).
• bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972).
• bcache: add static const prefix to char * array declarations (bsc#1130972).
• bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972).
• bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
• bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972).
• bcache: correct dirty data statistics (bsc#1130972).
• bcache: do not assign in if condition in bcache_init() (bsc#1130972).
• bcache: do not assign in if condition register_bcache() (bsc#1130972).
• bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972).
• bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972).
• bcache: do not clone bio in bch_data_verify (bsc#1130972).
• bcache: do not mark writeback_running too early (bsc#1130972).
• bcache: export backing_dev_name via sysfs (bsc#1130972).
• bcache: export backing_dev_uuid via sysfs (bsc#1130972).
• bcache: fix code comments style (bsc#1130972).
• bcache: fix indent by replacing blank by tabs (bsc#1130972).
• bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
• bcache: fix input integer overflow of congested threshold (bsc#1130972).
• bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
• bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972).
• bcache: fix input overflow to journal_delay_ms (bsc#1130972).
• bcache: fix input overflow to sequential_cutoff (bsc#1130972).
• bcache: fix input overflow to writeback_delay (bsc#1130972).
• bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
• bcache: fix ioctl in flash device (bsc#1130972).
• bcache: fix mistaken code comments in bcache.h (bsc#1130972).
• bcache: fix mistaken comments in request.c (bsc#1130972).
• bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972).
• bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972).
• bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
• bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972).
• bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
• bcache: introduce force_wake_up_gc() (bsc#1130972).
• bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972).
• bcache: Move couple of functions to sysfs.c (bsc#1130972).
• bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
• bcache: move open brace at end of function definitions to next line (bsc#1130972).
• bcache: never writeback a discard operation (bsc#1130972).
• bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972).
• bcache: option to automatically run gc thread after writeback (bsc#1130972).
• bcache: panic fix for making cache device (bsc#1130972).
• bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
• bcache: prefer 'help' in Kconfig (bsc#1130972).
• bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
• bcache: recal cached_dev_sectors on detach (bsc#1130972).
• bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972).
• bcache: remove unused bch_passthrough_cache (bsc#1130972).
• bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
• bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
• bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972).
• bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
• bcache: replace printk() by pr_*() routines (bsc#1130972).
• bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972).
• bcache: set writeback_percent in a flexible range (bsc#1130972).
• bcache: split combined if-condition code into separate ones (bsc#1130972).
• bcache: stop bcache device when backing device is offline (bsc#1130972).
• bcache: stop using the deprecated get_seconds() (bsc#1130972).
• bcache: style fix to add a blank line after declarations (bsc#1130972).
• bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
• bcache: style fixes for lines over 80 characters (bsc#1130972).
• bcache: treat stale and dirty keys as bad keys (bsc#1130972).
• bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972).
• bcache: update comment for bch_data_insert (bsc#1130972).
• bcache: update comment in sysfs.c (bsc#1130972).
• bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
• bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972).
• bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
• bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
• bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
• bitmap: Add bitmap_alloc(), bitmap_zalloc() and bitmap_free() (jsc#SLE-4797).
• blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673).
• blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673).
• blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673).
• blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673).
• blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).
• blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673).
• blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673).
• blkcg: Introduce blkg_root_lookup() (bsc#1131673).
• blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673).
• block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
• block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843).
• block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
• block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
• block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
• block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
• block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673).
• block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673).
• block: fix the return errno for direct IO (bsc#1135320).
• block: fix use-after-free on gendisk (bsc#1135312).
• block: Introduce blk_exit_queue() (bsc#1131673).
• block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).
• block: remove bio_rewind_iter() (bsc#1131673).
• bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510).
• bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).
• bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556).
• bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731).
• bluetooth: hidp: fix buffer overflow (bsc#1051510).
• bnx2x: Add support for detection of P2P event packets (bsc#1136498 jsc#SLE-4699).
• bnx2x: Bump up driver version to 1.713.36 (bsc#1136498 jsc#SLE-4699).
• bnx2x: fix spelling mistake 'dicline' -> 'decline' (bsc#1136498 jsc#SLE-4699).
• bnx2x: fix various indentation issues (bsc#1136498 jsc#SLE-4699).
• bnx2x: Remove set but not used variable 'mfw_vn' (bsc#1136498 jsc#SLE-4699).
• bnx2x: Replace magic numbers with macro definitions (bsc#1136498 jsc#SLE-4699).
• bnx2x: Use struct_size() in kzalloc() (bsc#1136498 jsc#SLE-4699).
• bnx2x: Utilize FW 7.13.11.0 (bsc#1136498 jsc#SLE-4699).
• bnxt_en: Add device IDs 0x1806 and 0x1752 for 57500 devices (bsc#1137224).
• bnxt_en: Add support for BCM957504 (bsc#1137224).
• bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07).
• bnxt_en: Fix aggregation buffer leak under OOM condition (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Fix statistics context reservation logic (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bsc#1050242).
• bnxt_en: Improve multicast address setup logic (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Improve multicast address setup logic (networking-stable-19_05_04).
• bnxt_en: Improve NQ reservations (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Improve RX consumer index validity check (networking-stable-19_04_10).
• bnxt_en: Pass correct extended TX port statistics size to firmware (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Reduce memory usage when running in kdump kernel (bsc#1134090 jsc#SLE-5954).
• bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
• bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
• bonding: fix PACKET_ORIGDEV regression (git-fixes).
• bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#1083647).
• bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#1083647).
• bpf: Add missed newline in verifier verbose log (bsc#1056787).
• bpf: fix use after free in bpf_evict_inode (bsc#1083647).
• brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
• brcmfmac: fix leak of mypkt on error return path (bsc#1111666).
• broadcom: Mark expected switch fall-throughs (bsc#1136498 jsc#SLE-4699).
• btrfs: add a helper to return a head ref (bsc#1134813).
• btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes).
• btrfs: breakout empty head cleanup to a helper (bsc#1134813).
• btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bsc#1135758).
• btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
• btrfs: Do not panic when we can't find a root key (bsc#1112063).
• btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: Factor out common delayed refs init code (bsc#1134813).
• btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848).
• btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).
• btrfs: fix fsync not persisting changed attributes of a directory (bsc#1137151).
• btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195).
• btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#1136477).
• btrfs: fix race updating log root item during fsync (bsc#1137153).
• btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#1137152).
• btrfs: improve performance on fsync of files with multiple hardlinks (bsc#1123454).
• btrfs: Introduce init_delayed_ref_head (bsc#1134813).
• btrfs: move all ref head cleanup to the helper function (bsc#1134813).
• btrfs: move extent_op cleanup to a helper (bsc#1134813).
• btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
• btrfs: Open-code add_delayed_data_ref (bsc#1134813).
• btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
• btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer dereference (bsc#1134806).
• btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638 bsc#1128052 bsc#1108838).
• btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162).
• btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160).
• btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON() (bsc#1133612).
• btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
• btrfs: remove WARN_ON in log_dir_items (bsc#1131847).
• btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
• btrfs: split delayed ref head initialization and addition (bsc#1134813).
• btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
• btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#1136478).
• btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
• btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
• btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
• cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).
• ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
• ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
• ceph: fix ci->i_head_snapc leak (bsc#1122776).
• ceph: fix ci->i_head_snapc leak (bsc#1122776).
• ceph: fix use-after-free on symlink traversal (bsc#1134459).
• ceph: fix use-after-free on symlink traversal (bsc#1134459).
• ceph: only use d_name directly when parent is locked (bsc#1134460).
• ceph: only use d_name directly when parent is locked (bsc#1134460).
• cfg80211: Handle WMM rules in regulatory domain intersection (bsc#1111666).
• cgroup: fix parsing empty mount option string (bsc#1133094).
• chelsio: use BUG() instead of BUG_ON(1) (bsc#1136345 jsc#SLE-4681).
• cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).
• cifs: do not dereference smb_file_target before null check (bsc#1051510).
• cifs: Do not hide EINTR after sending network packets (bsc#1051510).
• cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).
• cifs: Do not reset lease state to NONE on lease break (bsc#1051510).
• cifs: Fix adjustment of credits for MTU requests (bsc#1051510).
• cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510).
• cifs: Fix credits calculations for reads with errors (bsc#1051510).
• cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).
• cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).
• cifs: Fix potential OOB access of lock element array (bsc#1051510).
• cifs: Fix read after write for files with read caching (bsc#1051510).
• cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#1131565).
• clk: fractional-divider: check parent rate only if flag is set (bsc#1051510).
• clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).
• clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
• clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
• clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510).
• config: arm64: enable CN99xx uncore pmu References: bsc#1117114
• configfs: fix possible use-after-free in configfs_register_group (bsc#1051510).
• configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
• cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
• cpufreq: Add Hygon Dhyana support ().
• cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ ().
• cpupowerutils: bench - Fix cpu online check (bsc#1051510).
• crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
• crypto: caam - add missing put_device() call (bsc#1129770).
• crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#1051510).
• crypto: caam/qi2 - fix DMA mapping of stack memory (bsc#1111666).
• crypto: caam/qi2 - fix zero-length buffer DMA mapping (bsc#1111666).
• crypto: caam/qi2 - generate hash keys in-place (bsc#1111666).
• crypto: ccm - fix incompatibility between 'ccm' and 'ccm_base' (bsc#1051510).
• crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510).
• crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
• crypto: chcr - ESN for Inline IPSec Tx (bsc#1136353 jsc#SLE-4688).
• crypto: chcr - small packet Tx stalls the queue (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - avoid using sa_entry imm (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - check set_msg_len overflow in generate_b0 (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - clean up various indentation issues (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - cleanup:send addr as value in function argument (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - count incomplete block in IV (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Fix NULL pointer dereference (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Fix passing zero to 'PTR_ERR' warning in chcr_aead_op (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Fix softlockup with heavy I/O (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Fix wrong error counter increments (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Fixed Traffic Stall (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Handle pci shutdown event (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Inline single pdu only (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - remove set but not used variable 'kctx_len' (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - remove set but not used variables 'adap' (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Reset counters on cxgb4 Detach (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Swap location of AAD and IV sent in WR (bsc#1136353 jsc#SLE-4688).
• crypto: chelsio - Use same value for both channel in single WR (bsc#1136353 jsc#SLE-4688).
• crypto: chtls - remove cdev_list_lock (bsc#1136353 jsc#SLE-4688).
• crypto: chtls - remove set but not used variables 'err, adap, request, hws' (bsc#1136353 jsc#SLE-4688).
• crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510).
• crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).
• crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
• crypto: gcm - fix incompatibility between 'gcm' and 'gcm_base' (bsc#1051510).
• crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).
• crypto: prefix header search paths with $(srctree)/ (bsc#1136353 jsc#SLE-4688).
• crypto: qat - move temp buffers off the stack (jsc#SLE-4818).
• crypto: qat - no need to check return value of debugfs_create functions (jsc#SLE-4818).
• crypto: qat - Remove unused goto label (jsc#SLE-4818).
• crypto: qat - Remove VLA usage (jsc#SLE-4818).
• crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).
• crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).
• crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510).
• crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
• crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
• crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
• crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#1137162).
• crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#1137162).
• crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510).
• crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510).
• cxgb4/chtls: Prefix adapter flags with CXGB4 (bsc#1136345 jsc#SLE-4681).
• cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).
• cxgb4/cxgb4vf: Display advertised FEC in ethtool (bsc#1136345 jsc#SLE-4681).
• cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).
• cxgb4/cxgb4vf: Fix up netdev->hw_features (bsc#1136345 jsc#SLE-4681).
• cxgb4/cxgb4vf: Link management changes (bsc#1127371).
• cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371).
• cxgb4/cxgb4vf_main: Mark expected switch fall-through (bsc#1136345 jsc#SLE-4681).
• cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371).
• cxgb4: Add flag tc_flower_initialized (bsc#1127371).
• cxgb4: Add new T5 pci device id 0x50ae (bsc#1127371).
• cxgb4: Add new T5 pci device ids 0x50af and 0x50b0 (bsc#1127371).
• cxgb4: Add new T6 pci device ids 0x608a (bsc#1127371).
• cxgb4: Add new T6 pci device ids 0x608b (bsc#1136345 jsc#SLE-4681).
• cxgb4: add per rx-queue counter for packet errors (bsc#1127371).
• cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).
• cxgb4: add support to display DCB info (bsc#1127371).
• cxgb4: Add support to read actual provisioned resources (bsc#1127371).
• cxgb4: add tcb flags and tcb rpl struct (bsc#1136345 jsc#SLE-4681).
• cxgb4: Add VF Link state support (bsc#1136345 jsc#SLE-4681).
• cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).
• cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).
• cxgb4: collect hardware queue descriptors (bsc#1127371).
• cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).
• cxgb4: convert flower table to use rhashtable (bsc#1127371).
• cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371).
• cxgb4: Delete all hash and TCAM filters before resource cleanup (bsc#1136345 jsc#SLE-4681).
• cxgb4: display number of rx and tx pages free (bsc#1127371).
• cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).
• cxgb4: Do not return EAGAIN when TCAM is full (bsc#1136345 jsc#SLE-4681).
• cxgb4: Enable hash filter with offload (bsc#1136345 jsc#SLE-4681).
• cxgb4: Enable outer UDP checksum offload for T6 (bsc#1136345 jsc#SLE-4681).
• cxgb4: Export sge_host_page_size to ulds (bsc#1127371).
• cxgb4: Fix error path in cxgb4_init_module (bsc#1136345 jsc#SLE-4681).
• cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).
• cxgb4: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).
• cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).
• cxgb4: kfree mhp after the debug print (bsc#1136345 jsc#SLE-4681).
• cxgb4: Mask out interrupts that are not enabled (bsc#1127175).
• cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).
• cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1136345 jsc#SLE-4681).
• cxgb4: remove DEFINE_SIMPLE_DEBUGFS_FILE() (bsc#1136345 jsc#SLE-4681).
• cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371).
• cxgb4: remove set but not used variables 'multitrc, speed' (bsc#1136345 jsc#SLE-4681).
• cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).
• cxgb4: remove the unneeded locks (bsc#1127371).
• cxgb4: Revert 'cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size' (bsc#1136345 jsc#SLE-4681).
• cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).
• cxgb4: Support ethtool private flags (bsc#1127371).
• cxgb4: TLS record offload enable (bsc#1136345 jsc#SLE-4681).
• cxgb4: Update 1.23.3.0 as the latest firmware supported (bsc#1136345 jsc#SLE-4681).
• cxgb4: update supported DCB version (bsc#1127371).
• cxgb4: use firmware API for validating filter spec (bsc#1136345 jsc#SLE-4681).
• cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).
• cxgb4vf: Call netif_carrier_off properly in pci_probe (bsc#1136347 jsc#SLE-4683).
• cxgb4vf: Enter debugging mode if FW is inaccessible (bsc#1136347 jsc#SLE-4683).
• cxgb4vf: Few more link management changes (bsc#1127374).
• cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).
• cxgb4vf: free mac_hlist properly (bsc#1136345 jsc#SLE-4681).
• cxgb4vf: Prefix adapter flags with CXGB4VF (bsc#1136347 jsc#SLE-4683).
• cxgb4vf: Revert force link up behaviour (bsc#1136347 jsc#SLE-4683).
• cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).
• dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
• dccp: Fix memleak in __feat_register_sp (bsc#1051510).
• debugfs: fix use-after-free on symlink traversal (bsc#1051510).
• device_cgroup: fix RCU imbalance in error case (bsc#1051510).
• devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
• dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638).
• dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510).
• dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510).
• dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).
• dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510).
• dmaengine: tegra210-adma: Fix crash during probe (bsc#1111666).
• dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
• dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).
• documentation: Add MDS vulnerability documentation (bsc#1135642).
• documentation: perf: Add documentation for ThunderX2 PMU uncore driver ().
• drivers/perf: Add Cavium ThunderX2 SoC UNCORE PMU driver ().
• drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
• drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567).
• drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567).
• drm/amd/display: extending AUX SW Timeout (bsc#1111666).
• drm/amd/display: fix cursor black issue (bsc#1111666).
• drm/amd/display: If one stream full updates, full update all planes (bsc#1111666).
• drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bsc#1111666).
• drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bsc#1111666).
• drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
• drm/doc: Drop 'content type' from the legacy kms property table (bsc#1111666).
• drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510).
• drm/etnaviv: lock MMU while dumping core (bsc#1113722)
• drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bsc#1111666).
• drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
• drm/fb-helper: generic: Call drm_client_add() after setup is done (bsc#1111666).
• drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
• drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
• drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)
• drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113956)
• drm/i915/gvt: Annotate iomem usage (bsc#1051510).
• drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510).
• drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)
• drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113956)
• drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware (bsc#1051510).
• drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
• drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722)
• drm/i915/gvt: Prevent use-after-free in ppgtt_free_all_spt() (bsc#1111666).
• drm/i915/gvt: refine ggtt range validation (bsc#1113722)
• drm/i915/gvt: Roundup fb->height into tile's height at calucation fb->size (bsc#1111666).
• drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#1113722)
• drm/i915/icl: Whitelist GEN9_SLICE_COMMON_ECO_CHICKEN1 (bsc#1111666).
• drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
• drm/i915: Disable tv output on i9x5gm (bsc#1086657, bsc#1133897).
• drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
• drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
• drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled (bsc#1111666).
• drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
• drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722)
• drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113956)
• drm/mediatek: fix possible object reference leak (bsc#1051510).
• drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722)
• drm/nouveau/bar/tu104: initial support (bsc#1133593).
• drm/nouveau/bar/tu106: initial support (bsc#1133593).
• drm/nouveau/bios/tu104: initial support (bsc#1133593).
• drm/nouveau/bios/tu106: initial support (bsc#1133593).
• drm/nouveau/bios: translate additional memory types (bsc#1133593).
• drm/nouveau/bios: translate usb-C connector type (bsc#1133593).
• drm/nouveau/bus/tu104: initial support (bsc#1133593).
• drm/nouveau/bus/tu106: initial support (bsc#1133593).
• drm/nouveau/ce/tu104: initial support (bsc#1133593).
• drm/nouveau/ce/tu106: initial support (bsc#1133593).
• drm/nouveau/core: increase maximum number of nvdec instances to 3 (bsc#1133593).
• drm/nouveau/core: recognise TU102 (bsc#1133593).
• drm/nouveau/core: recognise TU104 (bsc#1133593).
• drm/nouveau/core: recognise TU106 (bsc#1133593).
• drm/nouveau/core: support multiple nvdec instances (bsc#1133593).
• drm/nouveau/devinit/gm200-: export function to upload+execute PMU/PRE_OS (bsc#1133593).
• drm/nouveau/devinit/tu104: initial support (bsc#1133593).
• drm/nouveau/devinit/tu106: initial support (bsc#1133593).
• drm/nouveau/disp/gm200-: add scdc parameter setter (bsc#1133593).
• drm/nouveau/disp/gv100: fix name of window channels in debug output (bsc#1133593).
• drm/nouveau/disp/tu104: initial support (bsc#1133593).
• drm/nouveau/disp/tu106: initial support (bsc#1133593).
• drm/nouveau/disp: add a way to configure scrambling/tmds for hdmi 2.0 (bsc#1133593).
• drm/nouveau/disp: add support for setting scdc parameters for high modes (bsc#1133593).
• drm/nouveau/disp: keep track of high-speed state, program into clock (bsc#1133593).
• drm/nouveau/disp: take sink support into account for exposing 594mhz (bsc#1133593).
• drm/nouveau/dma/tu104: initial support (bsc#1133593).
• drm/nouveau/dma/tu106: initial support (bsc#1133593).
• drm/nouveau/drm/nouveau: Do not forget to label dp_aux devices (bsc#1133593).
• drm/nouveau/drm/nouveau: s/nouveau_backlight_exit/nouveau_backlight_fini/ (bsc#1133593).
• drm/nouveau/drm/nouveau: tegra: Call nouveau_drm_device_init() (bsc#1133593).
• drm/nouveau/fault/tu104: initial support (bsc#1133593).
• drm/nouveau/fault/tu106: initial support (bsc#1133593).
• drm/nouveau/fault: add explicit control over fault buffer interrupts (bsc#1133593).
• drm/nouveau/fault: remove manual mapping of fault buffers into BAR2 (bsc#1133593).
• drm/nouveau/fault: store get/put pri address in nvkm_fault_buffer (bsc#1133593).
• drm/nouveau/fb/tu104: initial support (bsc#1133593).
• drm/nouveau/fb/tu106: initial support (bsc#1133593).
• drm/nouveau/fifo/gf100-: call into BAR to reset BARs after MMU fault (bsc#1133593).
• drm/nouveau/fifo/gk104-: group pbdma functions together (bsc#1133593).
• drm/nouveau/fifo/gk104-: return channel instance in ctor args (bsc#1133593).
• drm/nouveau/fifo/gk104-: separate runlist building from committing to hw (bsc#1133593).
• drm/nouveau/fifo/gk104-: support enabling privileged ce functions (bsc#1133593).
• drm/nouveau/fifo/gk104-: virtualise pbdma enable function (bsc#1133593).
• drm/nouveau/fifo/gm200-: read pbdma count more directly (bsc#1133593).
• drm/nouveau/fifo/gv100: allocate method buffer (bsc#1133593).
• drm/nouveau/fifo/gv100: return work submission token in channel ctor args (bsc#1133593).
• drm/nouveau/fifo/tu104: initial support (bsc#1133593).
• drm/nouveau/fifo/tu106: initial support (bsc#1133593).
• drm/nouveau/fuse/tu104: initial support (bsc#1133593).
• drm/nouveau/fuse/tu106: initial support (bsc#1133593).
• drm/nouveau/gpio/tu104: initial support (bsc#1133593).
• drm/nouveau/gpio/tu106: initial support (bsc#1133593).
• drm/nouveau/i2c/tu104: initial support (bsc#1133593).
• drm/nouveau/i2c/tu106: initial support (bsc#1133593).
• drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
• drm/nouveau/ibus/tu104: initial support (bsc#1133593).
• drm/nouveau/ibus/tu106: initial support (bsc#1133593).
• drm/nouveau/imem/nv50: support pinning objects in BAR2 and returning address (bsc#1133593).
• drm/nouveau/imem/tu104: initial support (bsc#1133593).
• drm/nouveau/imem/tu106: initial support (bsc#1133593).
• drm/nouveau/kms/nv50-: allow more flexibility with lut formats (bsc#1133593).
• drm/nouveau/kms/tu104: initial support (bsc#1133593).
• drm/nouveau/ltc/tu104: initial support (bsc#1133593).
• drm/nouveau/ltc/tu106: initial support (bsc#1133593).
• drm/nouveau/mc/tu104: initial support (bsc#1133593).
• drm/nouveau/mc/tu106: initial support (bsc#1133593).
• drm/nouveau/mmu/tu104: initial support (bsc#1133593).
• drm/nouveau/mmu/tu106: initial support (bsc#1133593).
• drm/nouveau/mmu: add more general vmm free/node handling functions (bsc#1133593).
• drm/nouveau/pci/tu104: initial support (bsc#1133593).
• drm/nouveau/pci/tu106: initial support (bsc#1133593).
• drm/nouveau/pmu/tu104: initial support (bsc#1133593).
• drm/nouveau/pmu/tu106: initial support (bsc#1133593).
• drm/nouveau/therm/tu104: initial support (bsc#1133593).
• drm/nouveau/therm/tu106: initial support (bsc#1133593).
• drm/nouveau/tmr/tu104: initial support (bsc#1133593).
• drm/nouveau/tmr/tu106: initial support (bsc#1133593).
• drm/nouveau/top/tu104: initial support (bsc#1133593).
• drm/nouveau/top/tu106: initial support (bsc#1133593).
• drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).
• drm/nouveau: add DisplayPort CEC-Tunneling-over-AUX support (bsc#1133593).
• drm/nouveau: Add NV_PRINTK_ONCE and variants (bsc#1133593).
• drm/nouveau: Add size to vbios.rom file in debugfs (bsc#1133593).
• drm/nouveau: Add strap_peek to debugfs (bsc#1133593).
• drm/nouveau: Cleanup indenting in nouveau_backlight.c (bsc#1133593).
• drm/nouveau: Fix potential memory leak in nouveau_drm_load() (bsc#1133593).
• drm/nouveau: Move backlight device into nouveau_connector (bsc#1133593).
• drm/nouveau: Refactor nvXX_backlight_init() (bsc#1133593).
• drm/nouveau: register backlight on pascal and newer (bsc#1133593).
• drm/nouveau: remove left-over struct member (bsc#1133593).
• drm/nouveau: Remove unecessary dma_fence_ops (bsc#1133593).
• drm/nouveau: Start using new drm_dev initialization helpers (bsc#1133593).
• drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).
• drm/omap: hdmi4_cec: Fix CEC clock handling for PM (bsc#1111666).
• drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bsc#1111666).
• drm/pl111: Initialize clock spinlock early (bsc#1111666).
• drm/rockchip: fix for mailbox read validation (bsc#1051510).
• drm/rockchip: fix for mailbox read validation (bsc#1111666).
• drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
• drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)
• drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722)
• drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722)
• drm/sun4i: Fix sun8i HDMI PHY clock initialization (bsc#1111666).
• drm/sun4i: Fix sun8i HDMI PHY configuration for > 148.5 MHz (bsc#1111666).
• drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
• drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722)
• drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind (bsc#1111666).
• drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722)
• drm/tegra: gem: Fix CPU-cache maintenance for BO's allocated using get_pages() (bsc#1111666).
• drm/tegra: hub: Fix dereference before check (bsc#1111666).
• drm/ttm: Fix bo_global and mem_global kfree error (bsc#1111666).
• drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bsc#1111666).
• drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488)
• drm/udl: add a release method and delay modeset teardown (bsc#1085536)
• drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)
• drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc#1051510).
• drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an invalid read (bsc#1051510).
• drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#1113722)
• drm/vmwgfx: Remove set but not used variable 'restart' (bsc#1111666).
• drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510).
• drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722)
• drm: rcar-du: Fix rcar_du_crtc structure documentation (bsc#1111666).
• dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20).
• dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
• dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
• dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#1085535).
• dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770).
• dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
• dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510).
• e1000e: Disable runtime PM on CNP+ (jsc#SLE-4804).
• e1000e: Exclude device from suspend direct complete optimization (jsc#SLE-4804).
• e1000e: Fix -Wformat-truncation warnings (bsc#1051510).
• e1000e: fix a missing check for return value (jsc#SLE-4804).
• e1000e: fix cyclic resets at link up with active tx (bsc#1051510).
• edac, amd64: Add Hygon Dhyana support ().
• efi/arm: Defer persistent reservations until after paging_init() (bsc#1117158).
• efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc#1115688 bsc#1120566).
• efi/arm: libstub: add a root memreserve config table (bsc#1117158).
• efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#1117158).
• efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#1117158).
• efi/arm: Revert 'Defer persistent reservations until after paging_init()' (bsc#1117158).
• efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
• efi: add API to reserve memory persistently across kexec reboot (bsc#1117158).
• efi: honour memory reservations passed via a linux specific config table (bsc#1117158).
• efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#1117158).
• efi: Permit multiple entries in persistent memreserve data structure (bsc#1117158).
• efi: Prevent GICv3 WARN() by mapping the memreserve table before first use (bsc#1117158).
• efi: Reduce the amount of memblock reservations for persistent allocations (bsc#1117158).
• ext4: actually request zeroing of inode table after grow (bsc#1135315).
• ext4: avoid panic during forced reboot due to aborted journal (bsc#1126356).
• ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).
• ext4: Do not warn when enabling DAX (bsc#1132894).
• ext4: fix data corruption caused by overlapping unaligned and aligned IO (bsc#1136428).
• ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
• ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
• ext4: make sanity check in mballoc more strict (bsc#1136439).
• ext4: wait for outstanding dio during truncate in nojournal mode (bsc#1136438).
• fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510).
• fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
• fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
• firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
• fix cgroup_do_mount() handling of failure exits (bsc#1133095).
• fix rtnh_ok() (git-fixes).
• fm10k: Fix a potential NULL pointer dereference (bsc#1051510).
• fm10k: TRIVIAL cleanup of extra spacing in function comment (jsc#SLE-4796).
• fm10k: use struct_size() in kzalloc() (jsc#SLE-4796).
• fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).
• fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
• fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bsc#1136435).
• fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219).
• ftrace/x86_64: Emulate call function while updating in breakpoint handler (bsc#1099658).
• futex: Cure exit race (bsc#1050549).
• futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549).
• futex: Handle early deadlock return correctly (bsc#1050549).
• genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
• ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
• gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510).
• gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
• gpio: gpio-omap: fix level interrupt idling (bsc#1051510).
• gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).
• gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
• gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).
• hid: core: move Usage Page concatenation to Main item (bsc#1093389).
• hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510).
• hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486).
• hid: input: add mapping for 'Toggle Display' key (bsc#1051510).
• hid: input: add mapping for Assistant key (bsc#1051510).
• hid: input: add mapping for Expose/Overview key (bsc#1051510).
• hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#1051510).
• hid: input: fix a4tech horizontal wheel custom usage (bsc#1137429).
• hid: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).
• hid: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510).
• hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510).
• hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07).
• hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510).
• hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510).
• hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510).
• hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510).
• hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510).
• hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510).
• hwrng: virtio - Avoid repeated init of completion (bsc#1051510).
• i2c: imx: correct the method of getting private data in notifier_call (bsc#1111666).
• i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
• i2c: synquacer: fix enumeration of slave devices (bsc#1111666).
• i40e: Able to add up to 16 MAC filters on an untrusted VF (jsc#SLE-4797).
• i40e: add new pci id for X710/XXV710 N3000 cards (jsc#SLE-4797).
• i40e: add num_vectors checker in iwarp handler (jsc#SLE-4797).
• i40e: Add support FEC configuration for Fortville 25G (jsc#SLE-4797).
• i40e: Add support for X710 B/P and SFP+ cards (jsc#SLE-4797).
• i40e: add tracking of AF_XDP ZC state for each queue pair (jsc#SLE-4797).
• i40e: change behavior on PF in response to MDD event (jsc#SLE-4797).
• i40e: Change unmatched function types (jsc#SLE-4797).
• i40e: Changed maximum supported FW API version to 1.8 (jsc#SLE-4797).
• i40e: check queue pairs num in config queues handler (jsc#SLE-4797).
• i40e: clean up several indentation issues (jsc#SLE-4797).
• i40e: do not allow changes to HW VLAN stripping on active port VLANs (jsc#SLE-4797).
• i40e: Fix for 10G ports LED not blinking (jsc#SLE-4797).
• i40e: Fix for allowing too many MDD events on VF (jsc#SLE-4797).
• i40e: fix i40e_ptp_adjtime when given a negative delta (jsc#SLE-4797).
• i40e: Fix misleading error message (jsc#SLE-4797).
• i40e: fix misleading message about promisc setting on un-trusted VF (jsc#SLE-4797).
• i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c (jsc#SLE-4797).
• i40e: Fix the typo in adding 40GE KR4 mode (jsc#SLE-4797).
• i40e: Further implementation of LLDP (jsc#SLE-4797).
• i40e: Implement DDP support in i40e driver (jsc#SLE-4797).
• i40e: increase indentation (jsc#SLE-4797).
• i40e: Introduce recovery mode support (jsc#SLE-4797).
• i40e: Limiting RSS queues to CPUs (jsc#SLE-4797).
• i40e: Memory leak in i40e_config_iwarp_qvlist (jsc#SLE-4797).
• i40e: missing input validation on VF message handling by the PF (jsc#SLE-4797).
• i40e: move i40e_xsk_umem function (jsc#SLE-4797).
• i40e: print pci vendor and device ID during probe (jsc#SLE-4797).
• i40e: Queues are reserved despite 'Invalid argument' error (jsc#SLE-4797).
• i40e: remove debugfs tx_timeout support (jsc#SLE-4797).
• i40e: remove error msg when vf with port vlan tries to remove vlan 0 (jsc#SLE-4797).
• i40e: Remove misleading messages for untrusted VF (jsc#SLE-4797).
• i40e: remove out-of-range comparisons in i40e_validate_cloud_filter (jsc#SLE-4797).
• i40e: Remove umem from VSI (jsc#SLE-4797).
• i40e: Report advertised link modes on 40GBase_LR4, CR4 and fibre (jsc#SLE-4797).
• i40e: Report advertised link modes on 40GBASE_SR4 (jsc#SLE-4797).
• i40e: Revert ShadowRAM checksum calculation change (jsc#SLE-4797).
• i40e: save PTP time before a device reset (jsc#SLE-4797).
• i40e: Setting VF to VLAN 0 requires restart (jsc#SLE-4797).
• i40e: ShadowRAM checksum calculation change (jsc#SLE-4797).
• i40e: The driver now prints the API version in error message (jsc#SLE-4797).
• i40e: Use struct_size() in kzalloc() (jsc#SLE-4797).
• i40e: VF's promiscuous attribute is not kept (jsc#SLE-4797).
• i40e: Wrong truncation from u16 to u8 (jsc#SLE-4797).
• i40iw: Avoid panic when handling the inetdev event (jsc#SLE-4793).
• i40iw: remove support for ib_get_vector_affinity (jsc#SLE-4793).
• i40iw: remove use of VLAN_TAG_PRESENT (jsc#SLE-4793).
• ib/hfi1: Add debugfs to control expansion ROM write protect (jsc#SLE-4925).
• ib/hfi1: Add selected Rcv counters (jsc#SLE-4925).
• ib/hfi1: Close VNIC sdma_progress sleep window (jsc#SLE-4925).
• ib/hfi1: Consider LMC in 16B/bypass ingress packet check (jsc#SLE-4925).
• ib/hfi1: Correctly process FECN and BECN in packets (jsc#SLE-4925).
• ib/hfi1: Dump pio info for non-user send contexts (jsc#SLE-4925).
• ib/hfi1: Eliminate opcode tests on mr deref (jsc#SLE-4925).
• ib/hfi1: Failed to drain send queue when QP is put into error state (jsc#SLE-4925).
• ib/hfi1: Fix the allocation of RSM table (jsc#SLE-4925).
• ib/hfi1: Fix two format strings (jsc#SLE-4925).
• ib/hfi1: Fix WQ_MEM_RECLAIM warning (jsc#SLE-4925).
• ib/hfi1: Ignore LNI errors before DC8051 transitions to Polling state (jsc#SLE-4925).
• ib/hfi1: Incorrect sizing of sge for PIO will OOPs (jsc#SLE-4925).
• ib/hfi1: Limit VNIC use of SDMA engines to the available count (jsc#SLE-4925).
• ib/hfi1: Reduce lock contention on iowait_lock for sdma and pio (jsc#SLE-4925).
• ib/hfi1: Remove overly conservative VM_EXEC flag check (jsc#SLE-4925).
• ib/hfi1: Remove WARN_ON when freeing expected receive groups (jsc#SLE-4925).
• ib/hfi1: Unreserve a reserved request when it is completed (jsc#SLE-4925).
• ib/hw: Remove unneeded semicolons (bsc#1136456 jsc#SLE-4689).
• ib/rdmavt: Add wc_flags and wc_immdata to cq entry trace (jsc#SLE-4925).
• ib/rdmavt: Fix frwr memory registration (jsc#SLE-4925).
• ib/rdmavt: Fix loopback send with invalidate ordering (jsc#SLE-4925).
• ib/{rdmavt, hfi1): Miscellaneous comment fixes (jsc#SLE-4925).
• ibmvnic: Add device identification to requested IRQs (bsc#1137739).
• ibmvnic: Do not close unopened driver during reset (bsc#1137752).
• ibmvnic: Enable GRO (bsc#1132227).
• ibmvnic: Fix completion structure initialization (bsc#1131659).
• ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).
• ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
• ibmvnic: Refresh device multicast list after reset (bsc#1137752).
• ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
• ice : Ensure only valid bits are set in ice_aq_set_phy_cfg (jsc#SLE-4803).
• ice: Add 52 byte RSS hash key support (jsc#SLE-4803).
• ice: add and use new ice_for_each_traffic_class() macro (jsc#SLE-4803).
• ice: Add code for DCB initialization part 1/4 (jsc#SLE-4803).
• ice: Add code for DCB initialization part 2/4 (jsc#SLE-4803).
• ice: Add code for DCB initialization part 3/4 (jsc#SLE-4803).
• ice: Add code for DCB initialization part 4/4 (jsc#SLE-4803).
• ice: Add code for DCB rebuild (jsc#SLE-4803).
• ice: Add code to control FW LLDP and DCBX (jsc#SLE-4803).
• ice: Add code to get DCB related statistics (jsc#SLE-4803).
• ice: Add code to process LLDP Mib change events (jsc#SLE-4803).
• ice: add const qualifier to mac_addr parameter (jsc#SLE-4803).
• ice: Add ethtool private flag to make forcing link down optional (jsc#SLE-4803).
• ice: Add ethtool set_phys_id handler (jsc#SLE-4803).
• ice: Add function to program ethertype based filter rule on VSIs (jsc#SLE-4803).
• ice: Add missing case in print_link_msg for printing flow control (jsc#SLE-4803).
• ice: Add missing PHY type to link settings (jsc#SLE-4803).
• ice: Add more validation in ice_vc_cfg_irq_map_msg (jsc#SLE-4803).
• ice: Add priority information into VLAN header (jsc#SLE-4803).
• ice: Add reg_idx variable in ice_q_vector structure (jsc#SLE-4803).
• ice: Add support for adaptive interrupt moderation (jsc#SLE-4803).
• ice: Add support for new PHY types (jsc#SLE-4803).
• ice: Add support for PF/VF promiscuous mode (jsc#SLE-4803).
• ice: Allow for software timestamping (jsc#SLE-4803).
• ice: Always free/allocate q_vectors (jsc#SLE-4803).
• ice: Audit hotpath structures with pahole (jsc#SLE-4803).
• ice: avoid multiple unnecessary de-references in probe (jsc#SLE-4803).
• ice: Bump driver version (jsc#SLE-4803).
• ice: Bump version (jsc#SLE-4803).
• ice: Calculate ITR increment based on direct calculation (jsc#SLE-4803).
• ice: change VF VSI tc info along with num_queues (jsc#SLE-4803).
• ice: check for a leaf node presence (jsc#SLE-4803).
• ice: clear VF ARQLEN register on reset (jsc#SLE-4803).
• ice: code cleanup in ice_sched.c (jsc#SLE-4803).
• ice: configure GLINT_ITR to always have an ITR gran of 2 (jsc#SLE-4803).
• ice: Configure RSS LUT and HASH KEY in rebuild path (jsc#SLE-4803).
• ice: Create a generic name for the ice_rx_flg64_bits structure (jsc#SLE-4803).
• ice: Create framework for VSI queue context (jsc#SLE-4803).
• ice: Determine descriptor count and ring size based on PAGE_SIZE (jsc#SLE-4803).
• ice: Disable sniffing VF traffic on PF (jsc#SLE-4803).
• ice: Do not bail out when filter already exists (jsc#SLE-4803).
• ice: Do not let VF know that it is untrusted (jsc#SLE-4803).
• ice: Do not remove VLAN filters that were never programmed (jsc#SLE-4803).
• ice: Do not set LB_EN for prune switch rules (jsc#SLE-4803).
• ice: do not spam VFs with link messages (jsc#SLE-4803).
• ice: Do not unnecessarily initialize local variable (jsc#SLE-4803).
• ice: Enable LAN_EN for the right recipes (jsc#SLE-4803).
• ice: Enable link events over the ARQ (jsc#SLE-4803).
• ice: Enable MAC anti-spoof by default (jsc#SLE-4803).
• ice: enable VF admin queue interrupts (jsc#SLE-4803).
• ice: Fix added in VSI supported nodes calc (jsc#SLE-4803).
• ice: Fix broadcast traffic in port VLAN mode (jsc#SLE-4803).
• ice: Fix for adaptive interrupt moderation (jsc#SLE-4803).
• ice: Fix for allowing too many MDD events on VF (jsc#SLE-4803).
• ice: Fix for FC get rx/tx pause params (jsc#SLE-4803).
• ice: fix ice_remove_rule_internal vsi_list handling (jsc#SLE-4803).
• ice: Fix incorrect use of abbreviations (jsc#SLE-4803).
• ice: Fix issue reclaiming resources back to the pool after reset (jsc#SLE-4803).
• ice: Fix issue reconfiguring VF queues (jsc#SLE-4803).
• ice: Fix issue when adding more than allowed VLANs (jsc#SLE-4803).
• ice: fix issue where host reboots on unload when iommu=on (jsc#SLE-4803).
• ice: Fix issue with VF reset and multiple VFs support on PFs (jsc#SLE-4803).
• ice: fix numeric overflow warning (jsc#SLE-4803).
• ice: fix some function prototype and signature style issues (jsc#SLE-4803).
• ice: fix stack hogs from struct ice_vsi_ctx structures (jsc#SLE-4803).
• ice: fix static analysis warnings (jsc#SLE-4803).
• ice: Fix the calculation of ICE_MAX_MTU (jsc#SLE-4803).
• ice: fix the divide by zero issue (jsc#SLE-4803).
• ice: Fix typos in code comments (jsc#SLE-4803).
• ice: flush Tx pipe on disable queue timeout (jsc#SLE-4803).
• ice: Gather the rx buf clean-up logic for better reuse (jsc#SLE-4803).
• ice: Get resources per function (jsc#SLE-4803).
• ice: Get rid of ice_pull_tail (jsc#SLE-4803).
• ice: Get VF VSI instances directly via PF (jsc#SLE-4803).
• ice: Implement flow to reset VFs with PFR and other resets (jsc#SLE-4803).
• ice: Implement getting and setting ethtool coalesce (jsc#SLE-4803).
• ice: Implement pci_error_handler ops (jsc#SLE-4803).
• ice: Implement support for normal get_eeprom[_len] ethtool ops (jsc#SLE-4803).
• ice: Limit the ice_add_rx_frag to frag addition (jsc#SLE-4803).
• ice: map Rx buffer pages with DMA attributes (jsc#SLE-4803).
• ice: Move aggregator list into ice_hw instance (jsc#SLE-4803).
• ice: Offload SCTP checksum (jsc#SLE-4803).
• ice: only use the VF for ICE_VSI_VF in ice_vsi_release (jsc#SLE-4803).
• ice: Preserve VLAN Rx stripping settings (jsc#SLE-4803).
• ice: Prevent unintended multiple chain resets (jsc#SLE-4803).
• ice: Pull out page reuse checks onto separate function (jsc#SLE-4803).
• ice: Put __ICE_PREPARED_FOR_RESET check in ice_prepare_for_reset (jsc#SLE-4803).
• ice: Reduce scope of variable in ice_vsi_cfg_rxqs (jsc#SLE-4803).
• ice: Refactor a few Tx scheduler functions (jsc#SLE-4803).
• ice: Refactor getting/setting coalesce (jsc#SLE-4803).
• ice: Refactor link event flow (jsc#SLE-4803).
• ice: Remove '2 BITS' comment (jsc#SLE-4803).
• ice: Remove __always_unused attribute (jsc#SLE-4803).
• ice: remove redundant variable and if condition (jsc#SLE-4803).
• ice: Remove runtime change of PFINT_OICR_ENA register (jsc#SLE-4803).
• ice: Remove unnecessary braces (jsc#SLE-4803).
• ice: Remove unnecessary newlines from log messages (jsc#SLE-4803).
• ice: Remove unnecessary wait when disabling/enabling Rx queues (jsc#SLE-4803).
• ice: Remove unused function prototype (jsc#SLE-4803).
• ice: Remove unused function prototype (jsc#SLE-4803).
• ice: Remove unused vsi_id field (jsc#SLE-4803).
• ice: Reset all VFs with VFLR during SR-IOV init flow (jsc#SLE-4803).
• ice: Resolve static analysis reported issue (jsc#SLE-4803).
• ice: Restore VLAN switch rule if port VLAN existed before (jsc#SLE-4803).
• ice: Retrieve rx_buf in separate function (jsc#SLE-4803).
• ice: Return configuration error without queue to disable (jsc#SLE-4803).
• ice: Rework queue management code for reuse (jsc#SLE-4803).
• ice: Separate if conditions for ice_set_features() (jsc#SLE-4803).
• ice: Set LAN_EN for all directional rules (jsc#SLE-4803).
• ice: Set physical link up/down when an interface is set up/down (jsc#SLE-4803).
• ice: sizeof(type>) should be avoided (jsc#SLE-4803).
• ice: Suppress false-positive style issues reported by static analyzer (jsc#SLE-4803).
• ice: use absolute vector ID for VFs (jsc#SLE-4803).
• ice: Use bitfields where possible (jsc#SLE-4803).
• ice: Use dev_err when ice_cfg_vsi_lan fails (jsc#SLE-4803).
• ice: Use ice_for_each_q_vector macro where possible (jsc#SLE-4803).
• ice: use ice_for_each_vsi macro when possible (jsc#SLE-4803).
• ice: use irq_num var in ice_vsi_req_irq_msix (jsc#SLE-4803).
• ice: Use more efficient structures (jsc#SLE-4803).
• ice: Use pf instead of vsi-back (jsc#SLE-4803).
• ice: use virt channel status codes (jsc#SLE-4803).
• ice: Validate ring existence and its q_vector per VSI (jsc#SLE-4803).
• igb: Bump version number (jsc#SLE-4798).
• igb: Exclude device from suspend direct complete optimization (jsc#SLE-4798).
• igb: fix various indentation issues (jsc#SLE-4798).
• igb: Fix WARN_ONCE on runtime suspend (jsc#SLE-4798).
• igb: use struct_size() helper (jsc#SLE-4798).
• igc: Add ethtool support (jsc#SLE-4799).
• igc: Add multiple receive queues control supporting (jsc#SLE-4799).
• igc: Add support for statistics (jsc#SLE-4799).
• igc: Add support for the ntuple feature (jsc#SLE-4799).
• igc: Extend the ethtool supporting (jsc#SLE-4799).
• igc: Fix code redundancy (jsc#SLE-4799).
• igc: Fix the typo in igc_base.h header definition (jsc#SLE-4799).
• igc: Remove the 'igc_get_phy_id_base' method (jsc#SLE-4799).
• igc: Remove the 'igc_read_mac_addr_base' method (jsc#SLE-4799).
• igc: Remove unneeded code (jsc#SLE-4799).
• igc: Remove unneeded hw_dbg prints (jsc#SLE-4799).
• igc: Remove unreachable code from igc_phy.c file (jsc#SLE-4799).
• igc: Remove unused code (jsc#SLE-4799).
• igc: Use struct_size() helper (jsc#SLE-4799).
• igmp: fix incorrect unsolicit report count when join group (git-fixes).
• iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).
• iio: ad_sigma_delta: select channel when reading register (bsc#1051510).
• iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510).
• iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).
• iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
• iio: core: fix a possible circular locking dependency (bsc#1051510).
• iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).
• iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510).
• iio: Fix scan mask selection (bsc#1051510).
• iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).
• include/linux/bitops.h: introduce BITS_PER_TYPE (bsc#1136345 jsc#SLE-4681).
• indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#1124503).
• inetpeer: fix uninit-value in inet_getpeer (git-fixes).
• infiniband/qedr: Potential null ptr dereference of qp (bsc#1136456 jsc#SLE-4689).
• infiniband: hfi1: drop crazy DEBUGFS_SEQ_FILE_CREATE() macro (jsc#SLE-4925).
• infiniband: hfi1: no need to check return value of debugfs_create functions (jsc#SLE-4925).
• input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#1051510).
• input: introduce KEY_ASSISTANT (bsc#1051510).
• input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510).
• input: synaptics-rmi4 - fix possible double free (bsc#1051510).
• input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510).
• intel: correct return from set features callback (jsc#SLE-4795).
• intel_idle: add support for Jacobsville (jsc#SLE-5394).
• intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
• intel_th: pci: Add Comet Lake support (bsc#1051510).
• io: accel: kxcjk1013: restore the range after resume (bsc#1051510).
• iommu/amd: Set exclusion range correctly (bsc#1130425).
• iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump kernel (bsc#1117158).
• iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#1134671).
• iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006).
• iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
• iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
• ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address (git-fixes).
• ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (networking-stable-19_04_10).
• ip_gre: fix parsing gre header in ipgre_err (git-fixes).
• ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
• ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
• ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
• ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier (bsc#1111666).
• ipmi: Prevent use-after-free in deliver_response (bsc#1111666).
• ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510).
• ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
• ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
• ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled (git-fixes).
• ipv4: ensure rcu_read_lock() in ipv4_link_failure() (networking-stable-19_04_19).
• ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (networking-stable-19_05_04).
• ipv4: recompile ip options in ipv4_link_failure (networking-stable-19_04_19).
• ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).
• ipv4: set the tcp_min_rtt_wlen range from 0 to one day (networking-stable-19_04_30).
• ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
• ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
• ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
• ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).
• ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
• ipv6: mcast: fix unsolicited report interval after receiving querys (git-fixes).
• ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).
• ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).
• ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).
• ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
• ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15).
• ipvlan: fix ipv6 outbound device (bsc#1051510).
• ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
• ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
• ipvs: fix buffer overflow with sync daemon and service (git-fixes).
• ipvs: fix check on xmit to non-local addresses (git-fixes).
• ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
• ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
• ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
• ipvs: fix stats update from local clients (git-fixes).
• ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).
• iw_cxgb*: kzalloc the iwcm verbs struct (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: Check for send WR also while posting write with completion WR (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: complete the cached SRQ buffers (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).
• iw_cxgb4: Fix qpid leak (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: fix srqidx leak during connection abort (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: Make function read_tcb() static (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
• iw_cxgb4: use listening ep tos when accepting new connections (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: use tos when finding ipv6 routes (bsc#1136348 jsc#SLE-4684).
• iw_cxgb4: use tos when importing the endpoint (bsc#1136348 jsc#SLE-4684).
• iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).
• iwlwifi: fix driver operation for 5350 (bsc#1111666).
• iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).
• ixgbe: fix mdio bus registration (jsc#SLE-4795).
• ixgbe: fix older devices that do not support IXGBE_MRQC_L3L4TXSWEN (jsc#SLE-4795).
• ixgbe: register a mdiobus (jsc#SLE-4795).
• ixgbe: remove magic constant in ixgbe_reset_hw_82599() (jsc#SLE-4795).
• ixgbe: use mii_bus to handle MII related ioctls (jsc#SLE-4795).
• ixgbe: Use struct_size() helper (jsc#SLE-4795).
• jbd2: check superblock mapped prior to committing (bsc#1136430).
• kabi i40e ignore include (jsc#SLE-4797).
• kabi protect struct iw_cm_id (bsc#1136348 jsc#SLE-4684).
• kabi protect struct vf_info (bsc#1136347 jsc#SLE-4683).
• kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
• kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510).
• kabi/severities: exclude hns3 symbols (bsc#1134948)
• kabi/severities: exclude qed* symbols (bsc#1136461)
• kabi/severities: missed hns roce module
• kabi: arm64: cpuhotplug: Reuse other arch's cpuhp_state ().
• kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
• kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
• kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#1137586).
• kABI: protect dma-mapping.h include (kabi).
• kABI: protect functions using struct net_generic (bsc#1129845 LTC#176252).
• kABI: protect ip_options_rcv_srr (kabi).
• kABI: protect struct mlx5_td (kabi).
• kABI: protect struct pci_dev (kabi).
• kABI: protect struct smc_ib_device (bsc#1129845 LTC#176252).
• kABI: protect struct smcd_dev (bsc#1129845 LTC#176252).
• kABI: restore icmp_send (kabi).
• kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).
• kcm: switch order of device registration to fix a crash (bnc#1130527).
• kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
• kernel/sys.c: prctl: fix false positive in validate_prctl_map() (git-fixes).
• kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510).
• kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510).
• kernfs: do not set dentry->d_fsdata (boo#1133115).
• keys: always initialize keyring_index_key::desc_len (bsc#1051510).
• keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
• keys: user: Align the payload buffer (bsc#1051510).
• kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904 LTC#176078).
• kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563).
• kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).
• kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
• kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561).
• kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
• kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564).
• kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201).
• kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562).
• kvm: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840).
• kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
• kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
• kvm: s390: use created_vcpus in more places (bsc#1136206).
• kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
• kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149).
• kvm: VMX: Compare only a single byte for VMCS' 'launched' in vCPU-run (bsc#1132555).
• kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202).
• kvm: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570).
• kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571).
• kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203).
• kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204).
• kvm: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).
• kvm: x86: Report STibP on GET_SUPPORTED_CPUID (bsc#1111331).
• kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205).
• l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
• l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
• l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
• l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
• l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
• l2tp: revert 'l2tp: fix missing print session offset info' (bsc#1051510).
• leds: avoid races with workqueue (bsc#1051510).
• leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
• lib: add crc64 calculation routines (bsc#1130972).
• lib: do not depend on linux headers being installed (bsc#1130972).
• libata: fix using DMA buffers on stack (bsc#1051510).
• libcxgb: fix incorrect ppmax calculation (bsc#1136345 jsc#SLE-4681).
• lightnvm: if LUNs are already allocated fix return (bsc#1085535).
• linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510).
• livepatch: Convert error about unsupported reliable stacktrace into a warning (bsc#1071995).
• livepatch: Remove custom kobject state handling (bsc#1071995).
• livepatch: Remove duplicated code for early initialization (bsc#1071995).
• lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
• mac80211: do not attempt to rename ERR_PTR() debugfs dirs (bsc#1111666).
• mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510).
• mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
• mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
• mac80211: Honor SW_CRYPTO_CONTROL for unicast keys in AP VLAN mode (bsc#1111666).
• mac8390: Fix mmio access size probe (bsc#1051510).
• md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).
• md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).
• md: batch flush requests (bsc#1119680).
• md: Fix failed allocation of md_register_thread (git-fixes).
• md: fix invalid stored role for a disk (bsc#1051510).
• media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
• media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
• media: cx23885: check allocation return (bsc#1051510).
• media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
• media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
• media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
• media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).
• media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
• media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510).
• media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#1051510).
• media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
• media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
• media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510).
• media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510).
• media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510).
• media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510).
• media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510).
• media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510).
• media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
• media: wl128x: prevent two potential buffer overflows (bsc#1051510).
• memcg: make it work on sparse non-0-node systems (bnc#1133616).
• memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
• mISDN: Check address length before reading address family (bsc#1051510).
• missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15).
• mlxsw: spectrum: Fix autoneg status in ethtool (networking-stable-19_04_30).
• mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).
• mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bsc#1135330).
• mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935).
• mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825).
• mm: create non-atomic version of SetPageReserved for init use (jsc#SLE-6647).
• mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
• mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
• mmc: bcm2835 MMC issues (bsc#1070872).
• mmc: block: Delete gendisk before cleaning up the request queue (bsc#1127616).
• mmc: core: fix possible use after free of host (bsc#1051510).
• mmc: core: Fix tag set memory leak (bsc#1111666).
• mmc: davinci: remove extraneous __init annotation (bsc#1051510).
• mmc: sdhci: Fix data command CRC error handling (bsc#1051510).
• mmc: sdhci: Handle auto-command errors (bsc#1051510).
• mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510).
• mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).
• mount: copy the port field into the cloned nfs_server structure (bsc#1136990).
• mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07).
• mt7601u: bump supported EEPROM version (bsc#1051510).
• mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
• mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510).
• mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510).
• mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510).
• mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770).
• mwifiex: do not advertise ibSS features without FW support (bsc#1129770).
• mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
• mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
• mwifiex: Fix possible buffer overflows at parsing bss descriptor
• mwifiex: Make resume actually do something useful again on SDIO cards (bsc#1111666).
• mwifiex: prevent an array overflow (bsc#1051510).
• mwl8k: Fix rate_idx underflow (bsc#1051510).
• neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
• net-gro: Fix GRO flush when receiving a GSO packet (networking-stable-19_04_10).
• net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).
• net/ibmvnic: Remove tests of member address (bsc#1137739).
• net/ibmvnic: Update carrier state after link state change (bsc#1135100).
• net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
• net/ipv4: defensive cipso option parsing (git-fixes).
• net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev (git-fixes).
• net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
• net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
• net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
• net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
• net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
• net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24).
• net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (networking-stable-19_04_30).
• net/mlx5e: Fix error handling when refreshing TIRs (networking-stable-19_04_10).
• net/mlx5e: Fix trailing semicolon (bsc#1075020).
• net/mlx5e: IPoib, Reset QP after channels are closed (bsc#1075020).
• net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24).
• net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).
• net/rose: fix unbound loop in rose_loopback_timer() (networking-stable-19_04_30).
• net/sched: act_sample: fix divide by zero in the traffic path (networking-stable-19_04_10).
• net/sched: do not dereference a->goto_chain to read the chain index (bsc#1064802 bsc#1066129).
• net/sched: fix ->get helper of the matchall cls (networking-stable-19_04_10).
• net/smc: add pnet table namespace support (bsc#1129845 LTC#176252).
• net/smc: add smcd support to the pnet table (bsc#1129845 LTC#176252).
• net/smc: allow pci IDs as ib device names in the pnet table (bsc#1129845 LTC#176252).
• net/smc: allow pnetid-less configuration (bsc#1129845 LTC#176252).
• net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
• net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1129845 LTC#176252).
• net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
• net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
• net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
• net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
• net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
• net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
• net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
• net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
• net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
• net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
• net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
• net/smc: rework pnet table (bsc#1129845 LTC#176252).
• net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC#177518).
• net/tls: free ctx in sock destruct (bsc#1136353 jsc#SLE-4688).
• net/x25: fix a race in x25_bind() (networking-stable-19_03_15).
• net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15).
• net/x25: reset state in x25_connect() (networking-stable-19_03_15).
• net: Add __icmp_send helper (networking-stable-19_03_07).
• net: Add header for usage of fls64() (networking-stable-19_02_20).
• net: aquantia: fix rx checksum offload for UDP/TCP over IPv6 (networking-stable-19_03_28).
• net: atm: Fix potential Spectre v1 vulnerabilities (networking-stable-19_04_19).
• net: avoid false positives in untrusted gso validation (git-fixes).
• net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
• net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).
• net: bridge: add vlan_tunnel to bridge port policies (git-fixes).
• net: bridge: fix per-port af_packet sockets (git-fixes).
• net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes).
• net: chelsio: Add a missing check on cudg_get_buffer (bsc#1136345 jsc#SLE-4681).
• net: cxgb4: fix various indentation issues (bsc#1136345 jsc#SLE-4681).
• net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes).
• net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20).
• net: do not keep lonely packets forever in the gro hash (git-fixes).
• net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (networking-stable-19_05_04).
• net: dsa: legacy: do not unmask port bitmaps (git-fixes).
• net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (git-fixes).
• net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).
• net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#1117561).
• net: ethtool: not call vzalloc for zero sized memory request (networking-stable-19_04_10).
• net: Fix a bug in removing queues from XPS map (git-fixes).
• net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20).
• net: fix IPv6 prefix route residue (networking-stable-19_02_20).
• net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
• net: Fix untag for vlan packets without ethernet header (git-fixes).
• net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes).
• net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (networking-stable-19_04_19).
• net: hns3: add counter for times RX pages gets allocated (bsc#1104353 bsc#1134947).
• net: hns3: add error handler for initializing command queue (bsc#1104353 bsc#1135058).
• net: hns3: add function type check for debugfs help information (bsc#1104353 bsc#1134980).
• net: hns3: Add handling of MAC tunnel interruption (bsc#1104353 bsc#1134983).
• net: hns3: add hns3_gro_complete for HW GRO process (bsc#1104353 bsc#1135051).
• net: hns3: add linearizing checking for TSO case (bsc#1104353 bsc#1134947).
• net: hns3: add protect when handling mac addr list (bsc#1104353 ).
• net: hns3: add queue's statistics update to service task (bsc#1104353 bsc#1134981).
• net: hns3: add reset statistics for VF (bsc#1104353 bsc#1134995).
• net: hns3: add reset statistics info for PF (bsc#1104353 bsc#1134995).
• net: hns3: add some debug info for hclgevf_get_mbx_resp() (bsc#1104353 bsc#1134994).
• net: hns3: add some debug information for hclge_check_event_cause (bsc#1104353 bsc#1134994).
• net: hns3: add support for dump ncl config by debugfs (bsc#1104353 bsc#1134987).
• net: hns3: Add support for netif message level settings (bsc#1104353 bsc#1134989).
• net: hns3: adjust the timing of hns3_client_stop when unloading (bsc#1104353 bsc#1137201).
• net: hns3: always assume no drop TC for performance reason (bsc#1104353 bsc#1135049).
• net: hns3: check 1000M half for hns3_ethtool_ops.set_link_ksettings (bsc#1104353 bsc#1137201).
• net: hns3: check resetting status in hns3_get_stats() (bsc#1104353 bsc#1137201).
• net: hns3: code optimization for command queue' spin lock (bsc#1104353 bsc#1135042).
• net: hns3: combine len and checksum handling for inner and outer header (bsc#1104353 bsc#1134947).
• net: hns3: deactive the reset timer when reset successfully (bsc#1104353 bsc#1137201).
• net: hns3: divide shared buffer between TC (bsc#1104353 bsc#1135047).
• net: hns3: do not initialize MDIO bus when PHY is inexistent (bsc#1104353 bsc#1135045).
• net: hns3: do not request reset when hardware resetting (bsc#1104353 bsc#1137201).
• net: hns3: dump more information when tx timeout happens (bsc#1104353 bsc#1134990).
• net: hns3: extend the loopback state acquisition time (bsc#1104353).
• net: hns3: fix data race between ring->next_to_clean (bsc#1104353 bsc#1134975 bsc#1134945).
• net: hns3: fix error handling for desc filling (bsc#1104353 ).
• net: hns3: fix for HNS3_RXD_GRO_SIZE_M macro (bsc#1104353 bsc#1137201).
• net: hns3: fix for tunnel type handling in hns3_rx_checksum (bsc#1104353 bsc#1134946).
• net: hns3: fix for TX clean num when cleaning TX BD (bsc#1104353 ).
• net: hns3: fix for vport->bw_limit overflow problem (bsc#1104353 bsc#1134998).
• net: hns3: fix keep_alive_timer not stop problem (bsc#1104353 bsc#1135055).
• net: hns3: fix loop condition of hns3_get_tx_timeo_queue_info() (bsc#1104353 bsc#1134990).
• net: hns3: fix pause configure fail problem (bsc#1104353 bsc#1134951 bsc#1134951).
• net: hns3: fix set port based VLAN for PF (bsc#1104353 bsc#1135053).
• net: hns3: fix set port based VLAN issue for VF (bsc#1104353 bsc#1135053).
• net: hns3: fix sparse: warning when calling hclge_set_vlan_filter_hw() (bsc#1104353 bsc#1134999).
• net: hns3: fix VLAN offload handle for VLAN inserted by port (bsc#1104353 bsc#1135053).
• net: hns3: free the pending skb when clean RX ring (bsc#1104353 bsc#1135044).
• net: hns3: handle pending reset while reset fail (bsc#1104353 bsc#1135058).
• net: hns3: handle the BD info on the last BD of the packet (bsc#1104353 bsc#1134974).
• net: hns3: ignore lower-level new coming reset (bsc#1104353 bsc#1137201).
• net: hns3: Make hclge_destroy_cmd_queue static (bsc#1104353 bsc#1137201).
• net: hns3: Make hclgevf_update_link_mode static (bsc#1104353 bsc#1137201).
• net: hns3: minor optimization for datapath (bsc#1104353 ).
• net: hns3: minor optimization for ring_space (bsc#1104353 ).
• net: hns3: minor refactor for hns3_rx_checksum (bsc#1104353 bsc#1135052).
• net: hns3: modify HNS3_NIC_STATE_INITED flag in hns3_reset_notify_uninit_enet (bsc#1104353).
• net: hns3: modify the VF network port media type acquisition method (bsc#1104353 bsc#1137201).
• net: hns3: modify VLAN initialization to be compatible with port based VLAN (bsc#1104353 bsc#1135053).
• net: hns3: not reset TQP in the DOWN while VF resetting (bsc#1104353 bsc#1134952).
• net: hns3: not reset vport who not alive when PF reset (bsc#1104353 bsc#1137201).
• net: hns3: optimize the barrier using when cleaning TX BD (bsc#1104353 bsc#1134945).
• net: hns3: prevent change MTU when resetting (bsc#1104353 bsc#1137201).
• net: hns3: prevent double free in hns3_put_ring_config() (bsc#1104353 bsc#1134950).
• net: hns3: reduce resources use in kdump kernel (bsc#1104353 bsc#1137201).
• net: hns3: refactor BD filling for l2l3l4 info (bsc#1104353 bsc#1134947).
• net: hns3: refine tx timeout count handle (bsc#1104353 bsc#1134990).
• net: hns3: remove redundant assignment of l2_hdr to itself (bsc#1104353).
• net: hns3: remove reset after command send failed (bsc#1104353 bsc#1134949).
• net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#1104353 bsc#1135056).
• net: hns3: return 0 and print warning when hit duplicate MAC (bsc#1104353 bsc#1137201).
• net: hns3: set dividual reset level for all RAS and MSI-X errors (bsc#1104353 bsc#1135046).
• net: hns3: set up the vport alive state while reinitializing (bsc#1104353 bsc#1137201).
• net: hns3: set vport alive state to default while resetting (bsc#1104353 bsc#1137201).
• net: hns3: simplify hclgevf_cmd_csq_clean (bsc#1104353 ).
• net: hns3: some cleanup for struct hns3_enet_ring (bsc#1104353 bsc#1134947).
• net: hns3: split function hnae3_match_n_instantiate() (bsc#1104353).
• net: hns3: stop mailbox handling when command queue need re-init (bsc#1104353 bsc#1135058).
• net: hns3: stop sending keep alive msg when VF command queue needs reinit (bsc#1104353 bsc#1134972).
• net: hns3: unify maybe_stop_tx for TSO and non-TSO case (bsc#1104353 bsc#1134947).
• net: hns3: unify the page reusing for page size 4K and 64K (bsc#1104353 bsc#1134947).
• net: hns3: use a reserved byte to identify need_resp flag (bsc#1104353).
• net: hns3: use atomic_t replace u32 for arq's count (bsc#1104353 bsc#1134953).
• net: hns3: use devm_kcalloc when allocating desc_cb (bsc#1104353 bsc#1134947).
• net: hns3: use napi_schedule_irqoff in hard interrupts handlers (bsc#1104353 bsc#1134947).
• net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15).
• net: initialize skb->peeked when cloning (git-fixes).
• net: make skb_partial_csum_set() more robust against overflows (git-fixes).
• net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07).
• net: phy: marvell: add new default led configure for m88e151x (bsc#1135018).
• net: phy: marvell: change default m88e1510 LED configuration (bsc#1135018).
• net: phy: marvell: Enable interrupt function on LED2 pin (bsc#1135018).
• net: phy: marvell: Fix buffer overrun with stats counters (networking-stable-19_05_04).
• net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
• net: rose: fix a possible stack overflow (networking-stable-19_03_28).
• net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15).
• net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).
• net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15).
• net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
• net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07).
• net: stmmac: fix memory corruption with large MTUs (networking-stable-19_03_28).
• net: stmmac: move stmmac_check_ether_addr() to driver probe (networking-stable-19_04_30).
• net: test tailroom before appending to linear skb (git-fixes).
• net: thunderx: do not allow jumbo frames with XDP (networking-stable-19_04_19).
• net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
• net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
• net: use indirect call wrappers at GRO network layer (bsc#1124503).
• net: use indirect call wrappers at GRO transport layer (bsc#1124503).
• net: validate untrusted gso packets without csum offload (networking-stable-19_02_20).
• net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes).
• net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24).
• netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev (git-fixes).
• netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
• netfilter: bridge: ebt_among: add more missing match size checks (git-fixes).
• netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes).
• netfilter: drop template ct when conntrack is skipped (git-fixes).
• netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule (git-fixes).
• netfilter: ebtables: handle string from userspace with care (git-fixes).
• netfilter: ebtables: reject non-bridge targets (git-fixes).
• netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes).
• netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (git-fixes).
• netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes).
• netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes).
• netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
• netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
• netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes).
• netfilter: nf_tables: can't fail after linking rule into active rule list (git-fixes).
• netfilter: nf_tables: check msg_type before nft_trans_set(trans) (git-fixes).
• netfilter: nf_tables: fix leaking object reference count (git-fixes).
• netfilter: nf_tables: fix NULL pointer dereference on nft_ct_helper_obj_dump() (git-fixes).
• netfilter: nf_tables: release chain in flushing set (git-fixes).
• netfilter: nft_compat: do not dump private area (git-fixes).
• netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes).
• netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes).
• netfilter: x_tables: initialise match/target check parameter struct (git-fixes).
• netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).
• netlink: fix uninit-value in netlink_sendmsg (git-fixes).
• nfc: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510).
• nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes).
• nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes).
• nfs: add module option to limit NFSv4 minor version (jsc#PM-231).
• nfs: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes).
• nfs: Do not use page_file_mapping after removing the page (git-fixes).
• nfs: Fix a soft lockup in the delegation recovery code (git-fixes).
• nfs: Fix a typo in nfs_init_timeout_values() (git-fixes).
• nfs: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).
• nfs: Fix dentry revalidation on nfsv4 lookup (bsc#1132618).
• nfs: Fix I/O request leakages (git-fixes).
• nfs: fix mount/umount race in nlmclnt (git-fixes).
• nfsd4: catch some false session retries (git-fixes).
• nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).
• nfsv4.1 do not free interrupted slot on open (git-fixes).
• nfsv4.1: Reinitialise sequence results before retransmitting a request (git-fixes).
• nfsv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).
• nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#1051510).
• nvme-fc: use separate work queue to avoid warning (bsc#1131673).
• nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273).
• nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1130937).
• nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673).
• nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#1120423).
• nvme: add proper discard setup for the multipath device (bsc#1114638).
• nvme: Do not remove namespaces during reset (bsc#1131673).
• nvme: fix the dangerous reference of namespaces list (bsc#1131673).
• nvme: flush scan_work when resetting controller (bsc#1131673).
• nvme: make sure ns head inherits underlying device limits (bsc#1131673).
• nvme: only reconfigure discard if necessary (bsc#1114638).
• objtool: Fix function fallthrough detection (bsc#1058115).
• ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
• ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
• of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
• omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
• openvswitch: add seqadj extension when NAT is used (bsc#1051510).
• openvswitch: fix flow actions reallocation (bsc#1051510).
• overflow: Fix -Wtype-limits compilation warnings (bsc#1111666).
• p54: drop device reference count if fails to enable device (bsc#1135642).
• packet: fix reserve calculation (git-fixes).
• packet: in packet_snd start writing at link layer allocation (git-fixes).
• packet: refine ring v3 block size test to hold one frame (git-fixes).
• packet: reset network header if packet shorter than ll reserved space (git-fixes).
• packet: validate msg_namelen in send directly (git-fixes).
• packets: Always register packet sk in the same order (networking-stable-19_03_28).
• pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510).
• pci: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510).
• pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent() (git-fixes).
• pci: Factor out pcie_retrain_link() function (git-fixes).
• pci: Init pcie feature bits for managed host bridge alloc (bsc#1111666).
• pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
• pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
• pci: pciehp: Convert to threaded IRQ (bsc#1133005).
• pci: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005).
• pci: pciehp: Tolerate Presence Detect hardwired to zero (bsc#1133016).
• pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum (git-fixes).
• perf tools: Add Hygon Dhyana support ().
• perf/x86/amd: Add event map for AMD Family 17h (bsc#1134223).
• perf/x86/amd: Update generic hardware cache events for Family 17h (bsc#1134223).
• phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510).
• phy: sun4i-usb: Support set_mode to usb_HOST for non-OTG PHYs (bsc#1051510).
• platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
• platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
• platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
• platform/x86: intel_punit_ipc: Revert 'Fix resource ioremap warning' (bsc#1051510).
• platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI table (bsc#1051510).
• platform/x86: pmc_atom: Add several Beckhoff Automation boards to critclk_systems DMI table (bsc#1051510).
• platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
• platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
• power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc#1051510).
• power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
• powerpc/64: Make meltdown reporting Book3S 64 specific
• powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).
• powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937).
• powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
• powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E
• powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900).
• powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).
• powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900).
• powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes).
• powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes).
• powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).
• powerpc/mm: Check secondary hash page table (bsc#1065729).
• powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).
• powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
• powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584).
• powerpc/numa: improve control of topology updates (bsc#1133584).
• powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
• powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).
• powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043).
• powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121).
• powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
• powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).
• powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840).
• powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840).
• powerpc/powernv: Do not reprogram SLW image on every kvm guest entry/exit (bsc#1061840).
• powerpc/powernv: Make opal log only readable by root (bsc#1065729).
• powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).
• powerpc/process: Fix sparse address space warnings (bsc#1065729).
• powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
• powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
• powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587).
• powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes).
• powerpc: Always initialize input array when calling epapr_hypercall() (bsc#1065729).
• powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).
• powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).
• powerpc: Fix 32-bit kvm-PR lockup and host crash with MacOS guest (bsc#1061840).
• powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
• proc/kcore: do not bounds check against address 0 (bsc#1051510).
• proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
• proc: revalidate kernel thread inodes to root:root (bsc#1051510).
• ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (git-fixes).
• pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
• pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
• pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
• pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510).
• pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
• qed*: Add iWARP 100g support (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed*: Change hwfn used for sb initialization (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Add API for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Add infrastructure for error detection and recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Add llh ppfid interface and 100g support for offload protocols (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Add qed devlink parameters table (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Define new MF bit for no_vlan config (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Delete redundant doorbell recovery types (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: fix indentation issue with statements in an if-block (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Fix iWARP buffer size provided for syn packet processing (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Fix iWARP syn packet mac address validation (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Fix missing DORQ attentions (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: fix spelling mistake 'faspath' -> 'fastpath' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: fix spelling mistake 'inculde' -> 'include' (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Fix static checker warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Fix the doorbell address sanity check (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Fix the DORQ's attentions handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Mark expected switch fall-through (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Modify api for performing a dmae to another PF (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Modify offload protocols to use the affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Read device port count from the shmem (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Reduce the severity of ptp debug message (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: remove duplicated include from qed_if.h (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: remove redundant assignment to rc (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Revise load sequence to avoid pci errors (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qed: Set the doorbell address correctly (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qede: Add ethtool interface for SmartAN query (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qede: Error recovery process (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qede: Fix internal loopback failure with jumbo mtu configuration (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qede: fix write to free'd pointer error and double free of ptp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qede: Handle infinite driver spinning for Tx timestamp (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qede: place ethtool_rx_flow_spec after code after TC flower codebase (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qede: Populate mbi version in ethtool driver query data (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qedr: Change the MSI-X vectors selection to be based on affined engine (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
• qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128971).
• qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
• qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
• qla2xxx: kABI fixes for v10.00.00.14-k (bsc#1136215).
• qla2xxx: kABI fixes for v10.01.00.15-k (bsc#1136215).
• qlcnic: remove assumption that vlan_tci != 0 (bsc#1136469 jsc#SLE-4695).
• qlcnic: remove set but not used variables 'cur_rings, max_hw_rings, tx_desc_info' (bsc#1136469 jsc#SLE-4695).
• qlcnic: remove set but not used variables 'op, cmd_op' (bsc#1136469 jsc#SLE-4695).
• qmi_wwan: add Olicard 600 (bsc#1051510).
• qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).
• ras/cec: Check the correct variable in the debugfs error handling (bsc#1085535).
• ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15).
• rdma/cxbg: Use correct sizing on buffers holding page DMA addresses (bsc#1136348 jsc#SLE-4684).
• rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).
• rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).
• rdma/cxgb4: Add support for srq functions and structs (bsc#1127371).
• rdma/cxgb4: Don't expose DMA addresses (bsc#1136348 jsc#SLE-4684).
• rdma/cxgb4: Fix null pointer dereference on alloc_skb failure (bsc#1136348 jsc#SLE-4684).
• rdma/cxgb4: fix some info leaks (bsc#1127371).
• rdma/cxgb4: Fix spelling mistake 'immedate' -> 'immediate' (bsc#1136348 jsc#SLE-4684).
• rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).
• rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).
• rdma/cxgb4: Remove kref accounting for sync operation (bsc#1136348 jsc#SLE-4684).
• rdma/cxgb4: Use sizeof() notation (bsc#1136348 jsc#SLE-4684).
• rdma/hns: Add constraint on the setting of local ACK timeout (bsc#1104427 bsc#1137233).
• rdma/hns: Add SCC context allocation support for hip08 (bsc#1104427 bsc#1126206).
• rdma/hns: Add SCC context clr support for hip08 (bsc#1104427 bsc#1126206).
• rdma/hns: Add the process of AEQ overflow for hip08 (bsc#1104427 bsc#1126206).
• rdma/hns: Add timer allocation support for hip08 (bsc#1104427 bsc#1126206).
• rdma/hns: Bugfix for mapping user db (bsc#1104427 bsc#1137236).
• rdma/hns: Bugfix for posting multiple srq work request (bsc#1104427 bsc#1137236).
• rdma/hns: Bugfix for SCC hem free (bsc#1104427 bsc#1137236).
• rdma/hns: Bugfix for sending with invalidate (bsc#1104427 bsc#1137236).
• rdma/hns: Bugfix for set hem of SCC (bsc#1104427 bsc#1137236).
• rdma/hns: Bugfix for the scene without receiver queue (bsc#1104427 bsc#1137233).
• rdma/hns: Configure capacity of hns device (bsc#1104427 bsc#1137236).
• rdma/hns: Delete unused variable in hns_roce_v2_modify_qp function (bsc#1104427).
• rdma/hns: Delete useful prints for aeq subtype event (bsc#1104427 bsc#1126206).
• rdma/hns: Fix bad endianess of port_pd variable (bsc#1104427 ).
• rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
• rdma/hns: Fix the bug with updating rq head pointer when flush cqe (bsc#1104427 bsc#1137233).
• rdma/hns: Fix the chip hanging caused by sending doorbell during reset (bsc#1104427 bsc#1137232).
• rdma/hns: Fix the chip hanging caused by sending mailbox CMQ during reset (bsc#1104427 bsc#1137232).
• rdma/hns: Fix the Oops during rmmod or insmod ko when reset occurs (bsc#1104427 bsc#1137232).
• rdma/hns: Fix the state of rereg mr (bsc#1104427 bsc#1137236).
• rdma/hns: Hide error print information with roce vf device (bsc#1104427 bsc#1137236).
• rdma/hns: Limit minimum ROCE CQ depth to 64 (bsc#1104427 bsc#1137236).
• rdma/hns: Limit scope of hns_roce_cmq_send() (bsc#1104427 ).
• rdma/hns: Make some function static (bsc#1104427 bsc#1126206).
• rdma/hns: Modify qp specification according to UM (bsc#1104427 bsc#1137233).
• rdma/hns: Modify the pbl ba page size for hip08 (bsc#1104427 bsc#1137233).
• rdma/hns: Move spin_lock_irqsave to the correct place (bsc#1104427 bsc#1137236).
• rdma/hns: Only assgin some fields if the relatived attr_mask is set (bsc#1104427).
• rdma/hns: Only assign the fields of the rq psn if ib_QP_RQ_PSN is set (bsc#1104427).
• rdma/hns: Only assign the relatived fields of psn if ib_QP_SQ_PSN is set (bsc#1104427).
• rdma/hns: rdma/hns: Assign rq head pointer when enable rq record db (bsc#1104427 bsc#1137236).
• rdma/hns: Remove jiffies operation in disable interrupt context (bsc#1104427 bsc#1137236).
• rdma/hns: Remove set but not used variable 'rst' (bsc#1104427 bsc#1126206).
• rdma/hns: Set allocated memory to zero for wrid (bsc#1104427 bsc#1137236).
• rdma/hns: Support to create 1M srq queue (bsc#1104427 ).
• rdma/hns: Update CQE specifications (bsc#1104427 bsc#1137236).
• rdma/hns: Update the range of raq_psn field of qp context (bsc#1104427).
• rdma/i40iw: Handle workqueue allocation failure (jsc#SLE-4793).
• rdma/iw_cxgb4: Always disconnect when QP is transitioning to TERMINATE state (bsc#1136348 jsc#SLE-4684).
• rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).
• rdma/iwcm: add tos_set bool to iw_cm struct (bsc#1136348 jsc#SLE-4684).
• rdma/qedr: Fix incorrect device rate (bsc#1136188).
• rdma/qedr: Fix out of bounds index check in query pkey (bsc#1136456 jsc#SLE-4689).
• rdma/rdmavt: Use correct sizing on buffers holding page DMA addresses (jsc#SLE-4925).
• rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387, bsc#1103992).
• rdma/smc: Replace ib_query_gid with rdma_get_gid_attr (bsc#1131530 LTC#176717).
• rds: fix refcount bug in rds_sock_addref (git-fixes).
• rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes).
• regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510).
• ring-buffer: Check if memory is available before allocation (bsc#1132531).
• route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (networking-stable-19_03_15).
• rt2x00: do not increment sequence number while re-transmitting (bsc#1051510).
• rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
• rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
• rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
• rxrpc: Do not release call mutex on error pointer (git-fixes).
• rxrpc: Do not treat call aborts as conn aborts (git-fixes).
• rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15).
• rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
• rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket (git-fixes).
• rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).
• s390/dasd: fix panic for failed online processing (bsc#1132589).
• s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544).
• s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
• s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
• sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510).
• sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
• sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
• scripts/git_sort/git_sort.py: remove old SCSI git branches
• scripts: override locale from environment when running recordmcount.pl (bsc#1134354).
• scsi: hisi: KABI ignore new symbols (bsc#1135038).
• scsi: hisi_sas: add host reset interface for test (bsc#1135041).
• scsi: hisi_sas: Add softreset in hisi_sas_I_T_nexus_reset() (bsc#1135033).
• scsi: hisi_sas: Adjust the printk format of functions hisi_sas_init_device() (bsc#1135037).
• scsi: hisi_sas: allocate different SAS address for directly attached situation (bsc#1135036).
• scsi: hisi_sas: Do not fail IT nexus reset for Open Reject timeout (bsc#1135033).
• scsi: hisi_sas: Do not hard reset disk during controller reset (bsc#1135034).
• scsi: hisi_sas: Fix for setting the PHY linkrate when disconnected (bsc#1135038).
• scsi: hisi_sas: Remedy inconsistent PHY down state in software (bsc#1135039).
• scsi: hisi_sas: remove the check of sas_dev status in hisi_sas_I_T_nexus_reset() (bsc#1135037).
• scsi: hisi_sas: Send HARD RESET to clear the previous affiliation of STP target port (bsc#1135037).
• scsi: hisi_sas: Set PHY linkrate when disconnected (bsc#1135038).
• scsi: hisi_sas: Some misc tidy-up (bsc#1135031).
• scsi: hisi_sas: Support all RAS events with MSI interrupts (bsc#1135035).
• scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).
• scsi: libsas: Do discovery on empty PHY to update PHY info (bsc#1135024).
• scsi: libsas: Improve vague log in SAS rediscovery (bsc#1135027).
• scsi: libsas: Inject revalidate event for root port event (bsc#1135026).
• scsi: libsas: Print expander PHY indexes in decimal (bsc#1135021).
• scsi: libsas: Stop hardcoding SAS address length (bsc#1135029).
• scsi: libsas: Support SATA PHY connection rate unmatch fixing during discovery (bsc#1135028).
• scsi: libsas: Try to retain programmed min linkrate for SATA min pathway unmatch fixing (bsc#1135028).
• scsi: qedf: fixup bit operations (bsc#1135542).
• scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
• scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
• scsi: qla2xxx: Add 28xx flash primary/secondary status/image mechanism (bsc#1136215).
• scsi: qla2xxx: Add Device ID for ISP28XX (bsc#1136215).
• scsi: qla2xxx: Add First Burst support for FC-NVMe devices (bsc#1136215).
• scsi: qla2xxx: Add fw_attr and port_no SysFS node (bsc#1136215).
• scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579).
• scsi: qla2xxx: Add new FW dump template entry types (bsc#1136215).
• scsi: qla2xxx: Add protection mask module parameters (bsc#1136215).
• scsi: qla2xxx: Add Serdes support for ISP28XX (bsc#1136215).
• scsi: qla2xxx: Add support for multiple fwdump templates/segments (bsc#1136215).
• scsi: qla2xxx: Add support for setting port speed (bsc#1136215).
• scsi: qla2xxx: Avoid pci IRQ affinity mapping when multiqueue is not supported (bsc#1136215).
• scsi: qla2xxx: avoid printf format warning (bsc#1136215).
• scsi: qla2xxx: Check for FW started flag before aborting (bsc#1136215).
• scsi: qla2xxx: check for kstrtol() failure (bsc#1136215).
• scsi: qla2xxx: Cleanups for NVRAM/Flash read/write path (bsc#1136215).
• scsi: qla2xxx: Correction and improvement to fwdt processing (bsc#1136215).
• scsi: qla2xxx: Correctly report max/min supported speeds (bsc#1136215).
• scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
• scsi: qla2xxx: Fix code indentation for qla27xx_fwdt_entry (bsc#1136215).
• scsi: qla2xxx: Fix DMA error when the DIF sg buffer crosses 4GB boundary (bsc#1136215).
• scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
• scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
• scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bsc#1136215).
• scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
• scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (bsc#1136215).
• scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
• scsi: qla2xxx: Fix read offset in qla24xx_load_risc_flash() (bsc#1136215).
• scsi: qla2xxx: Fix routine qla27xx_dump_{mpi|ram}() (bsc#1136215).
• scsi: qla2xxx: fix spelling mistake: 'existant' -> 'existent' (bsc#1118139).
• scsi: qla2xxx: Fix unload when NVMe devices are configured (bsc#1136215).
• scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
• scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
• scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
• scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#1137444).
• scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#1137444).
• scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res' (bsc#1137444).
• scsi: qla2xxx: Move debug messages before sending srb preventing panic (bsc#1136215).
• scsi: qla2xxx: Move marker request behind QPair (bsc#1136215).
• scsi: qla2xxx: no need to check return value of debugfs_create functions (bsc#1136215).
• scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#1137444).
• scsi: qla2xxx: Prevent multiple ADISC commands per session (bsc#1136215).
• scsi: qla2xxx: Prevent SysFS access when chip is down (bsc#1136215).
• scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
• scsi: qla2xxx: Remove FW default template (bsc#1136215).
• scsi: qla2xxx: remove redundant null check on pointer sess (bsc#1136215).
• scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
• scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#1137444).
• scsi: qla2xxx: Remove unused symbols (bsc#1118139).
• scsi: qla2xxx: Secure flash update support for ISP28XX (bsc#1136215).
• scsi: qla2xxx: Set remote port devloss timeout to 0 (bsc#1136215).
• scsi: qla2xxx: Simplification of register address used in qla_tmpl.c (bsc#1136215).
• scsi: qla2xxx: Simplify conditional check again (bsc#1136215).
• scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
• scsi: qla2xxx: Update driver version to 10.00.00.14-k (bsc#1136215).
• scsi: qla2xxx: Update driver version to 10.01.00.15-k (bsc#1136215).
• scsi: qla2xxx: Update flash read/write routine (bsc#1136215).
• scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
• scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing them (bsc#1137444).
• scsi: smartpqi: add H3C controller IDs (bsc#1133547).
• scsi: smartpqi: add h3c ssid (bsc#1133547).
• scsi: smartpqi: add no_write_same for logical volumes (bsc#1133547).
• scsi: smartpqi: add ofa support (bsc#1133547).
• scsi: smartpqi: Add retries for device reset (bsc#1133547).
• scsi: smartpqi: add smp_utils support (bsc#1133547).
• scsi: smartpqi: add spdx (bsc#1133547).
• scsi: smartpqi: add support for huawei controllers (bsc#1133547).
• scsi: smartpqi: add support for PQI Config Table handshake (bsc#1133547).
• scsi: smartpqi: add sysfs attributes (bsc#1133547).
• scsi: smartpqi: allow for larger raid maps (bsc#1133547).
• scsi: smartpqi: bump driver version (bsc#1133547).
• scsi: smartpqi: bump driver version (bsc#1133547).
• scsi: smartpqi: call pqi_free_interrupts() in pqi_shutdown() (bsc#1133547).
• scsi: smartpqi: check for null device pointers (bsc#1133547).
• scsi: smartpqi: correct host serial num for ssa (bsc#1133547).
• scsi: smartpqi: correct lun reset issues (bsc#1133547).
• scsi: smartpqi: correct volume status (bsc#1133547).
• scsi: smartpqi: do not offline disks for transient did no connect conditions (bsc#1133547).
• scsi: smartpqi: enhance numa node detection (bsc#1133547).
• scsi: smartpqi: fix build warnings (bsc#1133547).
• scsi: smartpqi: fix disk name mount point (bsc#1133547).
• scsi: smartpqi: fully convert to the generic DMA API (bsc#1133547).
• scsi: smartpqi: increase fw status register read timeout (bsc#1133547).
• scsi: smartpqi: increase LUN reset timeout (bsc#1133547).
• scsi: smartpqi: refactor sending controller raid requests (bsc#1133547).
• scsi: smartpqi: Reporting 'logical unit failure' (bsc#1133547).
• scsi: smartpqi: turn off lun data caching for ptraid (bsc#1133547).
• scsi: smartpqi: update copyright (bsc#1133547).
• scsi: smartpqi: update driver version (bsc#1133547).
• scsi: smartpqi: wake up drives after os resumes from suspend (bsc#1133547).
• scsi: smartpqi_init: fix boolean expression in pqi_device_remove_start (bsc#1133547).
• scsi: zfcp: make DIX experimental, disabled, and independent of DIF (jsc#SLE-6772).
• sctp: avoid running the sctp state machine recursively (networking-stable-19_05_04).
• sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24).
• sctp: fix identification of new acks for SFR-CACC (git-fixes).
• sctp: get sctphdr by offset in sctp_compute_cksum (networking-stable-19_03_28).
• sctp: initialize _pad of sockaddr_in before copying to user memory (networking-stable-19_04_10).
• sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
• selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
• serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
• serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
• serial: uartps: console_setup() can't be placed to init section (bsc#1051510).
• signal: Always notice exiting tasks (git-fixes).
• signal: Better detection of synchronous signals (git-fixes).
• signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
• sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24).
• soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
• soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).
• soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510).
• soc: imx-sgtl5000: add missing put_device() (bsc#1051510).
• soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).
• spi-mem: fix kernel-doc for spi_mem_dirmap_{read|write}() (bsc#1111666).
• spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
• spi: Add missing pm_runtime_put_noidle() after failed get (bsc#1111666).
• spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510).
• spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510).
• spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510).
• spi: Micrel eth switch: declare missing of table (bsc#1051510).
• spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
• spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
• ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510).
• staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
• staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510).
• staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510).
• staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510).
• staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).
• staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510).
• staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).
• staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bsc#1111666).
• staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bsc#1111666).
• staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510).
• staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).
• stm class: Fix an endless loop in channel allocation (bsc#1051510).
• stm class: Fix channel free in stm output free path (bsc#1051510).
• stm class: Prevent division by zero (bsc#1051510).
• stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
• sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes).
• supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
• supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
• supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574).
• svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).
• svm: Fix AVIC DFR and LDR handling (bsc#1132558).
• switchtec: Fix unintended mask of MRPC event (git-fixes).
• sysctl: handle overflow for file-max (bsc#1051510).
• tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
• tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
• tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
• tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
• tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#1137586).
• tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).
• tcp: limit payload size of sacked skbs (bsc#1137586).
• tcp: purge write queue in tcp_connect_init() (git-fixes).
• tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
• tcp: tcp_grow_window() needs to respect tcp_space() (networking-stable-19_04_19).
• tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).
• team: fix possible recursive locking when add slaves (networking-stable-19_04_30).
• team: set slave to promisc if team is already in promisc mode (bsc#1051510).
• testing: nvdimm: provide SZ_4G constant (bsc#1132982).
• thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
• thermal/int340x_thermal: fix mode setting (bsc#1051510).
• thermal: cpu_cooling: Actually trace CPU load in thermal_power_cpu_get_power (bsc#1051510).
• thunderx: eliminate extra calls to put_page() for pages held for recycling (networking-stable-19_03_28).
• thunderx: enable page recycling for non-XDP case (networking-stable-19_03_28).
• tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
• tipc: fix race condition causing hung sendto (networking-stable-19_03_07).
• tipc: missing entries in name table of publications (networking-stable-19_04_19).
• tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
• tools/cpupower: Add Hygon Dhyana support ().
• tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555).
• tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527).
• tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702).
• tracing: Fix buffer_ref pipe ops (bsc#1133698).
• tracing: Fix partial reading of trace event's id file (bsc#1136573).
• treewide: Use DEVICE_ATTR_WO (bsc#1137739).
• tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
• tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510).
• tty: serial_core, add ->install (bnc#1129693).
• tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510).
• tun: add a missing rcu_read_unlock() in error path (networking-stable-19_03_28).
• tun: fix blocking read (networking-stable-19_03_07).
• tun: properly test for IFF_UP (networking-stable-19_03_28).
• tun: remove unnecessary memory barrier (networking-stable-19_03_07).
• uas: fix alignment of scatter/gather segments (bsc#1129770).
• udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
• ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#1135323).
• usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
• usb: cdc-acm: fix unthrottle races (bsc#1051510).
• usb: chipidea: Grab the (legacy) usb PHY by phandle first (bsc#1051510).
• usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510).
• usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
• usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
• usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510).
• usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
• usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
• usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
• usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).
• usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
• usb: serial: fix unthrottle races (bsc#1051510).
• usb: u132-hcd: fix resource leak (bsc#1051510).
• usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510).
• usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
• usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510).
• usb: yurex: Fix protection fault after device removal (bsc#1051510).
• userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
• vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
• vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510).
• vfio/pci: use correct format characters (bsc#1051510).
• vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
• vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219).
• vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219).
• vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219).
• vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219).
• vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219).
• vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219).
• vfs: limit size of dedupe (bsc#1132397, bsc#1132219).
• vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219).
• vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).
• vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219).
• vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219).
• vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
• vhost: reject zero size iova range (networking-stable-19_04_19).
• virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
• virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
• virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
• vrf: check accept_source_route on the original netdevice (networking-stable-19_04_10).
• vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
• vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510).
• vsock/virtio: Initialize core virtio vsock before registering the driver (bsc#1051510).
• vsock/virtio: reset connected sockets on device removal (bsc#1051510).
• vt: always call notifier with the console lock held (bsc#1051510).
• vxlan: Do not call gro_cells_destroy() before device is unregistered (networking-stable-19_03_28).
• vxlan: test dev->flags and IFF_UP before calling netif_rx() (networking-stable-19_02_20).
• wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510).
• wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510).
• x86/alternative: Init ideal_nops for Hygon Dhyana ().
• x86/amd_nb: Check vendor in AMD-only functions ().
• x86/apic: Add Hygon Dhyana support ().
• x86/bugs: Add Hygon Dhyana to the respective mitigation machinery ().
• x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die processors ().
• x86/cpu/mtrr: Support TOP_MEM2 and get MTRR number ().
• x86/cpu: Create Hygon Dhyana architecture support file ().
• x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana ().
• x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
• x86/events: Add Hygon Dhyana support to PMU infrastructure ().
• x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572).
• x86/kvm: Add Hygon Dhyana support to kvm ().
• x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415).
• x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415).
• x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and pciE SMCA bank types (bsc#1128415).
• x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415).
• x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).
• x86/mce: Add Hygon Dhyana support to the MCA infrastructure ().
• x86/mce: Do not disable MCA banks when offlining a CPU on AMD ().
• x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).
• x86/mce: Handle varying MCA bank counts (bsc#1128415).
• x86/msr-index: Cleanup bit defines (bsc#1111331).
• x86/pci, x86/amd_nb: Add Hygon Dhyana support to pci and northbridge ().
• x86/pci: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).
• x86/perf/amd: Remove need to check 'running' bit in NMI handler (bsc#1131438).
• x86/perf/amd: Resolve NMI latency issues for active PMCs (bsc#1131438).
• x86/perf/amd: Resolve race condition when disabling PMC (bsc#1131438).
• x86/smpboot: Do not use BSP INIT delay and MWAIT to idle on Dhyana ().
• x86/speculation/mds: Fix documentation typo (bsc#1135642).
• x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).
• x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
• x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).
• x86/xen: Add Hygon Dhyana support to Xen ().
• x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
• x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
• xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07).
• xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07).
• xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).
• xenbus: drop useless LIST_HEAD in xenbus_write_watch() and xenbus_file_write() (bsc#1065600).
• xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
• xfrm6: call kfree_skb when skb is toobig (git-fixes).
• xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes).
• xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
• xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).
• xfrm: fix missing dst_release() after policy blocking lbcast and multicast (git-fixes).
• xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).
• xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
• xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
• xfrm: reset crypto_done when iterating over multiple input xfrms (git-fixes).
• xfrm: reset transport header back to network header after all input transforms ahave been applied (git-fixes).
• xfrm: Return error on unknown encap_type in init_state (git-fixes).
• xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
• xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
• xfs: add log item pinning error injection tag (bsc#1114427).
• xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).
• xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219).
• xfs: buffer lru reference count error injection tag (bsc#1114427).
• xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219).
• xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).
• xfs: check _btree_check_block value (bsc#1123663).
• xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219).
• xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
• xfs: create block pointer check functions (bsc#1123663).
• xfs: create inode pointer verifiers (bsc#1114427).
• xfs: detect and fix bad summary counts at mount (bsc#1114427).
• xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub (bsc#1114427).
• xfs: export various function for the online scrubber (bsc#1123663).
• xfs: expose errortag knobs via sysfs (bsc#1114427).
• xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219).
• xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219).
• xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219).
• xfs: fix reporting supported extra file attributes for statx() (bsc#1133529).
• xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
• xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219).
• xfs: force summary counter recalc at next mount (bsc#1114427).
• xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675).
• xfs: kill meaningless variable 'zero' (bsc#1106011).
• xfs: make errortag a per-mountpoint structure (bsc#1123663).
• xfs: move error injection tags into their own file (bsc#1114427).
• xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219).
• xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
• xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011).
• xfs: refactor btree block header checking functions (bsc#1123663).
• xfs: refactor btree pointer checks (bsc#1123663).
• xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219).
• xfs: refactor unmount record write (bsc#1114427).
• xfs: refactor xfs_trans_roll (bsc#1133667).
• xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219).
• xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219).
• xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219).
• xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).
• xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
• xfs: remove xfs_zero_range (bsc#1106011).
• xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
• xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).
• xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
• xfs: sanity-check the unused space before trying to use it (bsc#1123663).
• xfs: serialize unaligned dio writes against all other dio writes (bsc#1134936).
• xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219).
• xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219).
• xsk: export xdp_get_umem_from_qid (jsc#SLE-4797).

This update for docker fixes the following issues:
Security issue fixed:

• CVE-2018-15664: Fixed an issue which could make docker cp vulnerable to symlink-exchange race attacks (bsc#1096726).

This update for samba fixes the following issues:
Security issues fixed:

• CVE-2019-12435: zone operations can crash rpc server; (bso#13922); (bsc#1137815).

• Fix cephwrap_flistxattr() debug message; (bso#13940); (bsc#1134697).
• Add ceph_snapshots VFS module; (jsc#SES-183).
• Fix vfs_ceph realpath; (bso#13918); (bsc#1134452).
• MacOS credit accounting breaks with async SESSION SETUP; (bsc#1125601); (bso#13796).
• Mac OS X SMB2 implmenetation sees Input/output error or Resource temporarily unavailable and drops connection; (bso#13698)
• Explicitly enable libcephfs POSIX ACL support; (bso#13896); (bsc#1130245).

This update for permissions fixes the following issues:

• Added whitelisting for /usr/lib/singularity/bin/starter-suid in the new singularity 3.1 version. (bsc#1128598)

This update for glib2 fixes the following issues:
Security issue fixed:

• CVE-2019-12450: Fixed an improper file permission when copy operation takes place (bsc#1137001).

• glib2 was handling an UNKNOWN connectivity state from NetworkManager as if there was a connection thus giving false positives to PackageKit (bsc#1103678)

This update for dbus-1 fixes the following issues:
Security issue fixed:

• CVE-2019-12749: Fixed an implementation flaw in DBUS_COOKIE_SHA1 which could have allowed local attackers to bypass authentication (bsc#1137832).

This update for rpcbind fixes the following issues:

• Change rpcbind locking path from /var/run/rpcbind.lock to /run/rpcbind.lock. (bsc#1134659)
• Change the order of socket/service in the %postun scriptlet to avoid an error from rpcbind.socket when rpcbind is running during package update.

This update for xfsprogs fixes the following issues:

• xfs_repair: will now allow '/' in attribute names (bsc#1122271)
• xfs_repair: will now allow zeroing of corrupt log (bsc#1073421)
• enabdled offline (unmounted) filesystem geometry queries (bsc#1129859)

This update for xz fixes the following issues:
Add SUSE-Public-Domain licence as some parts of xz utils (liblzma, xz, xzdec, lzmadec, documentation, translated messages, tests, debug, extra directory) are in public domain licence [bsc#1135709]

This update for openssh fixes the following issues:

• Fixes a crash with GSSAPI key exchange (bsc#1136104)

This update for krb5 provides the following fix:

• Move LDAP schema files from /usr/share/doc/packages/krb5 to /usr/share/kerberos/ldap. (bsc#1134217)

This update for perl-Bootloader provides the following fixes:

• Fix secureboot on aarch64. (bsc#1136601)

This update for libssh fixes the following issue:
Issue addressed:

• Added support for new AES-GCM encryption types (bsc#1134193).

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
This update adds support for the Hygon Dhyana CPU (fate#327735).
The following security bugs were fixed:

• CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c. There was an unchecked kstrdup of prop->name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash) (bnc#1137194).
• CVE-2018-16871: A NULL pointer dereference due to an anomalized NFS message sequence was fixed. (bnc#1137103).
• CVE-2019-12817: On the PowerPC architecture, local attackers could access other users processes memory (bnc#1138263).

• 6lowpan: Off by one handling ->nexthdr (bsc#1051510).
• acpi: Add Hygon Dhyana support (fate#327735).
• af_key: unconditionally clone on broadcast (bsc#1051510).
• alsa: firewire-motu: fix destruction of data for isochronous resources (bsc#1051510).
• alsa: hda/realtek - Update headset mode for ALC256 (bsc#1051510).
• alsa: oxfw: allow PCM capture for Stanton SCS.1m (bsc#1051510).
• ASoC: cs42xx8: Add regcache mask dirty (bsc#1051510).
• ASoC: fsl_asrc: Fix the issue about unsupported rate (bsc#1051510).
• audit: fix a memory leak bug (bsc#1051510).
• blk-mq: fix hang caused by freeze/unfreeze sequence (bsc#1128432).
• ceph: factor out ceph_lookup_inode() (bsc#1138681).
• ceph: fix NULL pointer deref when debugging is enabled (bsc#1138681).
• ceph: fix potential use-after-free in ceph_mdsc_build_path (bsc#1138681).
• ceph: flush dirty inodes before proceeding with remount (bsc#1138681).
• ceph: print inode number in __caps_issued_mask debugging messages (bsc#1138681).
• ceph: quota: fix quota subdir mounts (bsc#1138681).
• ceph: remove duplicated filelock ref increase (bsc#1138681).
• cfg80211: fix memory leak of wiphy device name (bsc#1051510).
• cpufreq: Add Hygon Dhyana support (fate#327735).
• cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ (fate#327735).
• cpu/topology: Export die_id (jsc#SLE-5454).
• Do not restrict NFSv4.2 on openSUSE (bsc#1138719).
• drbd: Avoid Clang warning about pointless switch statment (bsc#1051510).
• drbd: disconnect, if the wrong UUIDs are attached on a connected peer (bsc#1051510).
• drbd: narrow rcu_read_lock in drbd_sync_handshake (bsc#1051510).
• drbd: skip spurious timeout (ping-timeo) when failing promote (bsc#1051510).
• drivers: depend on HAS_IOMEM for devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).
• drivers: fix a typo in the kernel doc for devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).
• drivers: provide devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).
• drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' (bsc#1051510).
• drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen() (bsc#1051510).
• drivers: thermal: tsens: Do not print error message on -EPROBE_DEFER (bsc#1051510).
• drm: add fallback override/firmware EDID modes workaround (bsc#1111666).
• drm/amd/display: Use plane->color_space for dpp if specified (bsc#1111666).
• drm/edid: abstract override/firmware EDID retrieval (bsc#1111666).
• drm/i915: Add new AML_ULX support list (jsc#SLE-4986).
• drm/i915: Add new ICL PCI ID (jsc#SLE-4986).
• drm/i915/aml: Add new Amber Lake PCI ID (jsc#SLE-4986).
• drm/i915: Apply correct ddi translation table for AML device (jsc#SLE-4986).
• drm/i915: Attach the pci match data to the device upon creation (jsc#SLE-4986).
• drm/i915/cfl: Adding another PCI Device ID (jsc#SLE-4986).
• drm/i915/cml: Add CML PCI IDS (jsc#SLE-4986).
• drm/i915: Fix uninitialized mask in intel_device_info_subplatform_init (jsc#SLE-4986).
• drm/i915/icl: Adding few more device IDs for Ice Lake (jsc#SLE-4986).
• drm/i915: Introduce concept of a sub-platform (jsc#SLE-4986).
• drm/i915: Mark AML 0x87CA as ULX (jsc#SLE-4986).
• drm/i915: Move final cleanup of drm_i915_private to i915_driver_destroy (jsc#SLE-4986).
• drm/i915/perf: fix whitelist on Gen10+ (bsc#1051510).
• drm/i915: Remove redundant device id from IS_IRONLAKE_M macro (jsc#SLE-4986).
• drm/i915/sdvo: Implement proper HDMI audio support for SDVO (bsc#1051510).
• drm/i915: Split Pineview device info into desktop and mobile (jsc#SLE-4986).
• drm/i915: Split some PCI ids into separate groups (jsc#SLE-4986).
• drm/i915: start moving runtime device info to a separate struct (jsc#SLE-4986).
• drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver (bsc#1111666).
• drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable() (bsc#1111666).
• drm/mediatek: clear num_pipes when unbind driver (bsc#1111666).
• drm/mediatek: fix unbind functions (bsc#1111666).
• drm/mediatek: unbind components in mtk_drm_unbind() (bsc#1111666).
• drm/nouveau/disp/dp: respect sink limits when selecting failsafe link configuration (bsc#1051510).
• drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd when encoders change (bsc#1111666).
• drm/nouveau/kms/gv100-: fix spurious window immediate interlocks (bsc#1111666).
• EDAC, amd64: Add Hygon Dhyana support (fate#327735).
• EDAC/mc: Fix edac_mc_find() in case no device is found (bsc#1114279).
• HID: wacom: Add ability to provide explicit battery status info (bsc#1051510).
• HID: wacom: Add support for 3rd generation Intuos BT (bsc#1051510).
• HID: wacom: Add support for Pro Pen slim (bsc#1051510).
• HID: wacom: convert Wacom custom usages to standard HID usages (bsc#1051510).
• HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth (bsc#1051510).
• HID: wacom: Do not report anything prior to the tool entering range (bsc#1051510).
• HID: wacom: Do not set tool type until we're in range (bsc#1051510).
• HID: wacom: fix mistake in printk (bsc#1051510).
• HID: wacom: generic: add the 'Report Valid' usage (bsc#1051510).
• HID: wacom: generic: Ignore HID_DG_BATTERYSTRENTH == 0 (bsc#1051510).
• HID: wacom: generic: Leave tool in prox until it completely leaves sense (bsc#1051510).
• HID: wacom: generic: Refactor generic battery handling (bsc#1051510).
• HID: wacom: generic: Report AES battery information (bsc#1051510).
• HID: wacom: generic: Reset events back to zero when pen leaves (bsc#1051510).
• HID: wacom: generic: Scale battery capacity measurements to percentages (bsc#1051510).
• HID: wacom: generic: Send BTN_STYLUS3 when both barrel switches are set (bsc#1051510).
• HID: wacom: generic: Send BTN_TOOL_PEN in prox once the pen enters range (bsc#1051510).
• HID: wacom: generic: Support multiple tools per report (bsc#1051510).
• HID: wacom: generic: Use generic codepath terminology in wacom_wac_pen_report (bsc#1051510).
• HID: wacom: Mark expected switch fall-through (bsc#1051510).
• HID: wacom: Move handling of HID quirks into a dedicated function (bsc#1051510).
• HID: wacom: Move HID fix for AES serial number into wacom_hid_usage_quirk (bsc#1051510).
• HID: wacom: Properly handle AES serial number and tool type (bsc#1051510).
• HID: wacom: Queue events with missing type/serial data for later processing (bsc#1051510).
• HID: wacom: Remove comparison of u8 mode with zero and simplify (bsc#1051510).
• HID: wacom: Replace touch_max fixup code with static touch_max definitions (bsc#1051510).
• HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact (bsc#1051510).
• HID: wacom: Support 'in range' for Intuos/Bamboo tablets where possible (bsc#1051510).
• HID: Wacom: switch Dell canvas into highres mode (bsc#1051510).
• HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary (bsc#1051510).
• HID: wacom: wacom_wac_collection() is local to wacom_wac.c (bsc#1051510).
• HID: wacom: Work around HID descriptor bug in DTK-2451 and DTH-2452 (bsc#1051510).
• hwmon/coretemp: Cosmetic: Rename internal variables to zones from packages (jsc#SLE-5454).
• hwmon/coretemp: Support multi-die/package (jsc#SLE-5454).
• hwmon: (k10temp) 27C Offset needed for Threadripper2 (FATE#327735).
• hwmon: (k10temp) Add Hygon Dhyana support (FATE#327735).
• hwmon: (k10temp) Add support for AMD Ryzen w/ Vega graphics (FATE#327735).
• hwmon: (k10temp) Add support for family 17h (FATE#327735).
• hwmon: (k10temp) Add support for Stoney Ridge and Bristol Ridge CPUs (FATE#327735).
• hwmon: (k10temp) Add support for temperature offsets (FATE#327735).
• hwmon: (k10temp) Add temperature offset for Ryzen 1900X (FATE#327735).
• hwmon: (k10temp) Add temperature offset for Ryzen 2700X (FATE#327735).
• hwmon: (k10temp) Correct model name for Ryzen 1600X (FATE#327735).
• hwmon: (k10temp) Display both Tctl and Tdie (FATE#327735).
• hwmon: (k10temp) Fix reading critical temperature register (FATE#327735).
• hwmon: (k10temp) Make function get_raw_temp static (FATE#327735).
• hwmon: (k10temp) Move chip specific code into probe function (FATE#327735).
• hwmon: (k10temp) Only apply temperature offset if result is positive (FATE#327735).
• hwmon: (k10temp) Support all Family 15h Model 6xh and Model 7xh processors (FATE#327735).
• hwmon: k10temp: Support Threadripper 2920X, 2970WX; simplify offset table (FATE#327735).
• hwmon: (k10temp) Use API function to access System Management Network (FATE#327735).
• hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs (FATE#327735).
• i2c-piix4: Add Hygon Dhyana SMBus support (FATE#327735).
• ibmveth: Update ethtool settings to reflect virtual properties (bsc#1136157, LTC#177197).
• ipv6: fib: Do not assume only nodes hold a reference on routes (bsc#1138732).
• kabi: Mask no_vf_scan in struct pci_dev (jsc#SLE-5803 FATE#327056).
• kabi: s390: enum interruption_class (jsc#SLE-5789 bsc#1134730 LTC#173388).
• kabi: s390: enum interruption_class (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• kabi/severities: Whitelist airq_iv_* (s390-specific)
• kABI workaround for asus-wmi changes (bsc#1051510).
• kABI workaround for the new pci_dev.skip_bus_pm field addition (bsc#1051510).
• kabi: x86/topology: Add CPUID.1F multi-die/package support (jsc#SLE-5454).
• kabi: x86/topology: Define topology_logical_die_id() (jsc#SLE-5454).
• kvm: x86: Include CPUID leaf 0x8000001e in kvm's supported CPUID (bsc#1114279).
• kvm: x86: Include multiple indices with CPUID leaf 0x8000001d (bsc#1114279).
• mfd: intel-lpss: Set the device in reset state when init (bsc#1051510).
• mfd: tps65912-spi: Add missing of table registration (bsc#1051510).
• mfd: twl6040: Fix device init errors for ACCCTL register (bsc#1051510).
• mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers (bsc#1051510).
• mmc: mmci: Prevent polling for busy detection in IRQ context (bsc#1051510).
• mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support (bsc#1051510).
• module: Fix livepatch/ftrace module text permissions race (bsc#1071995 fate#323487).
• new primitive: vmemdup_user() (jsc#SLE-4712 bsc#1136156).
• nl80211: fix station_info pertid memory leak (bsc#1051510).
• {nl,mac}80211: allow 4addr AP operation on crypto controlled devices (bsc#1051510).
• nvmem: allow to select i.MX nvmem driver for i.MX 7D (bsc#1051510).
• nvmem: core: fix read buffer in place (bsc#1051510).
• nvmem: correct Broadcom OTP controller driver writes (bsc#1051510).
• nvmem: Do not let a NULL cell_id for nvmem_cell_get() crash us (bsc#1051510).
• nvmem: imx-ocotp: Add i.MX7D timing write clock setup support (bsc#1051510).
• nvmem: imx-ocotp: Add support for banked OTP addressing (bsc#1051510).
• nvmem: imx-ocotp: Enable i.MX7D OTP write support (bsc#1051510).
• nvmem: imx-ocotp: Move i.MX6 write clock setup to dedicated function (bsc#1051510).
• nvmem: imx-ocotp: Pass parameters via a struct (bsc#1051510).
• nvmem: imx-ocotp: Restrict OTP write to IMX6 processors (bsc#1051510).
• nvmem: imx-ocotp: Update module description (bsc#1051510).
• nvmem: properly handle returned value nvmem_reg_read (bsc#1051510).
• nvme: skip nvme_update_disk_info() if the controller is not live (bsc#1128432).
• PCI: Disable VF decoding before pcibios_sriov_disable() updates resources (jsc#SLE-5803).
• PCI/IOV: Add flag so platforms can skip VF scanning (jsc#SLE-5803 FATE#327056).
• PCI/IOV: Factor out sriov_add_vfs() (jsc#SLE-5803 FATE#327056).
• PCI: PM: Avoid possible suspend-to-idle issue (bsc#1051510).
• perf tools: Add Hygon Dhyana support (fate#327735).
• perf/x86/intel/cstate: Support multi-die/package (jsc#SLE-5454).
• perf/x86/intel/rapl: Cosmetic rename internal variables in response to multi-die/pkg support (jsc#SLE-5454).
• perf/x86/intel/rapl: Support multi-die/package (jsc#SLE-5454).
• perf/x86/intel/uncore: Cosmetic renames in response to multi-die/pkg support (jsc#SLE-5454).
• perf/x86/intel/uncore: Support multi-die/package (jsc#SLE-5454).
• platform/chrome: cros_ec_proto: check for NULL transfer function (bsc#1051510).
• platform_data/mlxreg: Add capability field to core platform data (bsc#1112374).
• platform_data/mlxreg: additions for Mellanox watchdog driver (bsc#1112374).
• platform_data/mlxreg: Document fixes for core platform data (bsc#1112374).
• platform/mellanox: Add new ODM system types to mlx-platform (bsc#1112374).
• platform/mellanox: Add TmFifo driver for Mellanox BlueField Soc (bsc#1136333 jsc#SLE-4994).
• platform/mellanox: mlxreg-hotplug: Add devm_free_irq call to remove flow (bsc#1111666).
• platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys from asus_nb_wmi (bsc#1051510).
• platform/x86: intel_pmc_core: Add ICL platform support (jsc#SLE-5226).
• platform/x86: intel_pmc_core: Add Package cstates residency info (jsc#SLE-5226).
• platform/x86: intel_pmc_core: Avoid a u32 overflow (jsc#SLE-5226).
• platform/x86: intel_pmc_core: Include Reserved IP for LTR (jsc#SLE-5226).
• platform/x86: intel_pmc_core: Mark local function static (jsc#SLE-5226).
• platform/x86: intel_pmc_core: Quirk to ignore XTAL shutdown (jsc#SLE-5226).
• platform/x86: mlx-platform: Add ASIC hotplug device configuration (bsc#1112374).
• platform/x86: mlx-platform: Add definitions for new registers (bsc#1112374).
• platform/x86: mlx-platform: Add extra CPLD for next generation systems (bsc#1112374).
• platform/x86: mlx-platform: Add LED platform driver activation (bsc#1112374).
• platform/x86: mlx-platform: Add mlxreg-fan platform driver activation (bsc#1112374).
• platform/x86: mlx-platform: Add mlxreg-io platform driver activation (bsc#1112374).
• platform/x86: mlx-platform: Add mlx-wdt platform driver activation (bsc#1112374).
• platform/x86: mlx-platform: Add support for fan capability registers (bsc#1112374).
• platform/x86: mlx-platform: Add support for fan direction register (bsc#1112374).
• platform/x86: mlx-platform: Add support for new VMOD0007 board name (bsc#1112374).
• platform/x86: mlx-platform: Add support for tachometer speed register (bsc#1112374).
• platform/x86: mlx-platform: Add UID LED for the next generation systems (bsc#1112374).
• platform/x86: mlx-platform: Allow mlxreg-io driver activation for more systems (bsc#1112374).
• platform/x86: mlx-platform: Allow mlxreg-io driver activation for new systems (bsc#1112374).
• platform/x86: mlx-platform: Change mlxreg-io configuration for MSN274x systems (bsc#1112374).
• platform/x86: mlx-platform: Convert to use SPDX identifier (bsc#1112374).
• platform/x86: mlx-platform: Fix access mode for fan_dir attribute (bsc#1112374).
• platform/x86: mlx-platform: Fix copy-paste error in mlxplat_init() (bsc#1112374).
• platform/x86: mlx-platform: Fix LED configuration (bsc#1112374).
• platform/x86: mlx-platform: Fix parent device in i2c-mux-reg device registration (bsc#1051510).
• platform/x86: mlx-platform: Fix tachometer registers (bsc#1112374).
• platform/x86: mlx-platform: Remove unused define (bsc#1112374).
• platform/x86: mlx-platform: Rename new systems product names (bsc#1112374).
• PM / core: Propagate dev->power.wakeup_path when no callbacks (bsc#1051510).
• powercap/intel_rapl: Simplify rapl_find_package() (jsc#SLE-5454).
• powercap/intel_rapl: Support multi-die/package (jsc#SLE-5454).
• powercap/intel_rapl: Update RAPL domain name and debug messages (jsc#SLE-5454).
• powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild (bsc#1138374, LTC#178199).
• powerpc/pseries: Fix oops in hotplug memory notifier (bsc#1138375, LTC#178204).
• powerpc/pseries/mobility: prevent cpu hotplug during DT update (bsc#1138374, LTC#178199).
• powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration (bsc#1138374, LTC#178199).
• power: supply: max14656: fix potential use-before-alloc (bsc#1051510).
• power: supply: sysfs: prevent endless uevent loop with CONFIG_POWER_SUPPLY_DEBUG (bsc#1051510).
• qlcnic: Avoid potential NULL pointer dereference (bsc#1051510).
• qmi_wwan: add network device usage statistics for qmimux devices (bsc#1051510).
• qmi_wwan: Add quirk for Quectel dynamic config (bsc#1051510).
• qmi_wwan: add support for QMAP padding in the RX path (bsc#1051510).
• qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode (bsc#1051510).
• qmi_wwan: extend permitted QMAP mux_id value range (bsc#1051510).
• rapidio: fix a NULL pointer dereference when create_workqueue() fails (bsc#1051510).
• RAS/CEC: Convert the timer callback to a workqueue (bsc#1114279).
• RAS/CEC: Fix binary search function (bsc#1114279).
• rbd: do not assert on writes to snapshots (bsc#1137985 bsc#1138681).
• Revert 'ALSA: hda/realtek - Improve the headset mic for Acer Aspire laptops' (bsc#1051510).
• Revert 'HID: wacom: generic: Send BTN_TOOL_PEN in prox once the pen enters range' (bsc#1051510).
• Revert 's390/jump_label: Use 'jdd' constraint on gcc9 (bsc#1138589).' This broke the build with older gcc instead.
• s390/airq: provide cacheline aligned ivs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/airq: recognize directed interrupts (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/dasd: fix using offset into zero size array error (bsc#1051510).
• s390: enable processes for mio instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
• s390/ism: move oddities of device IO to wrapper function (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
• s390/jump_label: Use 'jdd' constraint on gcc9 (bsc#1138589).
• s390/pci: add parameter to disable usage of MIO instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
• s390/pci: add parameter to force floating irqs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: clarify interrupt vector usage (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: fix assignment of bus resources (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
• s390/pci: fix struct definition for set PCI function (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
• s390/pci: gather statistics for floating vs directed irqs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: improve bar check (jsc#SLE-5803 FATE#327056).
• s390/pci: map IOV resources (jsc#SLE-5803 FATE#327056).
• s390/pci: mark command line parser data __initdata (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: move everything irq related to pci_irq.c (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: move io address mapping code to pci_insn.c (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
• s390/pci: provide support for CPU directed interrupts (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: provide support for MIO instructions (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
• s390/pci: remove stale rc (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: remove unused define (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/pci: skip VF scanning (jsc#SLE-5803 FATE#327056).
• s390/protvirt: add memory sharing for diag 308 set/store (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).
• s390/protvirt: block kernel command line alteration (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).
• s390/qeth: fix race when initializing the IP address table (bsc#1051510).
• s390/qeth: fix VLAN attribute in bridge_hostnotify udev event (bsc#1051510).
• s390/sclp: detect DIRQ facility (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/setup: fix early warning messages (bsc#1051510).
• s390: show statistics for MSI IRQs (jsc#SLE-5789 FATE#327042 bsc#1134730 LTC#173388).
• s390/uv: introduce guest side ultravisor code (jsc#SLE-5759 FATE#327003 bsc#1135153 LTC#173151).
• s390/virtio: handle find on invalid queue gracefully (bsc#1051510).
• sched/topology: Improve load balancing on AMD EPYC (bsc#1137366).
• scsi: hpsa: bump driver version (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: check for lv removal (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: clean up two indentation issues (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: correct device id issues (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: correct device resets (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: correct ioaccel2 chaining (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: correct simple mode (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: fix an uninitialized read and dereference of pointer dev (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: mark expected switch fall-throughs (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: remove timeout from TURs (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: switch to generic DMA API (jsc#SLE-4712 bsc#1136156).
• scsi: hpsa: Use vmemdup_user to replace the open code (jsc#SLE-4712 bsc#1136156).
• scsi: megaraid_sas: Add support for DEVICE_LIST DCMD in driver (bsc#1136271).
• scsi: megaraid_sas: correct an info message (bsc#1136271).
• scsi: megaraid_sas: driver version update (bsc#1136271).
• scsi: megaraid_sas: Retry reads of outbound_intr_status reg (bsc#1136271).
• scsi: megaraid_sas: Rework code to get PD and LD list (bsc#1136271).
• scsi: megaraid_sas: Rework device add code in AEN path (bsc#1136271).
• scsi: megaraid_sas: Update structures for HOST_DEVICE_LIST DCMD (bsc#1136271).
• scsi: qla2xxx: Fix FC-AL connection target discovery (bsc#1094555).
• scsi: qla2xxx: Fix N2N target discovery with Local loop (bsc#1094555).
• scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() (bsc#1135296).
• scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove (bsc#1051510).
• scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host (bsc#1051510).
• scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices (bsc#1051510).
• scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) (bsc#1051510).
• serial: sh-sci: disable DMA for uart_console (bsc#1051510).
• SMB3: Fix endian warning (bsc#1137884).
• soc: mediatek: pwrap: Zero initialize rdata in pwrap_init_cipher (bsc#1051510).
• soc: rockchip: Set the proper PWM for rk3288 (bsc#1051510).
• spi: bitbang: Fix NULL pointer dereference in spi_unregister_master (bsc#1051510).
• spi: Fix zero length xfer bug (bsc#1051510).
• spi: pxa2xx: fix SCR (divisor) calculation (bsc#1051510).
• spi: spi-fsl-spi: call spi_finalize_current_message() at the end (bsc#1051510).
• spi : spi-topcliff-pch: Fix to handle empty DMA buffers (bsc#1051510).
• spi: tegra114: reset controller on probe (bsc#1051510).
• supported.conf: added mlxbf_tmfifo (bsc#1136333 jsc#SLE-4994)
• thermal: rcar_gen3_thermal: disable interrupt in .remove (bsc#1051510).
• thermal/x86_pkg_temp_thermal: Cosmetic: Rename internal variables to zones from packages (jsc#SLE-5454).
• thermal/x86_pkg_temp_thermal: Support multi-die/package (jsc#SLE-5454).
• tmpfs: fix link accounting when a tmpfile is linked in (bsc#1051510).
• tmpfs: fix uninitialized return value in shmem_link (bsc#1051510).
• tools/cpupower: Add Hygon Dhyana support (fate#327735).
• topology: Create core_cpus and die_cpus sysfs attributes (jsc#SLE-5454).
• topology: Create package_cpus sysfs attribute (jsc#SLE-5454).
• tty: max310x: Fix external crystal register setup (bsc#1051510).
• usb: dwc2: Fix DMA cache alignment issues (bsc#1051510).
• usb: serial: pl2303: fix tranceiver suspend mode (bsc#1135642).
• usb: xhci: avoid null pointer deref when bos field is NULL (bsc#1135642).
• vfio: ccw: only free cp on final interrupt (bsc#1051510).
• video: hgafb: fix potential NULL pointer dereference (bsc#1051510).
• video: imsttfb: fix potential NULL pointer dereferences (bsc#1051510).
• virtio_console: initialize vtermno value for ports (bsc#1051510).
• vlan: disable SIOCSHWTSTAMP in container (bsc#1051510).
• watchdog: imx2_wdt: Fix set_timeout for big timeout values (bsc#1051510).
• x86/alternative: Init ideal_nops for Hygon Dhyana (fate#327735).
• x86/amd_nb: Add support for Raven Ridge CPUs (FATE#327735).
• x86/amd_nb: Check vendor in AMD-only functions (fate#327735).
• x86/apic: Add Hygon Dhyana support (fate#327735).
• x86/bugs: Add Hygon Dhyana to the respective mitigation machinery (fate#327735).
• x86/cpu: Add Icelake model number (jsc#SLE-5226).
• x86/cpu/amd: Do not force the CPB cap when running under a hypervisor (bsc#1114279).
• x86/cpu: Create Hygon Dhyana architecture support file (fate#327735).
• x86/cpufeatures: Carve out CQM features retrieval (jsc#SLE-5382).
• x86/cpufeatures: Combine word 11 and 12 into a new scattered features word (jsc#SLE-5382).
• x86/cpufeatures: Enumerate the new AVX512 BFLOAT16 instructions (jsc#SLE-5382).
• x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana (fate#327735).
• x86/cpu/hygon: Fix phys_proc_id calculation logic for multi-die processors ().
• x86/cpu/mtrr: Support TOP_MEM2 and get MTRR number (fate#327735).
• x86/events: Add Hygon Dhyana support to PMU infrastructure (fate#327735).
• x86/kvm: Add Hygon Dhyana support to KVM (fate#327735).
• x86/mce: Add Hygon Dhyana support to the MCA infrastructure (fate#327735).
• x86/mce: Do not disable MCA banks when offlining a CPU on AMD (fate#327735).
• x86/mce: Fix machine_check_poll() tests for error types (bsc#1114279).
• x86/microcode, cpuhotplug: Add a microcode loader CPU hotplug callback (bsc#1114279).
• x86/microcode: Fix microcode hotplug state (bsc#1114279).
• x86/microcode: Fix the ancient deprecated microcode loading method (bsc#1114279).
• x86/mm/mem_encrypt: Disable all instrumentation for early SME setup (bsc#1114279).
• x86/pci, x86/amd_nb: Add Hygon Dhyana support to PCI and northbridge (fate#327735).
• x86/smpboot: Do not use BSP INIT delay and MWAIT to idle on Dhyana (fate#327735).
• x86/smpboot: Rename match_die() to match_pkg() (jsc#SLE-5454).
• x86/speculation/mds: Revert CPU buffer clear on double fault exit (bsc#1114279).
• x86/topology: Add CPUID.1F multi-die/package support (jsc#SLE-5454).
• x86/topology: Create topology_max_die_per_package() (jsc#SLE-5454).
• x86/topology: Define topology_die_id() (jsc#SLE-5454).
• x86/topology: Define topology_logical_die_id() (jsc#SLE-5454).
• x86/umip: Make the UMIP activated message generic (bsc#1138336).
• x86/umip: Print UMIP line only once (bsc#1138336).
• x86/xen: Add Hygon Dhyana support to Xen (fate#327735).
• x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die processors (fate#327735).

This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues:
Changes in ruby2.5:
Update to 2.5.5 and 2.5.4:
https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/
Security issues fixed:

• CVE-2019-8320: Delete directory using symlink when decompressing tar (bsc#1130627)
• CVE-2019-8321: Escape sequence injection vulnerability in verbose (bsc#1130623)
• CVE-2019-8322: Escape sequence injection vulnerability in gem owner (bsc#1130622)
• CVE-2019-8323: Escape sequence injection vulnerability in API response handling (bsc#1130620)
• CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution (bsc#1130617)
• CVE-2019-8325: Escape sequence injection vulnerability in errors (bsc#1130611)

• CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives (bsc#1112532)
• CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly (bsc#1112530)

• CVE-2017-17742: HTTP response splitting in WEBrick (bsc#1087434)
• CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir (bsc#1087441)
• CVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)
• CVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)
• CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket (bsc#1087440)
• CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir (bsc#1087437)

• Multiple vulnerabilities in RubyGems were fixed:

• Fixed Net::POPMail methods modify frozen literal when using default arg
• ruby: change over of the Japanese Era to the new emperor May 1st 2019 (bsc#1133790)
• build with PIE support (bsc#1130028)

• Add a new helper for bundled ruby gems.

This update for libgcrypt fixes the following issues:

• Fixed redundant fips tests in some situations causing sudo to stop working when pam-kwallet is installed. bsc#1133808

This update for timezone fixes the following issues:

• Timezone update 2019b. (bsc#1140016): - Brazil no longer observes DST. - 'zic -b slim' outputs smaller TZif files. - Palestine's 2019 spring-forward transition was on 03-29, not 03-30. - Add info about the Crimea situation.

This update for glib2 fixes the following issues:
Security issue fixed:

• CVE-2019-13012: Fixed improper restriction of file permissions when creating directories (bsc#1139959).

This update for expat fixes the following issues:
Security issue fixed:

• CVE-2018-20843: Fixed a denial of service triggered by high resource consumption in the XML parser when XML names contain a large amount of colons (bsc#1139937).

This update for bzip2 fixes the following issues:
Security issue fixed:

• CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1139083).

This update for systemd fixes the following issues:

• conf-parse: remove 4K line length limit (bsc#1137053)
• udevd: change the default value of udev.children-max (again) (bsc#1107617)
• meson: stop creating enablement symlinks in /etc during installation (sequel)
• Fixed build for openSUSE Leap 15+
• Make sure we don't ship any static enablement symlinks in /etc Those symlinks must only be created by the presets. There are no changes in practice since systemd/udev doesn't ship such symlinks in /etc but let's make sure no future changes will introduce new ones by mistake.

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:

• CVE-2019-10638: In the Linux kernel, a device could be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may have been conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses (bnc#1140575 1140577).
• CVE-2019-10639: The Linux kernel allowed Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it was possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic was sent to multiple destination IP addresses, it was possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). This key contains enough bits from a kernel address (of a static variable) so when the key was extracted (via enumeration), the offset of the kernel image was exposed. This attack could be carried out remotely, by the attacker forcing the target device to send UDP or ICMP (or certain other) traffic to attacker-controlled IP addresses. Forcing a server to send UDP traffic is trivial if the server is a DNS server. ICMP traffic is trivial if the server answers ICMP Echo requests (ping). For client targets, if the target visits the attacker's web page, then WebRTC or gQUIC can be used to force UDP traffic to attacker-controlled IP addresses. NOTE: this attack against KASLR became viable because IP ID generation was changed to have a dependency on an address associated with a network namespace (bnc#1140577).
• CVE-2019-13233: In arch/x86/lib/insn-eval.c in the Linux kernel, there was a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation (bnc#1140454).
• CVE-2018-20836: An issue was discovered in the Linux kernel There was a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free (bnc#1134395).
• CVE-2019-10126: A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might have lead to memory corruption and possibly other consequences (bnc#1136935).
• CVE-2019-11599: The coredump implementation in the Linux kernel did not use locking or other mechanisms to prevent vma layout or vma flags changes while it ran, which allowed local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c (bnc#1131645 1133738).

• Abort file_remove_privs() for non-reg. files (bsc#1140888).
• acpica: Clear status of GPEs on first direct enable (bsc#1111666).
• acpi: PM: Allow transitions to D0 to occur in special cases (bsc#1051510).
• acpi: PM: Avoid evaluating _PS3 on transitions from D3hot to D3cold (bsc#1051510).
• alsa: firewire-lib/fireworks: fix miss detection of received MIDI messages (bsc#1051510).
• alsa: hda - Force polling mode on CNL for fixing codec communication (bsc#1051510).
• alsa: hda/realtek: Add quirks for several Clevo notebook barebones (bsc#1051510).
• alsa: hda/realtek - Change front mic location for Lenovo M710q (bsc#1051510).
• alsa: line6: Fix write on zero-sized buffer (bsc#1051510).
• alsa: seq: fix incorrect order of dest_client/dest_ports arguments (bsc#1051510).
• alsa: usb-audio: Fix parse of UAC2 Extension Units (bsc#1111666).
• alsa: usb-audio: fix sign unintended sign extension on left shifts (bsc#1051510).
• apparmor: enforce nullbyte at end of tag string (bsc#1051510).
• asoc: cx2072x: fix integer overflow on unsigned int multiply (bsc#1111666).
• ax25: fix inconsistent lock state in ax25_destroy_timer (bsc#1051510).
• Backporting hwpoison fixes - mm: hugetlb: prevent reuse of hwpoisoned free hugepages (bsc#1139712). - mm: hwpoison: change PageHWPoison behavior on hugetlb pages (bsc#1139712). - mm: hugetlb: soft-offline: dissolve source hugepage after successful migration (bsc#1139712). - mm: soft-offline: dissolve free hugepage if soft-offlined (bsc#1139712). - mm: hwpoison: introduce memory_failure_hugetlb() (bsc#1139712). - mm: hwpoison: dissolve in-use hugepage in unrecoverable memory error (bsc#1139712). - mm: hugetlb: delete dequeue_hwpoisoned_huge_page() (bsc#1139712). - mm: hwpoison: introduce idenfity_page_state (bsc#1139712). - mm: hugetlb: soft_offline: save compound page order before page migration (bsc#1139712) - fs: hugetlbfs: fix hwpoison reserve accounting (bsc#1139712) - mm: fix race on soft-offlining free huge pages (bsc#1139712). - mm: soft-offline: close the race against page allocation (bsc#1139712). - mm: soft-offline: return -EBUSY if set_hwpoison_free_buddy_page() fails (bsc#1139712). - mm: hugetlb: soft-offline: dissolve_free_huge_page() return zero on !PageHuge (bsc#bsc#1139712).
• blk-mq: free hw queue's resource in hctx's release handler (bsc#1140637).
• block: Fix a NULL pointer dereference in generic_make_request() (bsc#1139771).
• bluetooth: Fix faulty expression for minimum encryption key size check (bsc#1140328).
• bpf, devmap: Add missing bulk queue free (bsc#1109837).
• bpf, devmap: Add missing RCU read lock on flush (bsc#1109837).
• bpf, devmap: Fix premature entry free on destroying map (bsc#1109837).
• bpf: devmap: fix use-after-free Read in __dev_map_entry_free (bsc#1109837).
• bpf: lpm_trie: check left child of last leftmost node for NULL (bsc#1109837).
• bpf: sockmap fix msg->sg.size account on ingress skb (bsc#1109837).
• bpf: sockmap, fix use after free from sleep in psock backlog workqueue (bsc#1109837).
• bpf: sockmap remove duplicate queue free (bsc#1109837).
• bpf, tcp: correctly handle DONT_WAIT flags and timeo == 0 (bsc#1109837).
• can: af_can: Fix error path of can_init() (bsc#1051510).
• can: flexcan: fix timeout when set small bitrate (bsc#1051510).
• can: purge socket error queue on sock destruct (bsc#1051510).
• ceph: flush dirty inodes before proceeding with remount (bsc#1140405).
• clk: rockchip: Turn on 'aclk_dmac1' for suspend on rk3288 (bsc#1051510).
• clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider (bsc#1051510).
• coresight: etb10: Fix handling of perf mode (bsc#1051510).
• coresight: etm4x: Add support to enable ETMv4.2 (bsc#1051510).
• crypto: algapi - guard against uninitialized spawn list in crypto_remove_spawns (bsc#1133401).
• crypto: cryptd - Fix skcipher instance memory leak (bsc#1051510).
• crypto: user - prevent operating on larval algorithms (bsc#1133401).
• dax: Fix xarray entry association for mixed mappings (bsc#1140893).
• Delete patches.fixes/s390-setup-fix-early-warning-messages (bsc#1140948).
• device core: Consolidate locking and unlocking of parent and device (bsc#1106383).
• dmaengine: imx-sdma: remove BD_INTR for channel0 (bsc#1051510).
• doc: Cope with the deprecation of AutoReporter (bsc#1051510).
• documentation/ABI: Document umwait control sysfs interfaces (jsc#SLE-5187).
• documentation: DMA-API: fix a function name of max_mapping_size (bsc#1140954).
• driver core: Establish order of operations for device_add and device_del via bitflag (bsc#1106383).
• driver core: Probe devices asynchronously instead of the driver (bsc#1106383).
• drivers/base/devres: introduce devm_release_action() (bsc#1103992).
• drivers/base: Introduce kill_device() (bsc#1139865).
• drivers/base: kABI fixes for struct device_private (bsc#1106383).
• drivers: misc: fix out-of-bounds access in function param_set_kgdbts_var (bsc#1051510).
• drm/amdgpu/gfx9: use reset default for PA_SC_FIFO_SIZE (bsc#1051510).
• drm/amd/powerplay: use hardware fan control if no powerplay fan table (bsc#1111666).
• drm/arm/hdlcd: Actually validate CRTC modes (bsc#1111666).
• drm/arm/hdlcd: Allow a bit of clock tolerance (bsc#1051510).
• drm/arm/mali-dp: Add a loop around the second set CVAL and try 5 times (bsc#1111666).
• drm/etnaviv: add missing failure path to destroy suballoc (bsc#1111666).
• drm/fb-helper: generic: Do not take module ref for fbcon (bsc#1111666).
• drm: Fix drm_release() and device unplug (bsc#1111666).
• drm/i915/dmc: protect against reading random memory (bsc#1051510).
• drm/i915/gvt: ignore unexpected pvinfo write (bsc#1051510).
• drm/imx: notify drm core before sending event during crtc disable (bsc#1111666).
• drm/imx: only send event on crtc disable if kept disabled (bsc#1111666).
• drm: panel-orientation-quirks: Add quirk for GPD MicroPC (bsc#1111666).
• drm: panel-orientation-quirks: Add quirk for GPD pocket2 (bsc#1111666).
• drm/vmwgfx: fix a warning due to missing dma_parms (bsc#1111666).
• drm/vmwgfx: Use the backdoor port if the HB port is not available (bsc#1111666).
• ext4: do not delete unlinked inode from orphan list on failed truncate (bsc#1140891).
• failover: allow name change on IFF_UP slave interfaces (bsc#1109837).
• fs/ocfs2: fix race in ocfs2_dentry_attach_lock() (bsc#1140889).
• fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bsc#1140887).
• fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (bsc#1140887).
• ftrace/x86: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() (bsc#1071995).
• genirq: Prevent use-after-free and work list corruption (bsc#1051510).
• genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bsc#1051510).
• genwqe: Prevent an integer overflow in the ioctl (bsc#1051510).
• gpio: omap: fix lack of irqstatus_raw0 for OMAP4 (bsc#1051510).
• hugetlbfs: dirty pages as they are added to pagecache (git fixes (mm/hugetlbfs)).
• hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (git fixes (mm/hugetlbfs)).
• i2c: acorn: fix i2c warning (bsc#1135642).
• i2c: mlxcpld: Add support for extended transaction length for i2c-mlxcpld (bsc#1112374).
• i2c: mlxcpld: Add support for smbus block read transaction (bsc#1112374).
• i2c: mlxcpld: Allow configurable adapter id for mlxcpld (bsc#1112374).
• i2c: mlxcpld: Fix adapter functionality support callback (bsc#1112374).
• i2c: mlxcpld: Fix wrong initialization order in probe (bsc#1112374).
• i2c: mux: mlxcpld: simplify code to reach the adapter (bsc#1112374).
• ib/hfi1: Clear the IOWAIT pending bits when QP is put into error state (bsc#1114685).
• ib/hfi1: Create inline to get extended headers (bsc#1114685 ).
• ib/hfi1: Validate fault injection opcode user input (bsc#1114685 ).
• ib/mlx5: Verify DEVX general object type correctly (bsc#1103991 ).
• input: synaptics - enable SMBus on ThinkPad E480 and E580 (bsc#1051510).
• input: uinput - add compat ioctl number translation for UI_*_FF_UPLOAD (bsc#1051510).
• iommu/amd: Make iommu_disable safer (bsc#1140955).
• iommu/arm-smmu: Add support for qcom,smmu-v2 variant (bsc#1051510).
• iommu/arm-smmu: Avoid constant zero in TLBI writes (bsc#1140956).
• iommu/arm-smmu-v3: Fix big-endian CMD_SYNC writes (bsc#1111666).
• iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bsc#1051510).
• iommu/arm-smmu-v3: Use explicit mb() when moving cons pointer (bsc#1051510).
• iommu: Fix a leak in iommu_insert_resv_region (bsc#1140957).
• iommu: Use right function to get group for device (bsc#1140958).
• iommu/vt-d: Duplicate iommu_resv_region objects per device list (bsc#1140959).
• iommu/vt-d: Handle PCI bridge RMRR device scopes in intel_iommu_get_resv_regions (bsc#1140960).
• iommu/vt-d: Handle RMRR with PCI bridge device scopes (bsc#1140961).
• iommu/vt-d: Introduce is_downstream_to_pci_bridge helper (bsc#1140962).
• iommu/vt-d: Remove unnecessary rcu_read_locks (bsc#1140964).
• iov_iter: Fix build error without CONFIG_CRYPTO (bsc#1111666).
• irqchip/gic-v3-its: fix some definitions of inner cacheability attributes (bsc#1051510).
• irqchip/mbigen: Do not clear eventid when freeing an MSI (bsc#1051510).
• ixgbe: Avoid NULL pointer dereference with VF on non-IPsec hw (bsc#1140228).
• kabi fixup blk_mq_register_dev() (bsc#1140637).
• kernel-binary: fix missing \
• kernel-binary: rpm does not support multiline condition
• kernel-binary: Use -c grep option in klp project detection.
• kvm: svm/avic: fix off-by-one in checking host APIC ID (bsc#1140971).
• kvm: x86: fix return value for reserved EFER (bsc#1140992).
• kvm: x86: Skip EFER vs. guest CPUID checks for host-initiated writes (bsc#1140972).
• libata: Extend quirks for the ST1000LM024 drives with NOLPM quirk (bsc#1051510).
• libceph: assign cookies in linger_submit() (bsc#1135897).
• libceph: check reply num_data_items in setup_request_data() (bsc#1135897).
• libceph: do not consume a ref on pagelist in ceph_msg_data_add_pagelist() (bsc#1135897).
• libceph: enable fallback to ceph_msg_new() in ceph_msgpool_get() (bsc#1135897).
• libceph: introduce alloc_watch_request() (bsc#1135897).
• libceph: introduce ceph_pagelist_alloc() (bsc#1135897).
• libceph: preallocate message data items (bsc#1135897).
• libceph, rbd: add error handling for osd_req_op_cls_init() (bsc#1135897). This feature was requested for SLE15 but aws reverted in packaging and master.
• libceph, rbd, ceph: move ceph_osdc_alloc_messages() calls (bsc#1135897).
• libnvdimm/bus: Prevent duplicate device_unregister() calls (bsc#1139865).
• libnvdimm, pfn: Fix over-trim in trim_pfn_device() (bsc#1140719).
• mac80211: Do not use stack memory with scatterlist for GMAC (bsc#1051510).
• mac80211: drop robust management frames from unknown TA (bsc#1051510).
• mac80211: handle deauthentication/disassociation from TDLS peer (bsc#1051510).
• media: v4l2-ioctl: clear fields in s_parm (bsc#1051510).
• mfd: hi655x: Fix regmap area declared size for hi655x (bsc#1051510).
• mISDN: make sure device name is NUL terminated (bsc#1051510).
• mlxsw: core: Add API for QSFP module temperature thresholds reading (bsc#1112374).
• mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue (bsc#1112374).
• mlxsw: core: mlxsw: core: avoid -Wint-in-bool-context warning (bsc#1112374).
• mlxsw: core: Move ethtool module callbacks to a common location (bsc#1112374).
• mlxsw: core: Prevent reading unsupported slave address from SFP EEPROM (bsc#1112374).
• mlxsw: pci: Reincrease PCI reset timeout (bsc#1112374).
• mlxsw: reg: Add Management Temperature Bulk Register (bsc#1112374).
• mlxsw: spectrum_flower: Fix TOS matching (bsc#1112374).
• mlxsw: spectrum: Move QSFP EEPROM definitions to common location (bsc#1112374).
• mlxsw: spectrum: Put MC TCs into DWRR mode (bsc#1112374).
• mmc: core: complete HS400 before checking status (bsc#1111666).
• mmc: core: Prevent processing SDIO IRQs when the card is suspended (bsc#1051510).
• mm/devm_memremap_pages: introduce devm_memunmap_pages (bsc#1103992).
• mm/page_alloc.c: avoid potential NULL pointer dereference (git fixes (mm/pagealloc)).
• mm/page_alloc.c: fix never set ALLOC_NOFRAGMENT flag (git fixes (mm/pagealloc)).
• mm/vmscan.c: prevent useless kswapd loops (git fixes (mm/vmscan)).
• net: core: support XDP generic on stacked devices (bsc#1109837).
• net: do not clear sock->sk early to avoid trouble in strparser (bsc#1103990).
• net: ena: add ethtool function for changing io queue sizes (bsc#1138879).
• net: ena: add good checksum counter (bsc#1138879).
• net: ena: add handling of llq max tx burst size (bsc#1138879).
• net: ena: add MAX_QUEUES_EXT get feature admin command (bsc#1138879).
• net: ena: add newline at the end of pr_err prints (bsc#1138879).
• net: ena: add support for changing max_header_size in LLQ mode (bsc#1138879).
• net: ena: allow automatic fallback to polling mode (bsc#1138879).
• net: ena: allow queue allocation backoff when low on memory (bsc#1138879).
• net: ena: arrange ena_probe() function variables in reverse christmas tree (bsc#1138879).
• net: ena: enable negotiating larger Rx ring size (bsc#1138879).
• net: ena: ethtool: add extra properties retrieval via get_priv_flags (bsc#1138879).
• net: ena: Fix bug where ring allocation backoff stopped too late (bsc#1138879).
• net: ena: fix ena_com_fill_hash_function() implementation (bsc#1138879).
• net: ena: fix: Free napi resources when ena_up() fails (bsc#1138879).
• net: ena: fix incorrect test of supported hash function (bsc#1138879).
• net: ena: fix: set freed objects to NULL to avoid failing future allocations (bsc#1138879).
• net: ena: fix swapped parameters when calling ena_com_indirect_table_fill_entry (bsc#1138879).
• net: ena: gcc 8: fix compilation warning (bsc#1138879).
• net: ena: improve latency by disabling adaptive interrupt moderation by default (bsc#1138879).
• net: ena: make ethtool show correct current and max queue sizes (bsc#1138879).
• net: ena: optimise calculations for CQ doorbell (bsc#1138879).
• net: ena: remove inline keyword from functions in *.c (bsc#1138879).
• net: ena: replace free_tx/rx_ids union with single free_ids field in ena_ring (bsc#1138879).
• net: ena: update driver version from 2.0.3 to 2.1.0 (bsc#1138879).
• net: ena: use dev_info_once instead of static variable (bsc#1138879).
• net: ethernet: ti: cpsw_ethtool: fix ethtool ring param set (bsc#1130836).
• net: Fix missing meta data in skb with vlan packet (bsc#1109837).
• net/mlx5: Avoid reloading already removed devices (bsc#1103990 ).
• net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled (bsc#1103990).
• net/mlx5e: Fix the max MTU check in case of XDP (bsc#1103990 ).
• net/mlx5e: Fix use-after-free after xdp_return_frame (bsc#1103990).
• net/mlx5e: Rx, Check ip headers sanity (bsc#1103990 ).
• net/mlx5e: Rx, Fixup skb checksum for packets with tail padding (bsc#1109837).
• net/mlx5e: XDP, Fix shifted flag index in RQ bitmap (bsc#1103990 ).
• net/mlx5: FPGA, tls, hold rcu read lock a bit longer (bsc#1103990).
• net/mlx5: FPGA, tls, idr remove on flow delete (bsc#1103990 ).
• net/mlx5: Set completion EQs as shared resources (bsc#1103991 ).
• net/mlx5: Update pci error handler entries and command translation (bsc#1103991).
• net: mvpp2: prs: Fix parser range for VID filtering (bsc#1098633).
• net: mvpp2: prs: Fix parser range for VID filtering (bsc#1098633).
• net: mvpp2: prs: Use the correct helpers when removing all VID filters (bsc#1098633).
• net: mvpp2: prs: Use the correct helpers when removing all VID filters (bsc#1098633).
• net: mvpp2: Use strscpy to handle stat strings (bsc#1098633).
• net: mvpp2: Use strscpy to handle stat strings (bsc#1098633).
• net: phy: marvell10g: report if the PHY fails to boot firmware (bsc#1119113).
• net/sched: cbs: Fix error path of cbs_module_init (bsc#1109837).
• net/sched: cbs: fix port_rate miscalculation (bsc#1109837).
• net/tls: avoid NULL pointer deref on nskb->sk in fallback (bsc#1109837).
• net/tls: avoid potential deadlock in tls_set_device_offload_rx() (bsc#1109837).
• net: tls, correctly account for copied bytes with multiple sk_msgs (bsc#1109837).
• net/tls: do not copy negative amounts of data in reencrypt (bsc#1109837).
• net/tls: do not ignore netdev notifications if no TLS features (bsc#1109837).
• net/tls: do not leak IV and record seq when offload fails (bsc#1109837).
• net/tls: do not leak partially sent record in device mode (bsc#1109837).
• net/tls: fix build without CONFIG_TLS_DEVICE (bsc#1109837).
• net/tls: fix copy to fragments in reencrypt (bsc#1109837).
• net/tls: fix page double free on TX cleanup (bsc#1109837).
• net/tls: fix refcount adjustment in fallback (bsc#1109837).
• net/tls: fix state removal with feature flags off (bsc#1109837).
• net/tls: fix the IV leaks (bsc#1109837).
• net/tls: prevent bad memory access in tls_is_sk_tx_device_offloaded() (bsc#1109837).
• net/tls: replace the sleeping lock around RX resync with a bit lock (bsc#1109837).
• net/udp_gso: Allow TX timestamp with UDP GSO (bsc#1109837).
• nfit/ars: Allow root to busy-poll the ARS state machine (bsc#1140814).
• nfit/ars: Avoid stale ARS results (jsc#SLE-5433).
• nfit/ars: Introduce scrub_flags (jsc#SLE-5433).
• nfp: bpf: fix static check error through tightening shift amount adjustment (bsc#1109837).
• nfp: flower: add rcu locks when accessing netdev for tunnels (bsc#1109837).
• ntp: Allow TAI-UTC offset to be set to zero (bsc#1135642).
• nvme: copy MTFA field from identify controller (bsc#1140715).
• nvme-rdma: fix double freeing of async event data (bsc#1120423).
• nvme-rdma: fix possible double free of controller async event buffer (bsc#1120423).
• ocfs2: try to reuse extent block in dealloc without meta_alloc (bsc#1128902).
• pci: Do not poll for PME if the device is in D3cold (bsc#1051510).
• pci/p2pdma: fix the gen_pool_add_virt() failure path (bsc#1103992).
• pci: PM: Skip devices in D0 for suspend-to-idle (bsc#1051510).
• pci: rpadlpar: Fix leaked device_node references in add/remove paths (bsc#1051510).
• pinctrl/amd: add get_direction handler (bsc#1140463).
• pinctrl/amd: fix gpio irq level in debugfs (bsc#1140463).
• pinctrl/amd: fix masking of GPIO interrupts (bsc#1140463).
• pinctrl/amd: make functions amd_gpio_suspend and amd_gpio_resume static (bsc#1140463).
• pinctrl/amd: poll InterruptEnable bits in amd_gpio_irq_set_type (bsc#1140463).
• pinctrl/amd: poll InterruptEnable bits in enable_irq (bsc#1140463).
• pm: ACPI/PCI: Resume all devices during hibernation (bsc#1111666).
• powerpc/perf: Add PM_LD_MISS_L1 and PM_BR_2PATH to power9 event list (bsc#1137728, LTC#178106).
• powerpc/perf: Add POWER9 alternate PM_RUN_CYC and PM_RUN_INST_CMPL events (bsc#1137728, LTC#178106).
• powerpc/rtas: retry when cpu offline races with suspend/migration (bsc#1140428, LTC#178808).
• ppc64le: enable CONFIG_PPC_DT_CPU_FTRS (jsc#SLE-7159).
• ppp: mppe: Add softdep to arc4 (bsc#1088047).
• ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (git-fixes).
• ptrace: restore smp_rmb() in __ptrace_may_access() (git-fixes).
• pwm: stm32: Use 3 cells ->of_xlate() (bsc#1111666).
• qmi_wwan: Fix out-of-bounds read (bsc#1111666).
• rdma/ipoib: Allow user space differentiate between valid dev_port (bsc#1103992).
• rdma/mlx5: Do not allow the user to write to the clock page (bsc#1103991).
• rdma/mlx5: Initialize roce port info before multiport master init (bsc#1103991).
• rdma/mlx5: Use rdma_user_map_io for mapping BAR pages (bsc#1103992).
• regulator: s2mps11: Fix buck7 and buck8 wrong voltages (bsc#1051510).
• Replace the bluetooth fix with the upstream commit (bsc#1135556)
• Revert 'net: ena: ethtool: add extra properties retrieval via get_priv_flags' (bsc#1138879).
• Revert 'net/mlx5e: Enable reporting checksum unnecessary also for L3 packets' (bsc#1103990).
• Revert 'Revert 'Drop multiversion(kernel) from the KMP template ()''
• Revert 'Sign non-x86 kernels when possible (boo#1134303)' This reverts commit bac621c6704610562ebd9e74ae5ad85ca8025681. We do not have reports of this working with all ARM architectures in all cases (boot, kexec, ..) so revert for now.
• Revert 'svm: Fix AVIC incomplete IPI emulation' (bsc#1140133).
• rpm/package-descriptions: fix typo in kernel-azure
• rpm/post.sh: correct typo in err msg (bsc#1137625)
• sbitmap: fix improper use of smp_mb__before_atomic() (bsc#1140658).
• scripts/git_sort/git_sort.py: add djbw/nvdimm nvdimm-pending.
• scripts/git_sort/git_sort.py: add nvdimm/libnvdimm-fixes
• scripts/git_sort/git_sort.py: drop old scsi branches
• scsi: aacraid: change event_wait to a completion (jsc#SLE-4710 bsc#1136161).
• scsi: aacraid: change wait_sem to a completion (jsc#SLE-4710 bsc#1136161).
• scsi: aacraid: clean up some indentation and formatting issues (jsc#SLE-4710 bsc#1136161).
• scsi: aacraid: Mark expected switch fall-through (jsc#SLE-4710 bsc#1136161).
• scsi: aacraid: Mark expected switch fall-throughs (jsc#SLE-4710 bsc#1136161).
• scsi: be2iscsi: be_iscsi: Mark expected switch fall-through (jsc#SLE-4721 bsc#1136264).
• scsi: be2iscsi: be_main: Mark expected switch fall-through (jsc#SLE-4721 bsc#1136264).
• scsi: be2iscsi: fix spelling mistake 'Retreiving' -> 'Retrieving' (jsc#SLE-4721 bsc#1136264).
• scsi: be2iscsi: lpfc: fix typo (jsc#SLE-4721 bsc#1136264).
• scsi: be2iscsi: remove unused variable dmsg (jsc#SLE-4721 bsc#1136264).
• scsi: be2iscsi: switch to generic DMA API (jsc#SLE-4721 bsc#1136264).
• scsi: core: add new RDAC LENOVO/DE_Series device (bsc#1132390).
• scsi: csiostor: csio_wr: mark expected switch fall-through (jsc#SLE-4679 bsc#1136343).
• scsi: csiostor: drop serial_number usage (jsc#SLE-4679 bsc#1136343).
• scsi: csiostor: fix calls to dma_set_mask_and_coherent() (jsc#SLE-4679 bsc#1136343).
• scsi: csiostor: fix incorrect dma device in case of vport (jsc#SLE-4679 bsc#1136343).
• scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (jsc#SLE-4679 bsc#1136343).
• scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() (jsc#SLE-4679 bsc#1136343).
• scsi: csiostor: no need to check return value of debugfs_create functions (jsc#SLE-4679 bsc#1136343).
• scsi: csiostor: Remove set but not used variable 'pln' (jsc#SLE-4679 bsc#1136343).
• scsi: mpt3sas: Add Atomic RequestDescriptor support on Aero (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Add flag high_iops_queues (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Add missing breaks in switch statements (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Add support for ATLAS PCIe switch (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Add support for NVMe Switch Adapter (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Affinity high iops queues IRQs to local node (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: change _base_get_msix_index prototype (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Enable interrupt coalescing on high iops (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: fix indentation issue (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Fix kernel panic during expander reset (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Fix typo in request_desript_type (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: function pointers of request descriptor (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Improve the threshold value and introduce module param (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Introduce perf_mode module parameter (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Irq poll to avoid CPU hard lockups (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Load balance to improve performance and avoid soft lockups (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Rename mpi endpoint device ID macro (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: save and use MSI-X index for posting RD (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: simplify interrupt handler (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Update driver version to 27.102.00.00 (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Update driver version to 29.100.00.00 (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Update mpt3sas driver version to 28.100.00.00 (bsc#1125703,jsc#SLE-4717).
• scsi: mpt3sas: Use high iops queues under some circumstances (bsc#1125703,jsc#SLE-4717).
• scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() (bsc#1140727).
• scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bsc#1140728).
• scsi: target/iblock: Fix overrun in WRITE SAME emulation (bsc#1140424).
• scsi: target/iblock: Fix overrun in WRITE SAME emulation (bsc#1140424).
• signal/ptrace: Do not leak unitialized kernel memory with PTRACE_PEEK_SIGINFO (git-fixes).
• staging: comedi: ni_mio_common: Fix divide-by-zero for DIO cmdtest (bsc#1051510).
• staging:iio:ad7150: fix threshold mode config bit (bsc#1051510).
• svm: Add warning message for AVIC IPI invalid target (bsc#1140133).
• svm: Fix AVIC incomplete IPI emulation (bsc#1140133).
• sysctl: handle overflow in proc_get_long (bsc#1051510).
• tools: bpftool: fix infinite loop in map create (bsc#1109837).
• tracing/snapshot: Resize spare buffer if size changed (bsc#1140726).
• typec: tcpm: fix compiler warning about stupid things (git-fixes).
• usb: chipidea: udc: workaround for endpoint conflict issue (bsc#1135642).
• usb: dwc2: host: Fix wMaxPacketSize handling (fix webcam regression) (bsc#1135642).
• usb: Fix chipmunk-like voice when using Logitech C270 for recording audio (bsc#1051510).
• usbnet: ipheth: fix racing condition (bsc#1051510).
• usb: serial: fix initial-termios handling (bsc#1135642).
• usb: serial: option: add support for Simcom SIM7500/SIM7600 RNDIS mode (bsc#1051510).
• usb: serial: option: add Telit 0x1260 and 0x1261 compositions (bsc#1051510).
• usb: serial: pl2303: add Allied Telesis VT-Kit3 (bsc#1051510).
• usb: usb-storage: Add new ID to ums-realtek (bsc#1051510).
• x86/cpufeatures: Enumerate user wait instructions (jsc#SLE-5187).
• x86/umwait: Add sysfs interface to control umwait C0.2 state (jsc#SLE-5187).
• x86/umwait: Add sysfs interface to control umwait maximum time (jsc#SLE-5187).
• x86/umwait: Initialize umwait control values (jsc#SLE-5187).
• xdp: check device pointer before clearing (bsc#1109837).

This update for grub2 fixes the following issues:

• Check/refresh zipl-kernel before hibernate on s390x. (bsc#940457)

• Removing hardcoded 'vmlinuz'.

• Try to refresh zipl-kernel on failed kexec. (bsc#1127293)

• Fully support 'previous' zipl-kernel with 'mem=1G' being available on dedicated entries. (bsc#928131)

This update for MozillaFirefox, mozilla-nss fixes the following issues:
MozillaFirefox to version ESR 60.8:

• CVE-2019-9811: Sandbox escape via installation of malicious language pack (bsc#1140868).
• CVE-2019-11711: Script injection within domain through inner window reuse (bsc#1140868).
• CVE-2019-11712: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (bsc#1140868).
• CVE-2019-11713: Use-after-free with HTTP/2 cached stream (bsc#1140868).
• CVE-2019-11729: Empty or malformed p256-ECDH public keys may trigger a segmentation fault (bsc#1140868).
• CVE-2019-11715: HTML parsing error can contribute to content XSS (bsc#1140868).
• CVE-2019-11717: Caret character improperly escaped in origins (bsc#1140868).
• CVE-2019-11719: Out-of-bounds read when importing curve25519 private key (bsc#1140868).
• CVE-2019-11730: Same-origin policy treats all files in a directory as having the same-origin (bsc#1140868).
• CVE-2019-11709: Multiple Memory safety bugs fixed (bsc#1140868).

• Added IPSEC IKE support to softoken
• Many new FIPS test cases

This update for glibc fixes the following issues:
Security issues fixed:

• CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match (bsc#1127308).
• CVE-2009-5155: Fixed a denial of service in parse_reg_exp() (bsc#1127223).

• Does no longer compress debug sections in crt*.o files (bsc#1123710)
• Fixes a concurrency problem in ldconfig (bsc#1117993)
• Fixes a race condition in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330)

This update for grub2 fixes the following issues:

• Fix a regression introduced by the previous update which could prevent booting on ppc64. (bsc#1134287, bsc#1139345).

• Avoid high resolution when trying to keep current mode (bsc#1133842)
• Make GRUB_SAVEDEFAULT working with btrfs (bsc#1128592)

This update for hwinfo fixes the following issues:

• Fixes an issue where the UUID of a system was wrong (bsc#1135819)

This update for rsyslog fixes the following issues:

• Suppress error message about missing environment variable TZ. (bsc#1137681)

This update for dracut fixes the following issues:

• 95dasd-rules 95zfcp-rules: was not correctly looking for rule names (bsc#1137784)
• Early microcode was not added from files with .early postfix (bsc#1098915, bsc#1125393)
• GPIO modules weren't get included on ARM (bsc#1133819)
• Routes were not properly added due to a spelling error (bsc#1134347)
• Decouple iscsi from sysinit.target (bsc#1134472)
• dracut-lib.sh:dev_unit_name() guard against $dev beginning with '-' (bsc#1132448)
• 95iscsi: error messages were created when building initrd, due to multipath timeouts (bsc#1130114, bsc#1130107, bsc#1121238)

This update for libgcrypt fixes the following issues:
Security issue fixed:

• CVE-2019-12904: Fixed a flush-and-reload side-channel attack in the AES implementation (bsc#1138939).