Removed rpms
============

 - SUSEConnect
 - busybox-adduser
 - busybox-attr
 - busybox-bc
 - busybox-bind-utils
 - busybox-bzip2
 - busybox-coreutils
 - busybox-cpio
 - busybox-diffutils
 - busybox-dos2unix
 - busybox-ed
 - busybox-findutils
 - busybox-gawk
 - busybox-grep
 - busybox-gzip
 - busybox-hostname
 - busybox-iproute2
 - busybox-iputils
 - busybox-k8s-yaml
 - busybox-kbd
 - busybox-kmod
 - busybox-less
 - busybox-links
 - busybox-man
 - busybox-misc
 - busybox-ncurses-utils
 - busybox-net-tools
 - busybox-netcat
 - busybox-patch
 - busybox-policycoreutils
 - busybox-procps
 - busybox-psmisc
 - busybox-sed
 - busybox-selinux-tools
 - busybox-sendmail
 - busybox-sh
 - busybox-sharutils
 - busybox-syslogd
 - busybox-sysvinit-tools
 - busybox-tar
 - busybox-telnet
 - busybox-tftp
 - busybox-time
 - busybox-traceroute
 - busybox-tunctl
 - busybox-unzip
 - busybox-util-linux
 - busybox-vi
 - busybox-vlan
 - busybox-wget
 - busybox-which
 - busybox-whois
 - busybox-xz
 - clang13-devel-32bit
 - grub2-arm64-efi
 - grub2-powerpc-ieee1275-debug
 - audit-devel-32bit
 - dbus-1-devel-32bit
 - gstreamer-32bit
 - gstreamer-devel-32bit
 - gstreamer-plugins-bad-fluidsynth-32bit
 - gstreamer-plugins-good-32bit
 - gstreamer-plugins-good-extra-32bit
 - gstreamer-plugins-good-jack-32bit
 - libaudit1-32bit
 - libavahi-client3-32bit
 - libblkid-devel-32bit
 - libbz2-1-32bit
 - libexpat-devel-32bit
 - libext2fs2-32bit
 - libfabric-devel-32bit
 - libfabric1-32bit
 - libgnutls30-hmac-32bit
 - libgstadaptivedemux-1_0-0-32bit
 - libgstaudio-1_0-0-32bit
 - libgstfft-1_0-0-32bit
 - libgstreamer-1_0-0-32bit
 - libgsturidownloader-1_0-0-32bit
 - libgstvulkan-1_0-0-32bit
 - libgtop-2_0-11-32bit
 - libmount-devel-32bit
 - libopenssl1_1-hmac-32bit
 - libpcre2-posix2-32bit
 - libsmartcols-devel-32bit
 - libsoftokn3-hmac-32bit
 - libwebkit2gtk-4_1-0-32bit
 - libzstd-devel-32bit
 - pam-32bit
 - pipewire-spa-plugins-0_2-32bit
 - python310-32bit
 - samba-client-libs-32bit
 - wine-staging-32bit
 - wine-staging-devel-32bit
 - grub2-powerpc-ieee1275
 - qemu-seabios
 - qemu-sgabios
 - kernel-livepatch-5_14_21-150400_15-default
 - krb5-devel-32bit
 - libblkid1-32bit
 - libdbus-1-3-32bit
 - libdevmapper1_03-32bit
 - libeconf0-32bit
 - libelf-devel-32bit
 - libexpat1-32bit
 - libfaxutil7_0_4
 - libfdisk-devel-32bit
 - libfreebl3-hmac-32bit
 - libgpgme11-32bit
 - libgstallocators-1_0-0-32bit
 - libgstcodecs-1_0-0-32bit
 - libgstgl-1_0-0-32bit
 - libgstplayer-1_0-0-32bit
 - libgstriff-1_0-0-32bit
 - libgsttag-1_0-0-32bit
 - libgstwayland-1_0-0-32bit
 - libimobiledevice-1_0-6-32bit
 - libjavascriptcoregtk-4_1-0-32bit
 - libpcre2-16-0-32bit
 - libprotobuf20-32bit
 - libsemanage1-32bit
 - libtrilinos_13_0_1-gnu-openmpi2-hpc
 - libwebkit2gtk-4_0-37-32bit
 - libzstd1-32bit
 - nss-myhostname-32bit
 - opensc-32bit
 - pipewire-alsa-32bit
 - python3-uyuni-common-libs
 - python310-base-32bit
 - rpm-32bit
 - samba-client-32bit
 - samba-libs-32bit
 - trilinos_13_0_1-gnu-openmpi2-hpc-devel
 - uyuni-base-common
 - uyuni-base-proxy
 - uyuni-base-server

Added rpms
==========

 - audit-devel-32bit
 - dbus-1-devel-32bit
 - grub2-powerpc-ieee1275
 - gstreamer-32bit
 - gstreamer-devel-32bit
 - gstreamer-plugins-bad-fluidsynth-32bit
 - gstreamer-plugins-good-32bit
 - gstreamer-plugins-good-extra-32bit
 - gstreamer-plugins-good-jack-32bit
 - gstreamer-plugins-rs
 - gstreamer-plugins-rs-devel
 - grub2-arm64-efi
 - clang13-devel-32bit
 - krb5-devel-32bit
 - libblkid1-32bit
 - libdbus-1-3-32bit
 - libdevmapper1_03-32bit
 - libeconf0-32bit
 - libelf-devel-32bit
 - libexpat1-32bit
 - libfdisk-devel-32bit
 - libfreebl3-hmac-32bit
 - libgpgme11-32bit
 - libgstallocators-1_0-0-32bit
 - libgstcodecs-1_0-0-32bit
 - libgstgl-1_0-0-32bit
 - libgstplayer-1_0-0-32bit
 - libgstriff-1_0-0-32bit
 - libgsttag-1_0-0-32bit
 - libgstwayland-1_0-0-32bit
 - libimobiledevice-1_0-6-32bit
 - libjavascriptcoregtk-4_1-0-32bit
 - libpcre2-16-0-32bit
 - libprotobuf20-32bit
 - libsemanage1-32bit
 - libwebkit2gtk-4_0-37-32bit
 - libzstd1-32bit
 - nss-myhostname-32bit
 - opensc-32bit
 - pipewire-alsa-32bit
 - python310-base-32bit
 - rpm-32bit
 - samba-client-32bit
 - samba-libs-32bit
 - grub2-powerpc-ieee1275-debug
 - kernel-obs-build
 - kernel-livepatch-5_14_21-150400_16-default
 - libaudit1-32bit
 - libavahi-client3-32bit
 - libblkid-devel-32bit
 - libbz2-1-32bit
 - libexpat-devel-32bit
 - libext2fs2-32bit
 - libfabric-devel-32bit
 - libfabric1-32bit
 - libfaxutil7_0_5
 - libgnutls30-hmac-32bit
 - libgstadaptivedemux-1_0-0-32bit
 - libgstaudio-1_0-0-32bit
 - libgstfft-1_0-0-32bit
 - libgstplay-1_0-0
 - libgstplay-1_0-0-32bit
 - libgstreamer-1_0-0-32bit
 - libgsturidownloader-1_0-0-32bit
 - libgstva-1_0-0
 - libgstva-1_0-0-32bit
 - libgstvulkan-1_0-0-32bit
 - libgtop-2_0-11-32bit
 - libmount-devel-32bit
 - libopenssl1_1-hmac-32bit
 - libpcre2-posix2-32bit
 - libsmartcols-devel-32bit
 - libsoftokn3-hmac-32bit
 - libtrilinos_13_2_0-gnu-mpich-hpc13
 - libtrilinos_13_2_0-gnu-mvapich2-hpc13
 - libtrilinos_13_2_0-gnu-openmpi2-hpc13
 - libtrilinos_13_2_0-gnu-openmpi3-hpc13
 - libtrilinos_13_2_0-gnu-openmpi4-hpc13
 - libwebkit2gtk-4_1-0-32bit
 - libzstd-devel-32bit
 - pam-32bit
 - pipewire-spa-plugins-0_2-32bit
 - python310-32bit
 - qemu-seabios
 - qemu-sgabios
 - samba-client-libs-32bit
 - sassist
 - trilinos_13_2_0-gnu-mpich-hpc-devel
 - trilinos_13_2_0-gnu-mvapich2-hpc-devel
 - trilinos_13_2_0-gnu-openmpi2-hpc-devel
 - trilinos_13_2_0-gnu-openmpi3-hpc-devel
 - trilinos_13_2_0-gnu-openmpi4-hpc-devel
 - trilinos_13_2_0-hpc-doc
 - trivy
 - typelib-1_0-GstPlay-1_0
 - wine-staging-32bit
 - wine-staging-devel-32bit
 - yast2-migration-sle

Package Source Changes
======================

Photini
+- Update to version 2022.3.2
+  * Fix urllib import error porblem on some systems.
+  * / Fix non-existing cache directory error.
+
bluedevil5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
breeze
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * Fix build without QtQuick and QtX11Extras
+
breeze-gtk
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
btrfsprogs
+- Ignore multipath devices when probing devices for a btrfs filesystem (bsc#1192983)
+  * 0001-btrfs-progs-Add-optional-dependency-on-libudev.patch
+  * 0002-btrfs-progs-Ignore-devices-representing-paths-in-mul.patch
+  * 0003-btrfs-progs-Add-fallback-code-for-path-device-ignore.patch
+
chrony
+- Fix config file handling in the spec file and remove "ntsdumpdir"
+  from default config, because augeas-lenses cannot parse it during
+  installation of SLE Micro on SLE-15-SP3 (bsc#1194220).
+
clamav-database
+- database refresh on 2022-03-28 (bsc#1084929)
+
cloud-init
+- systemctl location (bsc#1193531)
+  - Add cloud-init-sysctl-not-in-bin.patch
+  - The sytemctl executable is not necessarily in '/bin'
+
+- Remove unneeded BuildRequires on python3-nose.
+
discover
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * Fix searchfield focus on touch launch
+
dnf
+- Add Fix-processing-of-download-errors.patch backported from upstream
+  * Fix dnf incorrectly aborting on non-English systems when packages already cached (rh#2024527)
+
dnf-plugins-extras
+- Update to 4.0.16
+  + Fix cleaning up destdir after system-upgrade (rh#2024430)
+
drkonqi5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
dtb-aarch64
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
expat
+- Security fixes:
+  * (CVE-2022-25236, bsc#1196784) [>=2.4.5] Fix to CVE-2022-25236
+    breaks biboumi, ClairMeta, jxmlease, libwbxml,
+    openleadr-python, rnv, xmltodict
+  - Added expat-CVE-2022-25236-relax-fix.patch
+
+- Security fixes:
+  * (CVE-2022-25236, bsc#1196025) Expat before 2.4.5 allows
+    attackers to insert namespace-separator characters into
+    namespace URIs
+  - Added expat-CVE-2022-25236.patch
+  * (CVE-2022-25235, bsc#1196026) xmltok_impl.c in Expat before
+    2.4.5 does not check whether a UTF-8 character is valid in a
+    certain context.
+  - Added expat-CVE-2022-25235.patch
+  * (CVE-2022-25313, bsc#1196168) Stack exhaustion in
+    build_model() via uncontrolled recursion
+  - Added expat-CVE-2022-25313.patch
+  - The fix upstream introduced a regression that was later
+    amended in 2.4.6 version
+    + Added expat-CVE-2022-25313-fix-regression.patch
+  * (CVE-2022-25314, bsc#1196169) Integer overflow in copyString
+  - Added expat-CVE-2022-25314.patch
+  * (CVE-2022-25315, bsc#1196171) Integer overflow in storeRawNames
+  - Added expat-CVE-2022-25315.patch
+
firewalld
+- Provide dummy firewalld-prometheus-config package (bsc#1197042)
+
+- Add patch which fixes the zone configuration (bsc#1191837)
+  * 0001-chore-fw_zone-call-permanent-config-checks-at-runtim.patch
+
gnuhealth
+- version 4.0.3
+  * Remove pinning from vobject library version (Vanilla installation)
+  * fix bug #62235: Traceback on default health professional
+
gstreamer
+- Update to version 1.20.1:
+  + deinterlace: various bug fixes for yadif, greedy and scalerbob
+    methods
+  + gtk video sink: Fix rotation not being applied when paused
+  + gst-play-1.0: Fix trick-mode handling in keyboard shortcut
+  + jpegdec: fix RGB conversion handling
+  + matroskademux: improved ProRes video handling
+  + matroskamux: Handle multiview-mode/flags/pixel-aspect-ratio
+    caps fields correctly when checking caps equality on input caps
+    changes
+  + videoaggregator fixes (negative rate handling, current position
+    rounding)
+  + soup http plugin: Lookup libsoup dylib files on Apple
+    platforms; fix Cerbero static build on Android and iOS
+  + Support build against libfreeaptx in openaptx plugin
+  + Fix linking issues on Illumos distros
+  + GstPlay: Fix new error + warning parsing API (was unusuable
+    before)
+  + mpegtsmux: VBR muxing fixes
+  + nvdecoder: Various fixes for 4:4:4 and high-bitdepth decoding
+  + Support build against libfreeaptx in openaptx plugin
+  + webrtc: Various fixes to the webrtc-sendrecv python example
+  + macOS: support a relocatable `GStreamer.framework` on macOS
+  + macOS: fix applemedia plugin failing to load on ARM64 macOS
+  + windows: ship wavpack library
+  + gst-python: Fix build with Python 3.11
+  + various bug fixes, memory leak fixes, and other stability and
+    reliability improvements
+  + plugin loader: show the reason when spawning of
+    gst-plugin-scanner fails
+  + registry, plugin loading: fix dynamic relocation if
+    GST_PLUGIN_SUBDIR (libdir) is not a single subdirectory;
+    improve GST_PLUGIN_SUBDIR handling
+  + context: fix transfer annotation on
+    gst_context_writable_structure() for bindings
+  + baseparse: Don't truncate the duration to milliseconds in
+    gst_base_parse_convert_default()
+  + bufferpool: Deactivate pool and get rid of references to other
+    objects from dispose instead of finalize
+
+- Update to version 1.20.0:
+  + Development in GitLab was switched to a single git repository
+    containing all the modules
+  + GstPlay: new high-level playback library, replaces GstPlayer
+  + WebM Alpha decoding support
+  + Encoding profiles can now be tweaked with additional
+    application-specified element properties
+  + Compositor: multi-threaded video conversion and mixing
+  + RTP header extensions: unified support in RTP depayloader and
+    payloader base classes
+  + SMPTE 2022-1 2-D Forward Error Correction support
+  + Smart encoding (pass through) support for VP8, VP9, H.265 in
+    encodebin and transcodebin
+  + Runtime compatibility support for libsoup2 and libsoup3
+    (libsoup3 support experimental)
+  + Video decoder subframe support
+  + Video decoder automatic packet-loss, data corruption, and
+    keyframe request handling for RTP / WebRTC / RTSP
+  + mp4 and Matroska muxers now support profile/level/resolution
+    changes for H.264/H.265 input streams (i.e. codec data changing
+    on the fly)
+  + mp4 muxing mode that initially creates a fragmented mp4 which
+    is converted to a regular mp4 on EOS
+  + Audio support for the WebKit Port for Embedded (WPE) web page
+    source element
+  + CUDA based video color space convert and rescale elements and
+    upload/download elements
+  + NVIDIA memory:NVMM support for OpenGL glupload and gldownload
+    elements
+  + Many WebRTC improvements
+  + The new VA-API plugin implementation fleshed out with more
+    decoders and new postproc elements
+  + AppSink API to retrieve events in addition to buffers and
+    buffer lists
+  + AppSrc gained more configuration options for the internal queue
+    (leakiness, limits in buffers and time, getters to read current
+    levels)
+  + Updated Rust bindings and many new Rust plugins
+  + Improved support for custom minimal GStreamer builds
+  + Support build against FFmpeg 5.0
+  + Linux Stateless CODEC support gained MPEG-2 and VP9
+  + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support
+  + Lots of new plugins, features, performance improvements and bug
+    fixes
+- Use ldconfig_scriptlets macro for post(un) handling where
+  possible.
+- Update Source url.
+
gstreamer-plugins-bad
+- Add 8440e2a373e5ce681d15f5880cb2f2562be332cf.patch:
+  nvh264dec,nvh265dec: Fix broken key-unit trick and reverse
+  playback.
+- Quiet setup, we do not need to see the unpacking of the tarball.
+
+- Add patch to support building with srt 1.3.4 in SLE
+  * fix-build-with-srt-1.3.4.patch
+- Do not build the gstldac plugin in s390x where
+  pkgconfig(ldacBT-enc) is not available.
+
+- Update to version 1.20.1:
+  + GstPlay: Fix new error + warning parsing API (was unusuable
+    before)
+  + av1parse: let the parser continue on verbose OBUs
+  + d3d11converter: Fix RGB to GRAY conversion, broken debug
+    messages, and add missing GRAY conversion
+  + gs: look for google_cloud_cpp_storage.pc
+  + ipcpipeline: fix crash and error on windows with SOCKET or
+    _pipe()
+  + ivfparse: Don't set zero resolution on caps
+  + mpegtsdemux: Handle PES headers bigger than a mpeg-ts packet;
+    fix locking in error code path; handle more program updates
+  + mpegtsmux: Start last_ts with GST_CLOCK_TIME_NONE to fix VBR
+    muxing behaviour
+  + mpegtsmux: Thread safety fixes: lock mux->tsmux, the programs
+    hash table, and pad streams
+  + mpegtsmux: Skip empty buffers
+  + osxaudiodeviceprovider: Add initial support for duplex devices
+    on OSX
+  + rtpldacpay: Fix missing payload information
+  + sdpdemux: add media attributes to caps, fixes ptp clock
+    handling
+  + mfaudioenc: Handle empty IMFMediaBuffer
+  + nvdecoder: Various fixes for 4:4:4 and high-bitdepth decoding
+  + nvenc: Fix deadlock because of too strict buffer pool size
+  + va: fix library build issues, caps leaks in the vpp transform
+    function, and add vaav1dec to documentation
+  + v4l2codecs: vp9: Minor fixes
+  + v4l2codecs: h264: Correct scaling matrix ABI check
+  + dtlstransport: Notify ICE transport property changes
+  + webrtc: Various fixes to the webrtc-sendrecv python example
+  + webrtc-ice: Fix memory leaks in gst_webrtc_ice_add_candidate()
+  + Support build against libfreeaptx in openaptx plugin
+  + Fix linking issues on Illumos distros
+- Drop patch already included upstream:
+  + 1634.patch
+
+- Update to version 1.20.0:
+  + Development in GitLab was switched to a single git repository
+    containing all the modules
+  + GstPlay: new high-level playback library, replaces GstPlayer
+  + WebM Alpha decoding support
+  + Encoding profiles can now be tweaked with additional
+    application-specified element properties
+  + Compositor: multi-threaded video conversion and mixing
+  + RTP header extensions: unified support in RTP depayloader and
+    payloader base classes
+  + SMPTE 2022-1 2-D Forward Error Correction support
+  + Smart encoding (pass through) support for VP8, VP9, H.265 in
+    encodebin and transcodebin
+  + Runtime compatibility support for libsoup2 and libsoup3
+    (libsoup3 support experimental)
+  + Video decoder subframe support
+  + Video decoder automatic packet-loss, data corruption, and
+    keyframe request handling for RTP / WebRTC / RTSP
+  + mp4 and Matroska muxers now support profile/level/resolution
+    changes for H.264/H.265 input streams (i.e. codec data changing
+    on the fly)
+  + mp4 muxing mode that initially creates a fragmented mp4 which
+    is converted to a regular mp4 on EOS
+  + Audio support for the WebKit Port for Embedded (WPE) web page
+    source element
+  + CUDA based video color space convert and rescale elements and
+    upload/download elements
+  + NVIDIA memory:NVMM support for OpenGL glupload and gldownload
+    elements
+  + Many WebRTC improvements
+  + The new VA-API plugin implementation fleshed out with more
+    decoders and new postproc elements
+  + AppSink API to retrieve events in addition to buffers and
+    buffer lists
+  + AppSrc gained more configuration options for the internal queue
+    (leakiness, limits in buffers and time, getters to read current
+    levels)
+  + Updated Rust bindings and many new Rust plugins
+  + Improved support for custom minimal GStreamer builds
+  + Support build against FFmpeg 5.0
+  + Linux Stateless CODEC support gained MPEG-2 and VP9
+  + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support
+  + Lots of new plugins, features, performance improvements and bug
+    fixes
+- Add explicit pkgconfig(libva) BuildRequires: meson checks for it.
+- Go back to using tarball from upstream, remove service.
+- Drop 2564.patch: Fixed upstream.
+- Add disabled pkgconfig(storage_client) and
+  pkgconfig(webrtc-audio-coding-1) BuildRequires and pass
+  gs=disabled, isac=disabled and onnx=disabled to meson, we do not
+  have the dependencies in openSUSE yet.
+- Add explicit BuildRequires:  pkgconfig(libsoup-2.4), meson checks
+  for it.
+- Add pkgconfig(json-glib-1.0), pkgconfig(ldacBT-enc) and
+  pkgconfig(libqrencode) BuildRequires, new dependencies.
+- Add pkgconfig(libopenaptx) BuildRequires in build_orig section
+  and pass openaptx=disabled to meson, do not build this in distro
+  by default.
+- Drop mms and ofa plugins, removed upstream. Drop
+  pkgconfig(libmms) and pkgconfig(libofa) BuildRequires following
+  the removal.
+- Add new sub-packages libgstplay-1_0-0, typelib-1_0-GstPlay-1_0
+  and libgstva-1_0-0, also add libgstva-1_0-0 and libgstplay-1_0-0
+  to baselibs.conf.
+- Tweak/fix and drop some Obsoletes.
+- Drop old conditionals for versions of openSUSE out of support.
+- Add 1634.patch -- AV1 playback fixes.
+- Use ldconfig_scriptlets macro for post(un) handling.
+- Drop explicit gstreamer-devel Requires from devel sub-package,
+  not needed as this is added via pkgconfig any way.
+
gstreamer-plugins-base
+- Add 5a074a11f90e3d70b24bf0c535ab0480fad9e701.patch: playsink:
+  Complete reconfiguration on pad release.
+- Use ldconfig_scriptlets macro for post(un) handling.
+
+- Update to version 1.20.1:
+  + typefindfunctions: Fix WebVTT format detection for very short
+    files
+  + gldisplay: Reorder GST_GL_WINDOW check for egl-device
+  + rtpbasepayload: Copy all buffer metadata instead of just
+    GstMetas for the input meta buffer
+  + codec-utils: Avoid out-of-bounds error
+  + navigation: Fix Since markers for mouse scroll events
+  + videoaggregator: Fix for unhandled negative rate
+  + videoaggregator: Use floor() to calculate current position
+  + video-color: Fix for missing clipping in PQ EOTF function
+  + gst-play-1.0: Fix trick-mode handling in keyboard shortcut
+  + audiovisualizer: shader: Fix out of bound write
+
+- Update to version 1.20.0:
+  + Development in GitLab was switched to a single git repository
+    containing all the modules
+  + GstPlay: new high-level playback library, replaces GstPlayer
+  + WebM Alpha decoding support
+  + Encoding profiles can now be tweaked with additional
+    application-specified element properties
+  + Compositor: multi-threaded video conversion and mixing
+  + RTP header extensions: unified support in RTP depayloader and
+    payloader base classes
+  + SMPTE 2022-1 2-D Forward Error Correction support
+  + Smart encoding (pass through) support for VP8, VP9, H.265 in
+    encodebin and transcodebin
+  + Runtime compatibility support for libsoup2 and libsoup3
+    (libsoup3 support experimental)
+  + Video decoder subframe support
+  + Video decoder automatic packet-loss, data corruption, and
+    keyframe request handling for RTP / WebRTC / RTSP
+  + mp4 and Matroska muxers now support profile/level/resolution
+    changes for H.264/H.265 input streams (i.e. codec data changing
+    on the fly)
+  + mp4 muxing mode that initially creates a fragmented mp4 which
+    is converted to a regular mp4 on EOS
+  + Audio support for the WebKit Port for Embedded (WPE) web page
+    source element
+  + CUDA based video color space convert and rescale elements and
+    upload/download elements
+  + NVIDIA memory:NVMM support for OpenGL glupload and gldownload
+    elements
+  + Many WebRTC improvements
+  + The new VA-API plugin implementation fleshed out with more
+    decoders and new postproc elements
+  + AppSink API to retrieve events in addition to buffers and
+    buffer lists
+  + AppSrc gained more configuration options for the internal queue
+    (leakiness, limits in buffers and time, getters to read current
+    levels)
+  + Updated Rust bindings and many new Rust plugins
+  + Improved support for custom minimal GStreamer builds
+  + Support build against FFmpeg 5.0
+  + Linux Stateless CODEC support gained MPEG-2 and VP9
+  + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support
+  + Lots of new plugins, features, performance improvements and bug
+    fixes
+- Rebase add_wayland_dep_to_tests.patch.
+- Drop gstreamer-plugins-base-gl-deps.patch: Fixed upstream
+- Stop using service due to upstreams new mono-repo, just use
+  tarballs for now.
+
gstreamer-plugins-good
+- Update to version 1.20.1:
+  + deinterlace: various bug fixes for yadif method
+  + deinterlace: Refactor greedyh and fix planar formats
+  + deinterlace: Prevent race between method configuration and
+    latency query
+  + gtk video sink: Fix rotation not being applied when paused
+  + jpegdec: fix RGB conversion handling
+  + matroskademux: improved ProRes video handling
+  + matroskamux: Handle multiview-mode/flags/pixel-aspect-ratio
+    caps fields correctly when checking caps equality on input caps
+    changes
+  + rtprtx: don't access type-system per buffer (performance
+    optimisation); code cleanups
+  + rtpulpfecenc: fix unmatched g_slice_free()
+  + rtpvp8depay: fix crash when making GstRTPPacketLost custom
+    event
+  + qtmux: Don't post an error message if pushing a sample failed
+    with FLUSHING (e.g. on pipeline shutdown)
+  + soup: Lookup libsoup dylib files on Apple platforms & fix
+    Cerbero static build on Android and iOS
+  + souphttpsrc: element not present on iOS after 1.20.0 update
+  + v4l2tuner: return NULL if no norm set
+  + v4l2bufferpool: Fix race condition between qbuf and pool
+    streamoff
+  + meson: Don't build lame plugin with -Dlame=disabled
+
+- Update to version 1.20.0:
+  + Development in GitLab was switched to a single git repository
+    containing all the modules
+  + GstPlay: new high-level playback library, replaces GstPlayer
+  + WebM Alpha decoding support
+  + Encoding profiles can now be tweaked with additional
+    application-specified element properties
+  + Compositor: multi-threaded video conversion and mixing
+  + RTP header extensions: unified support in RTP depayloader and
+    payloader base classes
+  + SMPTE 2022-1 2-D Forward Error Correction support
+  + Smart encoding (pass through) support for VP8, VP9, H.265 in
+    encodebin and transcodebin
+  + Runtime compatibility support for libsoup2 and libsoup3
+    (libsoup3 support experimental)
+  + Video decoder subframe support
+  + Video decoder automatic packet-loss, data corruption, and
+    keyframe request handling for RTP / WebRTC / RTSP
+  + mp4 and Matroska muxers now support profile/level/resolution
+    changes for H.264/H.265 input streams (i.e. codec data changing
+    on the fly)
+  + mp4 muxing mode that initially creates a fragmented mp4 which
+    is converted to a regular mp4 on EOS
+  + Audio support for the WebKit Port for Embedded (WPE) web page
+    source element
+  + CUDA based video color space convert and rescale elements and
+    upload/download elements
+  + NVIDIA memory:NVMM support for OpenGL glupload and gldownload
+    elements
+  + Many WebRTC improvements
+  + The new VA-API plugin implementation fleshed out with more
+    decoders and new postproc elements
+  + AppSink API to retrieve events in addition to buffers and
+    buffer lists
+  + AppSrc gained more configuration options for the internal queue
+    (leakiness, limits in buffers and time, getters to read current
+    levels)
+  + Updated Rust bindings and many new Rust plugins
+  + Improved support for custom minimal GStreamer builds
+  + Support build against FFmpeg 5.0
+  + Linux Stateless CODEC support gained MPEG-2 and VP9
+  + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support
+  + Lots of new plugins, features, performance improvements and bug
+    fixes
+- Stop using service for tarball, use upstream url.
+- Drop old obsolete conditionals.
+- Add BuildRequires:  pkgconfig(libsoup-3.0)
+
gstreamer-plugins-ugly
+- Update to version 1.20.1:
+  + x264enc: fix plugin long-name and description
+
+- Update to version 1.20.0:
+  + Development in GitLab was switched to a single git repository
+    containing all the modules
+  + GstPlay: new high-level playback library, replaces GstPlayer
+  + WebM Alpha decoding support
+  + Encoding profiles can now be tweaked with additional
+    application-specified element properties
+  + Compositor: multi-threaded video conversion and mixing
+  + RTP header extensions: unified support in RTP depayloader and
+    payloader base classes
+  + SMPTE 2022-1 2-D Forward Error Correction support
+  + Smart encoding (pass through) support for VP8, VP9, H.265 in
+    encodebin and transcodebin
+  + Runtime compatibility support for libsoup2 and libsoup3
+    (libsoup3 support experimental)
+  + Video decoder subframe support
+  + Video decoder automatic packet-loss, data corruption, and
+    keyframe request handling for RTP / WebRTC / RTSP
+  + mp4 and Matroska muxers now support profile/level/resolution
+    changes for H.264/H.265 input streams (i.e. codec data changing
+    on the fly)
+  + mp4 muxing mode that initially creates a fragmented mp4 which
+    is converted to a regular mp4 on EOS
+  + Audio support for the WebKit Port for Embedded (WPE) web page
+    source element
+  + CUDA based video color space convert and rescale elements and
+    upload/download elements
+  + NVIDIA memory:NVMM support for OpenGL glupload and gldownload
+    elements
+  + Many WebRTC improvements
+  + The new VA-API plugin implementation fleshed out with more
+    decoders and new postproc elements
+  + AppSink API to retrieve events in addition to buffers and
+    buffer lists
+  + AppSrc gained more configuration options for the internal queue
+    (leakiness, limits in buffers and time, getters to read current
+    levels)
+  + Updated Rust bindings and many new Rust plugins
+  + Improved support for custom minimal GStreamer builds
+  + Support build against FFmpeg 5.0
+  + Linux Stateless CODEC support gained MPEG-2 and VP9
+  + Windows Direct3D11/DXVA decoder gained AV1 and MPEG-2 support
+  + Lots of new plugins, features, performance improvements and bug
+    fixes
+- Stop using service, use upstream url for tarball.
+- Drop obsolete and unused experimental define.
+- Pass gpl=enabled to meson, now needed to build a52 support.
+
hylafax+
+- version 7.0.5
+  * hylafax.diff removed - included in source
+  * extend Class1RecvAbortOK = 0 timeout to 500 ms (4 Dec 2021)
+  * cope with Si2435 V.34/V.8 connection glitch (17, 19 Nov 2021)
+  * cope with spurious +FCERROR or other delayed messages from modem (26 Oct 2021)
+  * avoid letting corrupt RTC signals lead to RTN (26 Oct 2021)
+  * don't refer to DCN as an invalid response in error messages (20 Oct 2021)
+  * handle TSI during procedural interrupt (19 Oct 2021)
+  * do better with waiting on prologue frames from receiver (13 Oct 2021)
+  * cope with echo of ERR (13 Oct 2021)
+  * run ps2fax, pdf2fax, tiff2fax, pcl2fax coverters as fax user (12 Oct 2021)
+  * attempt to cope with receivers who signal RTN in ECM Phase D (23 Sep 2021)
+  * fix hfaxd build when LDAP libs are not present (23 Sep 2021)
+  * handle PPR echo after fourth PPR (22 Sep 2021)
+  * don't use CRP when waiting for CFR following training (15 Sep 2021)
+  * attempt to cope with receivers which signal CFR after PPS (14 Sep 2021)
+  * cope with senders who signal FTT in Phase D (10 Sep 2021)
+  * fix problem with handling NSF/CSI/DIS frame after CTC/EOR (9 Sep 2021)
+  * cope with senders who signal PPS without the PPS FCF (9 Sep 2021)
+  * handle echo of PPR when expecting CTC/EOR (8 Sep 2021)
+  * add failure messages for unspecified training failures (7 Sep 2021)
+  * don't use CRP when waiting for CTR (7 Sep 2021)
+  * handle echo of EOR, don't use CRP when waiting for ERR (7 Sep 2021)
+  * repeat PIN if sender repeats post-page or partial-page message (7-8 Sep 2021)
+
ima-inspect
+- update to upstream minor release version 0.14 which supports additional
+  digest algorithms.
+
+- update to upstream minor release version 0.13 which makes ima-inspect
+  compatible with libimaevm new ABI introduced in version 1.2.
+
+- update to upstream minor release version 0.12 which fixes a compatibility
+  issue with newer libattr-devel packages. It now uses the xattr.h from
+  glibc-devel instead.
+
intel-gpu-tools
+- release 1.24 (23 Apr 2021)
+  * fixed build against sle15-sp4 (boo#1197732)
+- supersedes
+  * n_disable-build-of-gem_userptr_blits.patch
+  * n_disable-build-of-pm_rpm.patch
+- refreshed u_respect_cflags.diff
+
java-11-openjdk
+- Update to upstream tag jdk-11.0.14.1+1
+  * Changes:
+    + JDK-8280786: Build failure on Solaris after 8262392
+    + JDK-8218546: Unable to connect to https://google.com using
+    java.net.HttpClient
+    + JDK-8281324: Bump update version for OpenJDK: jdk-11.0.14.1
+
-    + JDK-8264934, CVE-2022-21248, bnc#1194926: Enhance cross VM
-    serialization
+    + JDK-8264934, CVE-2022-21248, bnc#1194926: Enhance cross VM serialization
-    + JDK-8268813, CVE-2022-21283, bnc#1194937: Better String
-    matching
+    + JDK-8268813, CVE-2022-21283, bnc#1194937: Better String matching
kactivitymanagerd
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kcm_sddm
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kde-cli-tools5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kde-gtk-config5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kernel-azure
+- supported.conf: Mark a few SM* chiper modules as supported (bsc#1197287)
+  Mark supported for the modules: sm2_generic, sm3_generic, sm4_generic
+  arm64-specific: sha3-ce, sha512-ce, sm3-ce, sm4-ce
+- commit e6b9e81
+
+- fuse: handle kABI change in struct fuse_args (bsc#1197343
+  CVE-2022-1011).
+- fuse: fix pipe buffer lifetime for direct_io (bsc#1197343
+  CVE-2022-1011).
+- commit 879fc92
+
+- Refresh
+  patches.suse/bpf-Add-MEM_RDONLY-for-helper-args-that-are-pointers.patch
+  Add info about context deviation from upstream.
+- commit f8cba97
+
+- Refresh
+  patches.suse/bpf-Replace-PTR_TO_XXX_OR_NULL-with-PTR_TO_XXX-PTR_M.patch
+  Add info about context deviation from upstream.
+- commit 1d085d3
+
+- Refresh
+  patches.suse/bpf-Replace-RET_XXX_OR_NULL-with-RET_XXX-PTR_MAYBE_N.patch
+  Add info about context deviation from upstream.
+- commit e44090b
+
+- Refresh
+  patches.suse/bpf-Replace-ARG_XXX_OR_NULL-with-ARG_XXX-PTR_MAYBE_N.patch
+  Add info about context deviation from upstream.
+- commit da99102
+
+- Refresh
+  patches.suse/bpf-Introduce-composable-reg-ret-and-arg-types.patch
+  Add info on context deviation from upstream.
+- commit aa0e1a6
+
+- Refresh
+  patches.suse/bpf-Generalize-check_ctx_reg-for-reuse-with-other-ty.patch
+  Add info about context deviation from upstream.
+- commit 2d1de22
+
+- bpf: Fix crash due to out of bounds access into reg2btf_ids (git-fixes
+  bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- commit 8bc21d0
+
+- watch_queue: Make comment about setting ->defunct more accurate
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix lack of barrier/sync/lock between post and read
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Free the alloc bitmap when the watch_queue is
+  torn down (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix the alloc bitmap size to reflect notes
+  allocated (CVE-2022-0995 bsc#1197246).
+- watch_queue: Use the bitmap API when applicable (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix to always request a pow-of-2 pipe ring size
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix to release page in ->release() (CVE-2022-0995
+  bsc#1197246).
+- watch_queue, pipe: Free watchqueue state after clearing pipe
+  ring (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix filter limit check (CVE-2022-0995 bsc#1197246).
+- commit 223dbc3
+
+- arm64: PCI: Support root bridge preparation for Hyper-V
+  (bsc#1197291).
+- arm64: PCI: Restructure pcibios_root_bridge_prepare()
+  (bsc#1197291).
+- commit 060e164
+
+- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
+  (bsc#1196018).
+- commit 6dcb47f
+
+- sr9700: sanity check for packet length (bsc#1196836
+  CVE-2022-26966).
+- commit 56eea34
+
+- Update kabi files.
+  Update to reflect the changes from bpf CVE fixes.
+- commit 993b084
+
+- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.
+- commit f0d0e90
+
+- nvme-rdma: fix possible use-after-free in transport
+  error_recovery work (bsc#1193787 bsc#1197146 bsc#1193554).
+  Refresh:
+  - patches.suse/0006-nvme-Implement-In-Band-authentication.patch
+- nvme-tcp: fix possible use-after-free in transport
+  error_recovery work (bsc#1193787 bsc#1197146 bsc#1193554).
+  Refresh:
+  - patches.suse/0006-nvme-Implement-In-Band-authentication.patch
+- nvme: fix a possible use-after-free in controller reset during
+  load (bsc#1193787 bsc#1197146 bsc#1193554).
+- nvme-fabrics: ignore invalid fast_io_fail_tmo values
+  (bsc#1193787 bsc#1197146 bsc#1193554).
+- nvme-tcp: fix memory leak when freeing a queue (bsc#1193787
+  bsc#1197146 bsc#1193554).
+- nvme-tcp: validate R2T PDU in nvme_tcp_handle_r2t() (bsc#1193787
+  bsc#1197146 bsc#1193554).
+- blk-mq: don't free tags if the tag_set is used by other device
+  in queue initialztion (bsc#1193787 bsc#1197146 bsc#1193554).
+- commit 4ccb78c
+
+- series: Resort entries
+  The series is not sorted which makes qdoit unhappy. Sort it.
+- commit ce701de
+
+- esp: Fix possible buffer overflow in ESP transformation
+  (CVE-2022-0886 bsc#1197131).
+- sock: remove one redundant SKB_FRAG_PAGE_ORDER macro
+  (CVE-2022-0886 bsc#1197131).
+- commit fa4075e
+
+- ipv6: fix skb drops in igmp6_event_query() and
+  igmp6_event_report() (CVE-2022-0742 bsc#1197128).
+- commit b531b26
+
+- aio: fix use-after-free due to missing POLLFREE handling
+  (CVE-2021-39698 bsc#1196956).
+- aio: keep poll requests on waitqueue until completed
+  (CVE-2021-39698 bsc#1196956).
+- signalfd: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- binder: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- wait: add wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- commit ee17f5c
+
+- net/smc: Fix hung_task when removing SMC-R devices
+  (bsc#1197082).
+- commit 5256139
+
+- rpm/kernel-source.spec.in: call fdupes per subpackage
+  It is a waste of time to do a global fdupes when we have
+  subpackages.
+- commit 1da8439
+
+- bpf, selftests: Add test case trying to taint map value pointer
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Make 32->64 bounds propagation slightly more robust
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Fix signed bounds propagation after mov32
+  (bsc#1196130,CVE-2021-45402).
+- commit 04987fb
+
+- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.
+- commit 174a64f
+
+- rpm/kernel-docs.spec.in: use %%license for license declarations
+  Limited to SLE15+ to avoid compatibility nightmares.
+- commit 73d560e
+
+- rpm/*.spec.in: Use https:// urls
+- commit 77b5f8e
+
+- ARM: fix build error when BPF_SYSCALL is disabled (bsc#1085308
+  CVE-2022-23960).
+- ARM: include unprivileged BPF status in Spectre V2 reporting
+  (bsc#1085308 CVE-2022-23960).
+- commit 2b85b07
+
+- ARM: Spectre-BHB workaround (bsc#1085308 CVE-2022-23960).
+- Update config files.
+- commit 214f301
+
+- ARM: use LOADADDR() to get load address of sections (bsc#1085308
+  CVE-2022-23960).
+- ARM: early traps initialisation (bsc#1085308 CVE-2022-23960).
+- ARM: report Spectre v2 status through sysfs (bsc#1085308
+  CVE-2022-23960).
+- commit 20f8a99
+
+- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787 bsc#1197146 bsc#1193554).
+- commit 68439a4
+
+- arm64: proton-pack: Include unprivileged eBPF status in
+  Spectre v2 mitigation reporting (bsc#1085308 CVE-2022-23960
+  CVE-2022-0001 CVE-2022-0002).
+- arm64: Use the clearbhb instruction in mitigations (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered
+  and migrated (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- commit 52f56e7
+
+- arm64: Mitigate spectre style branch history side channels
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- Update config files.
+- Refresh
+  patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch.
+- commit 1403b73
+
+- arm64: proton-pack: Report Spectre-BHB vulnerabilities as
+  part of Spectre-v2 (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: Add percpu vectors for EL1 (bsc#1085308 CVE-2022-23960
+  CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Add macro for reading symbol addresses from
+  the trampoline (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Add vectors that have the bhb mitigation sequences
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Add non-kpti __bp_harden_el1_vectors for
+  mitigations (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Allow the trampoline text to occupy multiple pages
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Make the kpti trampoline's kpti sequence optional
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Move trampoline macros out of ifdef'd section
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Don't assume tramp_vectors is the start
+  of the vectors (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Allow tramp_alias to access symbols after
+  the 4K boundary (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Move the trampoline data page before the text page
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Free up another register on kpti's tramp_exit path
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Make the trampoline cleanup optional (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- KVM: arm64: Allow indirect vectors to be used without
+  SPECTRE_V3A (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry.S: Add ventry overflow sanity checks (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- commit 39b0cd1
+
+- arm64: Add Cortex-X2 CPU part definition (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- Refresh
+  patches.suse/arm64-Add-Cortex-A510-CPU-part-definition.patch.
+- commit 1489419
+
+- arm64: add ID_AA64ISAR2_EL1 sys register (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- commit 76b95f9
+
+- bpf/selftests: Test PTR_TO_RDONLY_MEM (bsc#1196261 CVE-2022-0500).
+- bpf: Add MEM_RDONLY for helper args that are pointers to rdonly mem
+  (bsc#1196261 CVE-2022-0500).
+- bpf: Make per_cpu_ptr return rdonly PTR_TO_MEM
+  (bsc#1196261CVE-2022-0500).
+- bpf: Convert PTR_TO_MEM_OR_NULL to composable types
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Introduce MEM_RDONLY flag (bsc#1194111 bsc#1194765
+  bsc#1196261 CVE-2021-4204 CVE-2022-0500 CVE-2022-23222).
+- Refresh
+  patches.suse/bpf-Fix-out-of-bounds-access-for-ringbuf-helpers.patch.
+- Refresh
+  patches.suse/bpf-Generally-fix-helper-register-offset-check.patch.
+- bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- Refresh
+  patches.suse/bpf-Generalize-check_ctx_reg-for-reuse-with-other-ty.patch.
+- Refresh
+  patches.suse/bpf-Generally-fix-helper-register-offset-check.patch.
+- bpf: Replace RET_XXX_OR_NULL with RET_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Replace ARG_XXX_OR_NULL with ARG_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Introduce composable reg, ret and arg types (bsc#1194111
+  bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- commit 4db4b9b
+
+- Delete ACPI patch that broke s2idle (bsc#1196213)
+  Deleted:
+  patches.suse/ACPI-EC-Rework-flushing-of-EC-work-while-suspended-t.patch
+  A new kABI compat patch was added instead
+- commit 99c6bc9
+
+- NFSD: Fix READDIR buffer overflow (git-fixes bsc#1196346).
+- commit a149497
+
+- arm64: Add Cortex-A510 CPU part definition (git-fixes).
+- commit 1fd20fb
+
kernel-debug
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-default
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-docs
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-install-tools
+- Update to version v0.3.0:
+  * specfile: accept OBS cleanups
+  * specfile: fix UsrMerge support
+  * specfile: silence OBS warning about no-binary
+  * specfile: fix license tag
+  * Makefile: install the installkernel script directly in /sbin
+  * installkernel: Don't force hostonly
+
kernel-kvmsmall
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-obs-build
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-obs-qa
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-preempt
+- Revert "rpm/kernel-source.spec.in: call fdupes per subpackage"
+  This reverts commit 1da843983718d4cfdd652a76e428abee98e37450.
+- commit f349b81
+
+- Revert "build initrd without systemd" (bsc#1197300)
+  This reverts commit ef4c569b998635a9369390d4e9cfe3a922815c76.
+  It seems to be the cause of a stall in OBS build that resulted in
+  the failure with obs-build-qa (and possibly others).
+- commit ff2b28e
+
+- Update patch reference for USB gadget fix (CVE-2022-27223 bsc#1197245)
+- commit fd3b6e8
+
+- Rename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge
+- commit 891ddc4
+
+- sr9700: sanity check for packet length (bsc#1196836
+  CVE-2022-26966).
+- commit edaafdd
+
+- blacklist.conf: prerequisites break kABI
+- commit d0b972b
+
+- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.
+- commit f0d0e90
+
+- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).
+- commit 3863766
+
+- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).
+- commit 9d7504f
+
+- aio: fix use-after-free due to missing POLLFREE handling
+  (CVE-2021-39698 bsc#1196956).
+- aio: keep poll requests on waitqueue until completed
+  (CVE-2021-39698 bsc#1196956).
+- signalfd: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- binder: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- wait: add wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- commit b026506
+
+- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).
+- commit 5ad82f7
+
+- usb: dwc3: meson-g12a: Disable the regulator in the error
+  handling path of the probe (git-fixes).
+- commit 6109544
+
+- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).
+- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).
+- commit 44ceec6
+
+- rpm/kernel-source.spec.in: call fdupes per subpackage
+  It is a waste of time to do a global fdupes when we have
+  subpackages.
+- commit 1da8439
+
+- af_unix: fix garbage collect vs MSG_PEEK (CVE-2021-0920
+  bsc#1193731).
+- commit 7040fdd
+
+- Refresh patches.suse/xfrm-fix-mtu-regression.patch.
+- commit 8d867d6
+
+- bpf, selftests: Add test case trying to taint map value pointer
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Make 32->64 bounds propagation slightly more robust
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Fix signed bounds propagation after mov32
+  (bsc#1196130,CVE-2021-45402).
+- commit 63a6298
+
+- net: phy: DP83822: clear MISR2 register to disable interrupts
+  (git-fixes).
+- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
+  (git-fixes).
+- NFC: port100: fix use-after-free in port100_send_complete
+  (git-fixes).
+- ax25: Fix NULL pointer dereference in ax25_kill_by_device
+  (git-fixes).
+- staging: gdm724x: fix use after free in gdm_lte_rx()
+  (git-fixes).
+- gpio: ts4900: Do not set DAT and OE together (git-fixes).
+- gpiolib: acpi: Convert ACPI value of debounce to microseconds
+  (git-fixes).
+- usb: hub: Fix locking issues with address0_mutex (git-fixes).
+- commit ea6e976
+
+- EDAC: Fix calculation of returned address and next offset in
+  edac_align_ptr() (bsc#1178134).
+- commit c292d6b
+
+- xen/netfront: react properly to failing
+  gnttab_end_foreign_access_ref() (bsc#1196488, XSA-396,
+  CVE-2022-23042).
+- commit fe0a923
+
+- xen/gnttab: fix gnttab_end_foreign_access() without page
+  specified (bsc#1196488, XSA-396, CVE-2022-23041).
+- commit 58c801b
+
+- xen/pvcalls: use alloc/free_pages_exact() (bsc#1196488,
+  XSA-396, CVE-2022-23041).
+- commit afb2dba
+
+- xen/9p: use alloc/free_pages_exact() (bsc#1196488, XSA-396,
+  CVE-2022-23041).
+- commit cee63b9
+
+- xen/usb: don't use gnttab_end_foreign_access() in
+  xenhcd_gnttab_done() (bsc#1196488, XSA-396).
+- commit b1d434d
+
+- xen/gntalloc: don't use gnttab_query_foreign_access()
+  (bsc#1196488, XSA-396, CVE-2022-23039).
+- commit a4ec4aa
+
+- xen/scsifront: don't use gnttab_query_foreign_access() for
+  mapped status (bsc#1196488, XSA-396, CVE-2022-23038).
+- commit fd9cb30
+
+- xen/netfront: don't use gnttab_query_foreign_access() for
+  mapped status (bsc#1196488, XSA-396, CVE-2022-23037).
+- commit 4e33999
+
+- xen/blkfront: don't use gnttab_query_foreign_access() for
+  mapped status (bsc#1196488, XSA-396, CVE-2022-23036).
+- commit 4334af7
+
+- xen/grant-table: add gnttab_try_end_foreign_access()
+  (bsc#1196488, XSA-396, CVE-2022-23036, CVE-2022-23038).
+- commit 19b769a
+
+- xen/xenbus: don't let xenbus_grant_ring() remove grants in
+  error case (bsc#1196488, XSA-396, CVE-2022-23040).
+- commit 5aacf1f
+
+- EDAC/altera: Fix deferred probing (bsc#1178134).
+- commit 13cc9b2
+
+- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.
+- commit 174a64f
+
+- nvme-rdma: fix possible use-after-free in transport
+  error_recovery work (git-fixes).
+- commit f4a5de3
+
+- usb: host: xen-hcd: add missing unlock in error path
+  (git-fixes).
+- commit daa9ea7
+
+- Refresh
+  patches.suse/0002-usb-Introduce-Xen-pvUSB-frontend-xen-hcd.patch.
+- commit d9066f6
+
+- Refresh
+  patches.suse/0001-usb-Add-Xen-pvUSB-protocol-description.patch.
+- commit 5c41eb3
+
+- rpm/kernel-docs.spec.in: use %%license for license declarations
+  Limited to SLE15+ to avoid compatibility nightmares.
+- commit 73d560e
+
+- rpm/*.spec.in: Use https:// urls
+- commit 77b5f8e
+
+- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787).
+- commit 8823060
+
+- Bluetooth: btusb: Add missing Chicony device for Realtek
+  RTL8723BE (bsc#1196779).
+- commit 504b440
+
+- ixgbe: xsk: change !netif_carrier_ok() handling in
+  ixgbe_xmit_zc() (git-fixes).
+- selftests: mlxsw: tc_police_scale: Make test more robust
+  (bsc#1176774).
+- net: fix up skbs delta_truesize in UDP GRO frag_list
+  (bsc#1176447).
+- igc: igc_write_phy_reg_gpy: drop premature return (git-fixes).
+- igc: igc_read_phy_reg_gpy: drop premature return (git-fixes).
+- iavf: Fix missing check for running netdev (git-fixes).
+- RDMA/cma: Do not change route.addr.src_addr outside state checks
+  (bsc#1181147).
+- RDMA/ib_srp: Fix a deadlock (git-fixes).
+- RDMA/rtrs-clt: Fix possible double free in error case
+  (jsc#SLE-15176).
+- net/mlx5e: TC, Reject rules with forward and drop actions
+  (git-fixes).
+- net/mlx5e: TC, Reject rules with drop and modify hdr action
+  (git-fixes).
+- net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded
+  packets (jsc#SLE-15172).
+- net/mlx5e: Fix wrong return value on ioctl EEPROM query failure
+  (git-fixes).
+- net/mlx5: Fix possible deadlock on rule deletion (git-fixes).
+- net/mlx5: Fix wrong limitation of metadata match on ecpf
+  (git-fixes).
+- net/mlx5: Update the list of the PCI supported devices
+  (git-fixes).
+- netfilter: nf_tables: fix memory leak during stateful obj update
+  (bsc#1176447).
+- bnxt_en: Fix incorrect multicast rx mask setting when not
+  requested (git-fixes).
+- bnxt_en: Fix occasional ethtool -t loopback test failures
+  (git-fixes).
+- bnxt_en: Fix offline ethtool selftest with RDMA enabled
+  (git-fixes).
+- bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649).
+- ice: initialize local variable 'tlv' (jsc#SLE-12878).
+- nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
+  (git-fixes).
+- net/sched: act_ct: Fix flow table lookup after ct clear or
+  switching zones (jsc#SLE-15172).
+- bonding: force carrier update when releasing slave (git-fixes).
+- RDMA/mlx4: Don't continue event handler after memory allocation
+  failure (git-fixes).
+- RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes).
+- IB/rdmavt: Validate remote_addr during loopback atomic tests
+  (git-fixes).
+- RDMA/cxgb4: Set queue pair state when being queried (git-fixes).
+- RDMA/rxe: Fix a typo in opcode name (git-fixes).
+- RDMA/cma: Let cma_resolve_ib_dev() continue search even after
+  empty entry (git-fixes).
+- RDMA/core: Let ib_find_gid() continue search even after empty
+  entry (git-fixes).
+- RDMA/uverbs: Remove the unnecessary assignment (git-fixes).
+- RDMA/cma: Remove open coding of overflow checking for
+  private_data_len (git-fixes).
+- RDMA/hns: Validate the pkey index (git-fixes).
+- RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling
+  RCFW with pending cmd-bit" (git-fixes).
+- RDMA/core: Don't infoleak GRH fields (git-fixes).
+- RDMA/uverbs: Check for null return of kmalloc_array (git-fixes).
+- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes).
+- IB/hfi1: Fix early init panic (git-fixes).
+- IB/hfi1: Insure use of smp_processor_id() is preempt disabled
+  (git-fixes).
+- IB/hfi1: Correct guard on eager buffer deallocation (git-fixes).
+- net/mlx5: Update the list of the PCI supported devices
+  (git-fixes).
+- commit 5d0d3c3
+
+- asix: fix uninit-value in asix_mdio_read() (git-fixes).
+- commit 954cba8
+
+- usb: hub: Fix usb enumeration issue due to address0 race
+  (git-fixes).
+- commit 831632a
+
+- USB: hub: Clean up use of port initialization schemes and
+  retries (git-fixes).
+- commit 39e09e3
+
+- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433
+  ltc#196449).
+- commit 5cf33af
+
+- mask out added spinlock in rndis_params (git-fixes).
+- commit cf77fd5
+
+- usb: gadget: rndis: add spinlock for rndis response list
+  (git-fixes).
+- commit 6500e0b
+
+- HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes).
+- HID: add mapping for KEY_DICTATE (git-fixes).
+- Input: elan_i2c - fix regulator enable count imbalance after
+  suspend/resume (git-fixes).
+- Input: elan_i2c - move regulator_[en|dis]able() out of
+  elan_[en|dis]able_power() (git-fixes).
+- arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output
+  (git-fixes).
+- dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes).
+- i2c: bcm2835: Avoid clock stretching timeouts (git-fixes).
+- Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes).
+- ASoC: rt5682: do not block workqueue if card is unbound
+  (git-fixes).
+- ASoC: rt5668: do not block workqueue if card is unbound
+  (git-fixes).
+- net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990
+  (git-fixes).
+- mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work
+  (git-fixes).
+- mac80211_hwsim: report NOACK frames in tx_status (git-fixes).
+- hamradio: fix macro redefine warning (git-fixes).
+- commit add4eb4
+
+- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).
+- scsi: bnx2fc: Flush destroy_work queue before calling
+  bnx2fc_interface_put() (git-fixes).
+- scsi: nsp_cs: Check of ioremap return value (git-fixes).
+- scsi: qedf: Fix potential dereference of NULL pointer
+  (git-fixes).
+- scsi: ufs: Fix race conditions related to driver data
+  (git-fixes).
+- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
+  (git-fixes).
+- commit 2185cf5
+
+- Add SCSI git-fix to blacklist: too pervasive
+- commit 3f4a3f6
+
+- blacklist.conf: Add 05c7b7a92cc8 cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug
+- commit 511f680
+
+- cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning
+  (bsc#1196868).
+- commit 30013c2
+
+- cpuset: Fix the bug that subpart_cpus updated wrongly in
+  update_cpumask() (bsc#1196866).
+- commit 8ee9c97
+
+- blacklist.conf: prerequisites break kABI
+- commit 88b00ea
+
+- blacklist.conf: kABI
+- commit 11980b2
+
+- blacklist.conf: patch not applicable due to missing infrastructure
+- commit be9f64f
+
+- usb: dwc2: use well defined macros for power_down (git-fixes).
+- commit 781db9c
+
+- ename colliding patches before the next cve/linux-5.3 -> SLE15-SP3 merge
+- commit 59d5e34
+
+- Hand over the maintainership to SLE15-SP3 maintainers
+- commit 0c92742
+
+- SUNRPC: avoid race between mod_timer() and del_timer_sync()
+  (bnc#1195403).
+- commit f6cf219
+
+- cputime, cpuacct: Include guest time in user time in (git-fixes)
+- commit b360f79
+
+- sched/core: Mitigate race (git-fixes)
+- commit d6e526f
+
+- cpufreq: schedutil: Use kobject release() method to free (git-fixes)
+- commit 3b82dc0
+
+- blacklist.conf: Blacklist uclamp related fixes
+- commit af69679
+
+- sr9700: sanity check for packet length (bsc#1196836).
+- commit 558034f
+
+- tracing: Fix return value of __setup handlers (git-fixes).
+- commit 184ff86
+
+- exfat: fix i_blocks for files truncated over 4 GiB  (git-fixes).
+- exfat: fix incorrect loading of i_blocks for large files
+  (git-fixes).
+- commit f1e7b8d
+
+- nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
+  (CVE-2022-26490 bsc#1196830).
+- commit fd10ace
+
+- nvme-tcp: fix possible use-after-free in transport
+  error_recovery work (git-fixes).
+- nvme: fix a possible use-after-free in controller reset during
+  load (git-fixes).
+- commit 8b4713c
+
+- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
+  (bsc#1194516 CVE-2022-0487).
+- Update
+  patches.suse/NFSv4-Handle-case-where-the-lookup-of-a-directory-fa.patch
+  (bsc#1195612 CVE-2022-24448).
+- Update
+  patches.suse/udf-Fix-NULL-ptr-deref-when-converting-from-inline-f.patch
+  (bsc#1196079 CVE-2022-0617).
+- Update
+  patches.suse/udf-Restore-i_lenAlloc-when-inode-expansion-fails.patch
+  (bsc#1196079 CVE-2022-0617).
+- Update
+  patches.suse/vfs-check-fd-has-read-access-in-kernel_read_file_from_fd.patch
+  (bsc#1194888 CVE-2022-0644 bsc#1196155).
+- commit 096ea36
+
+- ALSA: intel_hdmi: Fix reference to PCM buffer address
+  (git-fixes).
+- ASoC: cs4265: Fix the duplicated control name (git-fixes).
+- ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min
+  (git-fixes).
+- commit 46ecf36
+
+- scsi: smartpqi: Add PCI IDs (bsc#1196627).
+- commit 0f3e3c7
+
+- vrf: Fix fast path output packet handling with async Netfilter
+  rules (git-fixes).
+- commit 4dafe3d
+
+- net/mlx5e: Fix modify header actions memory leak (git-fixes).
+- commit 2d08f14
+
+- net: ethernet: ti: cpsw: disable PTPv1 hw timestamping
+  advertisement (git-fixes).
+- commit 644c57f
+
+- net: hns3: Clear the CMDQ registers before unmapping BAR region
+  (git-fixes).
+- commit 09653f6
+
+- netsec: ignore 'phy-mode' device property on ACPI systems
+  (git-fixes).
+- commit b2241ca
+
+- net: sfc: Replace in_interrupt() usage (git-fixes).
+- commit 254377d
+
+- gtp: remove useless rcu_read_lock() (git-fixes).
+- commit 2588833
+
+- net: dsa: mv88e6xxx: MV88E6097 does not support jumbo
+  configuration (git-fixes).
+- commit 28ecaea
+
+- Refresh
+  patches.suse/ibmvnic-Allow-queueing-resets-during-probe.patch.
+- Refresh
+  patches.suse/ibmvnic-clear-fop-when-retrying-probe.patch.
+- Refresh
+  patches.suse/ibmvnic-complete-init_done-on-transport-events.patch.
+- Refresh
+  patches.suse/ibmvnic-define-flush_reset_queue-helper.patch.
+- Refresh
+  patches.suse/ibmvnic-don-t-release-napi-in-__ibmvnic_open.patch.
+- Refresh
+  patches.suse/ibmvnic-free-reset-work-item-when-flushing.patch.
+- Refresh patches.suse/ibmvnic-init-init_done_rc-earlier.patch.
+- Refresh
+  patches.suse/ibmvnic-initialize-rc-before-completing-wait.patch.
+- Refresh
+  patches.suse/ibmvnic-register-netdev-after-init-of-adapter.patch.
+- Refresh
+  patches.suse/ibmvnic-schedule-failover-only-if-vioctl-fails.patch.
+- Refresh
+  patches.suse/scsi-lpfc-Fix-pt2pt-NVMe-PRLI-reject-LOGO-loop.patch.
+- Refresh patches.suse/xfrm-fix-mtu-regression.patch.
+- commit 25457d5
+
+- netfilter: nf_tables_offload: incorrect flow offload action
+  array size (bsc#1196299 CVE-2022-25636).
+- commit 30b89a9
+
+- batman-adv: Don't expect inter-netns unique iflink indices
+  (git-fixes).
+- batman-adv: Request iflink once in batadv_get_real_netdevice
+  (git-fixes).
+- batman-adv: Request iflink once in batadv-on-batadv check
+  (git-fixes).
+- nl80211: Handle nla_memdup failures in handle_nan_filter
+  (git-fixes).
+- mac80211: fix forwarded mesh frames AC & queue selection
+  (git-fixes).
+- can: gs_usb: change active_channels's type from atomic_t to u8
+  (git-fixes).
+- commit 1c8fa49
+
+- cgroup-v1: Correct privileges check in release_agent writes
+  (bsc#1196723).
+- commit 3d0b2e2
+
+- blacklist.conf: Add 51e50fbd3efc psi: fix "no previous prototype" warnings when CONFIG_CGROUPS=n
+- commit 2727993
+
+- ARM: 9182/1: mmu: fix returns from early_param() and __setup()
+  functions (git-fixes).
+- ARM: Fix kgdb breakpoint for Thumb2 (git-fixes).
+- ntb: intel: fix port config status offset for SPR (git-fixes).
+- USB: serial: option: add Telit LE910R1 compositions (git-fixes).
+- USB: serial: option: add support for DW5829e (git-fixes).
+- USB: gadget: validate endpoint index for xilinx udc (git-fixes).
+- xhci: re-initialize the HC during resume if HCE was set
+  (git-fixes).
+- drm/amdgpu: disable MMHUB PG for Picasso (git-fixes).
+- USB: zaurus: support another broken Zaurus (git-fixes).
+- USB: gadget: validate interface OS descriptor requests
+  (git-fixes).
+- commit a54291e
+
+- Update patches.suse/ibmvnic-don-t-stop-queue-in-xmit.patch
+  (bsc#1192273 ltc#194629 bsc#1191428 ltc#193985).
+- commit 59ca885
+
+- net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
+- commit 6dcfd65
+
+- blk-mq: don't free tags if the tag_set is used by other device
+  in queue initialztion (bsc#1193787).
+- commit 5b79ad2
+
+- kernel-binary.spec: Also exclude the kernel signing key from devel package.
+  There is a check in OBS that fails when it is included. Also the key is
+  not reproducible.
+  Fixes: bb988d4625a3 ("kernel-binary: Do not include sourcedir in certificate path.")
+- commit 68fa069
+
+- powerpc/fadump: register for fadump as early as possible
+  (bsc#1179439 ltc#190038).
+- commit 3f54d95
+
+- rpm/check-for-config-changes: Ignore PAHOLE_VERSION.
+- commit 88ba5ec
+
+- powerpc/pseries/iommu: Fix window size for direct mapping with
+  pmem (bsc#1196472 ltc#192278).
+- powerpc/dma: Fallback to dma_ops when persistent memory present
+  (bsc#1196472 ltc#192278).
+  Update config files.
+- dma-mapping: Allow mixing bypass and mapped DMA operation
+  (bsc#1196472 ltc#192278).
+- dma-direct: Fix potential NULL pointer dereference (bsc#1196472
+  ltc#192278).
+- commit a04953d
+
+- soc: fsl: qe: Check of ioremap return value (git-fixes).
+- soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes).
+- soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY)
+  (git-fixes).
+- firmware: arm_scmi: Remove space in MODULE_ALIAS name
+  (git-fixes).
+- efivars: Respect "block" flag in efivar_entry_set_safe()
+  (git-fixes).
+- gpio: tegra186: Fix chip_data type confusion (git-fixes).
+- gpio: rockchip: Reset int_bothedge when changing trigger
+  (git-fixes).
+- spi: spi-zynq-qspi: Fix a NULL pointer dereference in
+  zynq_qspi_exec_mem_op() (git-fixes).
+- iio: Fix error handling for PM (git-fixes).
+- iio: adc: men_z188_adc: Fix a resource leak in an error handling
+  path (git-fixes).
+- iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM
+  bits (git-fixes).
+- tty: n_gsm: fix proper link termination after failed open
+  (git-fixes).
+- tty: n_gsm: fix encoding of control signal octet bit DV
+  (git-fixes).
+- Revert "USB: serial: ch341: add new Product ID for CH341A"
+  (git-fixes).
+- usb: dwc3: gadget: Let the interrupt handler disable bottom
+  halves (git-fixes).
+- usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes).
+- xhci: Prevent futile URB re-submissions due to incorrect return
+  value (git-fixes).
+- ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes).
+- clk: jz4725b: fix mmc0 clock gating (git-fixes).
+- drm/edid: Always set RGB444 (git-fixes).
+- commit c381750
+
+- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433
+  ltc#196449).
+- commit 72793cf
+
+- udf: Restore i_lenAlloc when inode expansion fails (bsc#1196079
+  CVE-2022-0617).
+- commit a1deb2a
+
+- udf: Fix NULL ptr deref when converting from inline format
+  (bsc#1196079 CVE-2022-0617).
+- commit 43cd4ed
+
+- usb: gadget: rndis: check size of RNDIS_MSG_SET command
+  (CVE-2022-25375 bsc#1196235).
+- commit 4e7d746
+
+- Update patch reference for vfs fix (CVE-2022-0644 bsc#1196155)
+- commit 900b4f0
+
+- USB: gadget: validate interface OS descriptor requests
+  (CVE-2022-25258 bsc#1196095).
+- commit 4c69367
+
+- f2fs: fix to do sanity check on inode type during garbage
+  collection (CVE-2021-44879 bsc#1195987).
+- commit 139271b
+
+- yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959
+  bsc#1195897).
+- commit 60220af
+
+- usb: gadget: clear related members when goto fail
+  (CVE-2022-24958 bsc#1195905).
+- usb: gadget: don't release an existing dev->buf (CVE-2022-24958
+  bsc#1195905).
+- commit 96dda76
+
+- Update patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch
+  (bsc#1194516 CVE-2022-0487).
+- commit f68f189
+
+- kernel-binary: Do not include sourcedir in certificate path.
+  The certs macro runs before build directory is set up so it creates the
+  aggregate of supplied certificates in the source directory.
+  Using this file directly as the certificate in kernel config works but
+  embeds the source directory path in the kernel config.
+  To avoid this symlink the certificate to the build directory and use
+  relative path to refer to it.
+  Also fabricate a certificate in the same location in build directory
+  when none is provided.
+- commit bb988d4
+
+- constraints: Also adjust disk requirement for x86 and s390.
+- commit 9719db0
+
+- constraints: Increase disk space for aarch64
+- commit 09c2882
+
+- drm/i915: Remove memory frequency calculation (bsc#1195211).
+- commit ea4d32b
+
+- drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed
+  (bsc#1195211).
+- drm/i915/gen11+: Only load DRAM information from pcode
+  (bsc#1195211).
+- drm/i915: Nuke not needed members of dram_info (bsc#1195211).
+- drm/i915/dg1: Wait for pcode/uncore handshake at startup
+  (bsc#1195211).
+- commit d7995a2
+
+- NFSv4: Handle case where the lookup of a directory fails
+  (bsc#1195612 CVE-2022-24448).
+- commit 1023a28
+
+- scsi: ufs: Correct the LUN used in eh_device_reset_handler()
+  callback (bsc#1193864 CVE-2021-39657).
+- commit 5ec67f9
+
+- kernel-obs-build: include 9p (boo#1195353)
+  To be able to share files between host and the qemu vm of the build
+  script, the 9p and 9p_virtio kernel modules need to be included in
+  the initrd of kernel-obs-build.
+- commit 0cfe67a
+
+- net: tipc: validate domain record count on input (bsc#1195254).
+- commit 96de11b
+
+- kernel-binary.spec.in: Move 20-kernel-default-extra.conf to the correctr
+  directory (bsc#1195051).
+- commit c80b5de
+
+- kernel-binary.spec: Do not use the default certificate path (bsc#1194943).
+  Using the the default path is broken since Linux 5.17
+- commit 68b36f0
+
+- fix rpm build warning
+  tumbleweed rpm is adding these warnings to the log:
+  It's not recommended to have unversioned Obsoletes: Obsoletes:      microcode_ctl
+- commit 3ba8941
+
+- build initrd without systemd
+  This reduces the size of the initrd by over 25%, which
+  improves startup time of the virtual machine by 0.5-0.6s on
+  very fast machines, more on slower ones.
+- commit ef4c569
+
kernel-source
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-source-azure
+- supported.conf: Mark a few SM* chiper modules as supported (bsc#1197287)
+  Mark supported for the modules: sm2_generic, sm3_generic, sm4_generic
+  arm64-specific: sha3-ce, sha512-ce, sm3-ce, sm4-ce
+- commit e6b9e81
+
+- fuse: handle kABI change in struct fuse_args (bsc#1197343
+  CVE-2022-1011).
+- fuse: fix pipe buffer lifetime for direct_io (bsc#1197343
+  CVE-2022-1011).
+- commit 879fc92
+
+- Refresh
+  patches.suse/bpf-Add-MEM_RDONLY-for-helper-args-that-are-pointers.patch
+  Add info about context deviation from upstream.
+- commit f8cba97
+
+- Refresh
+  patches.suse/bpf-Replace-PTR_TO_XXX_OR_NULL-with-PTR_TO_XXX-PTR_M.patch
+  Add info about context deviation from upstream.
+- commit 1d085d3
+
+- Refresh
+  patches.suse/bpf-Replace-RET_XXX_OR_NULL-with-RET_XXX-PTR_MAYBE_N.patch
+  Add info about context deviation from upstream.
+- commit e44090b
+
+- Refresh
+  patches.suse/bpf-Replace-ARG_XXX_OR_NULL-with-ARG_XXX-PTR_MAYBE_N.patch
+  Add info about context deviation from upstream.
+- commit da99102
+
+- Refresh
+  patches.suse/bpf-Introduce-composable-reg-ret-and-arg-types.patch
+  Add info on context deviation from upstream.
+- commit aa0e1a6
+
+- Refresh
+  patches.suse/bpf-Generalize-check_ctx_reg-for-reuse-with-other-ty.patch
+  Add info about context deviation from upstream.
+- commit 2d1de22
+
+- bpf: Fix crash due to out of bounds access into reg2btf_ids (git-fixes
+  bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- commit 8bc21d0
+
+- watch_queue: Make comment about setting ->defunct more accurate
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix lack of barrier/sync/lock between post and read
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Free the alloc bitmap when the watch_queue is
+  torn down (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix the alloc bitmap size to reflect notes
+  allocated (CVE-2022-0995 bsc#1197246).
+- watch_queue: Use the bitmap API when applicable (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix to always request a pow-of-2 pipe ring size
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix to release page in ->release() (CVE-2022-0995
+  bsc#1197246).
+- watch_queue, pipe: Free watchqueue state after clearing pipe
+  ring (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix filter limit check (CVE-2022-0995 bsc#1197246).
+- commit 223dbc3
+
+- arm64: PCI: Support root bridge preparation for Hyper-V
+  (bsc#1197291).
+- arm64: PCI: Restructure pcibios_root_bridge_prepare()
+  (bsc#1197291).
+- commit 060e164
+
+- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
+  (bsc#1196018).
+- commit 6dcb47f
+
+- sr9700: sanity check for packet length (bsc#1196836
+  CVE-2022-26966).
+- commit 56eea34
+
+- Update kabi files.
+  Update to reflect the changes from bpf CVE fixes.
+- commit 993b084
+
+- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.
+- commit f0d0e90
+
+- nvme-rdma: fix possible use-after-free in transport
+  error_recovery work (bsc#1193787 bsc#1197146 bsc#1193554).
+  Refresh:
+  - patches.suse/0006-nvme-Implement-In-Band-authentication.patch
+- nvme-tcp: fix possible use-after-free in transport
+  error_recovery work (bsc#1193787 bsc#1197146 bsc#1193554).
+  Refresh:
+  - patches.suse/0006-nvme-Implement-In-Band-authentication.patch
+- nvme: fix a possible use-after-free in controller reset during
+  load (bsc#1193787 bsc#1197146 bsc#1193554).
+- nvme-fabrics: ignore invalid fast_io_fail_tmo values
+  (bsc#1193787 bsc#1197146 bsc#1193554).
+- nvme-tcp: fix memory leak when freeing a queue (bsc#1193787
+  bsc#1197146 bsc#1193554).
+- nvme-tcp: validate R2T PDU in nvme_tcp_handle_r2t() (bsc#1193787
+  bsc#1197146 bsc#1193554).
+- blk-mq: don't free tags if the tag_set is used by other device
+  in queue initialztion (bsc#1193787 bsc#1197146 bsc#1193554).
+- commit 4ccb78c
+
+- series: Resort entries
+  The series is not sorted which makes qdoit unhappy. Sort it.
+- commit ce701de
+
+- esp: Fix possible buffer overflow in ESP transformation
+  (CVE-2022-0886 bsc#1197131).
+- sock: remove one redundant SKB_FRAG_PAGE_ORDER macro
+  (CVE-2022-0886 bsc#1197131).
+- commit fa4075e
+
+- ipv6: fix skb drops in igmp6_event_query() and
+  igmp6_event_report() (CVE-2022-0742 bsc#1197128).
+- commit b531b26
+
+- aio: fix use-after-free due to missing POLLFREE handling
+  (CVE-2021-39698 bsc#1196956).
+- aio: keep poll requests on waitqueue until completed
+  (CVE-2021-39698 bsc#1196956).
+- signalfd: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- binder: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- wait: add wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- commit ee17f5c
+
+- net/smc: Fix hung_task when removing SMC-R devices
+  (bsc#1197082).
+- commit 5256139
+
+- rpm/kernel-source.spec.in: call fdupes per subpackage
+  It is a waste of time to do a global fdupes when we have
+  subpackages.
+- commit 1da8439
+
+- bpf, selftests: Add test case trying to taint map value pointer
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Make 32->64 bounds propagation slightly more robust
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Fix signed bounds propagation after mov32
+  (bsc#1196130,CVE-2021-45402).
+- commit 04987fb
+
+- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.
+- commit 174a64f
+
+- rpm/kernel-docs.spec.in: use %%license for license declarations
+  Limited to SLE15+ to avoid compatibility nightmares.
+- commit 73d560e
+
+- rpm/*.spec.in: Use https:// urls
+- commit 77b5f8e
+
+- ARM: fix build error when BPF_SYSCALL is disabled (bsc#1085308
+  CVE-2022-23960).
+- ARM: include unprivileged BPF status in Spectre V2 reporting
+  (bsc#1085308 CVE-2022-23960).
+- commit 2b85b07
+
+- ARM: Spectre-BHB workaround (bsc#1085308 CVE-2022-23960).
+- Update config files.
+- commit 214f301
+
+- ARM: use LOADADDR() to get load address of sections (bsc#1085308
+  CVE-2022-23960).
+- ARM: early traps initialisation (bsc#1085308 CVE-2022-23960).
+- ARM: report Spectre v2 status through sysfs (bsc#1085308
+  CVE-2022-23960).
+- commit 20f8a99
+
+- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787 bsc#1197146 bsc#1193554).
+- commit 68439a4
+
+- arm64: proton-pack: Include unprivileged eBPF status in
+  Spectre v2 mitigation reporting (bsc#1085308 CVE-2022-23960
+  CVE-2022-0001 CVE-2022-0002).
+- arm64: Use the clearbhb instruction in mitigations (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered
+  and migrated (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- commit 52f56e7
+
+- arm64: Mitigate spectre style branch history side channels
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- Update config files.
+- Refresh
+  patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch.
+- commit 1403b73
+
+- arm64: proton-pack: Report Spectre-BHB vulnerabilities as
+  part of Spectre-v2 (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: Add percpu vectors for EL1 (bsc#1085308 CVE-2022-23960
+  CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Add macro for reading symbol addresses from
+  the trampoline (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Add vectors that have the bhb mitigation sequences
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Add non-kpti __bp_harden_el1_vectors for
+  mitigations (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Allow the trampoline text to occupy multiple pages
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Make the kpti trampoline's kpti sequence optional
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Move trampoline macros out of ifdef'd section
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Don't assume tramp_vectors is the start
+  of the vectors (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Allow tramp_alias to access symbols after
+  the 4K boundary (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Move the trampoline data page before the text page
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Free up another register on kpti's tramp_exit path
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Make the trampoline cleanup optional (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- KVM: arm64: Allow indirect vectors to be used without
+  SPECTRE_V3A (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry.S: Add ventry overflow sanity checks (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- commit 39b0cd1
+
+- arm64: Add Cortex-X2 CPU part definition (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- Refresh
+  patches.suse/arm64-Add-Cortex-A510-CPU-part-definition.patch.
+- commit 1489419
+
+- arm64: add ID_AA64ISAR2_EL1 sys register (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- commit 76b95f9
+
+- bpf/selftests: Test PTR_TO_RDONLY_MEM (bsc#1196261 CVE-2022-0500).
+- bpf: Add MEM_RDONLY for helper args that are pointers to rdonly mem
+  (bsc#1196261 CVE-2022-0500).
+- bpf: Make per_cpu_ptr return rdonly PTR_TO_MEM
+  (bsc#1196261CVE-2022-0500).
+- bpf: Convert PTR_TO_MEM_OR_NULL to composable types
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Introduce MEM_RDONLY flag (bsc#1194111 bsc#1194765
+  bsc#1196261 CVE-2021-4204 CVE-2022-0500 CVE-2022-23222).
+- Refresh
+  patches.suse/bpf-Fix-out-of-bounds-access-for-ringbuf-helpers.patch.
+- Refresh
+  patches.suse/bpf-Generally-fix-helper-register-offset-check.patch.
+- bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- Refresh
+  patches.suse/bpf-Generalize-check_ctx_reg-for-reuse-with-other-ty.patch.
+- Refresh
+  patches.suse/bpf-Generally-fix-helper-register-offset-check.patch.
+- bpf: Replace RET_XXX_OR_NULL with RET_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Replace ARG_XXX_OR_NULL with ARG_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Introduce composable reg, ret and arg types (bsc#1194111
+  bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- commit 4db4b9b
+
+- Delete ACPI patch that broke s2idle (bsc#1196213)
+  Deleted:
+  patches.suse/ACPI-EC-Rework-flushing-of-EC-work-while-suspended-t.patch
+  A new kABI compat patch was added instead
+- commit 99c6bc9
+
+- NFSD: Fix READDIR buffer overflow (git-fixes bsc#1196346).
+- commit a149497
+
+- arm64: Add Cortex-A510 CPU part definition (git-fixes).
+- commit 1fd20fb
+
kernel-syms
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
kernel-syms-azure
+- supported.conf: Mark a few SM* chiper modules as supported (bsc#1197287)
+  Mark supported for the modules: sm2_generic, sm3_generic, sm4_generic
+  arm64-specific: sha3-ce, sha512-ce, sm3-ce, sm4-ce
+- commit e6b9e81
+
+- fuse: handle kABI change in struct fuse_args (bsc#1197343
+  CVE-2022-1011).
+- fuse: fix pipe buffer lifetime for direct_io (bsc#1197343
+  CVE-2022-1011).
+- commit 879fc92
+
+- Refresh
+  patches.suse/bpf-Add-MEM_RDONLY-for-helper-args-that-are-pointers.patch
+  Add info about context deviation from upstream.
+- commit f8cba97
+
+- Refresh
+  patches.suse/bpf-Replace-PTR_TO_XXX_OR_NULL-with-PTR_TO_XXX-PTR_M.patch
+  Add info about context deviation from upstream.
+- commit 1d085d3
+
+- Refresh
+  patches.suse/bpf-Replace-RET_XXX_OR_NULL-with-RET_XXX-PTR_MAYBE_N.patch
+  Add info about context deviation from upstream.
+- commit e44090b
+
+- Refresh
+  patches.suse/bpf-Replace-ARG_XXX_OR_NULL-with-ARG_XXX-PTR_MAYBE_N.patch
+  Add info about context deviation from upstream.
+- commit da99102
+
+- Refresh
+  patches.suse/bpf-Introduce-composable-reg-ret-and-arg-types.patch
+  Add info on context deviation from upstream.
+- commit aa0e1a6
+
+- Refresh
+  patches.suse/bpf-Generalize-check_ctx_reg-for-reuse-with-other-ty.patch
+  Add info about context deviation from upstream.
+- commit 2d1de22
+
+- bpf: Fix crash due to out of bounds access into reg2btf_ids (git-fixes
+  bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- commit 8bc21d0
+
+- watch_queue: Make comment about setting ->defunct more accurate
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix lack of barrier/sync/lock between post and read
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Free the alloc bitmap when the watch_queue is
+  torn down (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix the alloc bitmap size to reflect notes
+  allocated (CVE-2022-0995 bsc#1197246).
+- watch_queue: Use the bitmap API when applicable (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix to always request a pow-of-2 pipe ring size
+  (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix to release page in ->release() (CVE-2022-0995
+  bsc#1197246).
+- watch_queue, pipe: Free watchqueue state after clearing pipe
+  ring (CVE-2022-0995 bsc#1197246).
+- watch_queue: Fix filter limit check (CVE-2022-0995 bsc#1197246).
+- commit 223dbc3
+
+- arm64: PCI: Support root bridge preparation for Hyper-V
+  (bsc#1197291).
+- arm64: PCI: Restructure pcibios_root_bridge_prepare()
+  (bsc#1197291).
+- commit 060e164
+
+- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
+  (bsc#1196018).
+- commit 6dcb47f
+
+- sr9700: sanity check for packet length (bsc#1196836
+  CVE-2022-26966).
+- commit 56eea34
+
+- Update kabi files.
+  Update to reflect the changes from bpf CVE fixes.
+- commit 993b084
+
+- rpm: SC2006: Use $(...) notation instead of legacy backticked `...`.
+- commit f0d0e90
+
+- nvme-rdma: fix possible use-after-free in transport
+  error_recovery work (bsc#1193787 bsc#1197146 bsc#1193554).
+  Refresh:
+  - patches.suse/0006-nvme-Implement-In-Band-authentication.patch
+- nvme-tcp: fix possible use-after-free in transport
+  error_recovery work (bsc#1193787 bsc#1197146 bsc#1193554).
+  Refresh:
+  - patches.suse/0006-nvme-Implement-In-Band-authentication.patch
+- nvme: fix a possible use-after-free in controller reset during
+  load (bsc#1193787 bsc#1197146 bsc#1193554).
+- nvme-fabrics: ignore invalid fast_io_fail_tmo values
+  (bsc#1193787 bsc#1197146 bsc#1193554).
+- nvme-tcp: fix memory leak when freeing a queue (bsc#1193787
+  bsc#1197146 bsc#1193554).
+- nvme-tcp: validate R2T PDU in nvme_tcp_handle_r2t() (bsc#1193787
+  bsc#1197146 bsc#1193554).
+- blk-mq: don't free tags if the tag_set is used by other device
+  in queue initialztion (bsc#1193787 bsc#1197146 bsc#1193554).
+- commit 4ccb78c
+
+- series: Resort entries
+  The series is not sorted which makes qdoit unhappy. Sort it.
+- commit ce701de
+
+- esp: Fix possible buffer overflow in ESP transformation
+  (CVE-2022-0886 bsc#1197131).
+- sock: remove one redundant SKB_FRAG_PAGE_ORDER macro
+  (CVE-2022-0886 bsc#1197131).
+- commit fa4075e
+
+- ipv6: fix skb drops in igmp6_event_query() and
+  igmp6_event_report() (CVE-2022-0742 bsc#1197128).
+- commit b531b26
+
+- aio: fix use-after-free due to missing POLLFREE handling
+  (CVE-2021-39698 bsc#1196956).
+- aio: keep poll requests on waitqueue until completed
+  (CVE-2021-39698 bsc#1196956).
+- signalfd: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- binder: use wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- wait: add wake_up_pollfree() (CVE-2021-39698 bsc#1196956).
+- commit ee17f5c
+
+- net/smc: Fix hung_task when removing SMC-R devices
+  (bsc#1197082).
+- commit 5256139
+
+- rpm/kernel-source.spec.in: call fdupes per subpackage
+  It is a waste of time to do a global fdupes when we have
+  subpackages.
+- commit 1da8439
+
+- bpf, selftests: Add test case trying to taint map value pointer
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Make 32->64 bounds propagation slightly more robust
+  (bsc#1196130,CVE-2021-45402).
+- bpf: Fix signed bounds propagation after mov32
+  (bsc#1196130,CVE-2021-45402).
+- commit 04987fb
+
+- rpm/arch-symbols,guards,*driver: Replace Novell with SUSE.
+- commit 174a64f
+
+- rpm/kernel-docs.spec.in: use %%license for license declarations
+  Limited to SLE15+ to avoid compatibility nightmares.
+- commit 73d560e
+
+- rpm/*.spec.in: Use https:// urls
+- commit 77b5f8e
+
+- ARM: fix build error when BPF_SYSCALL is disabled (bsc#1085308
+  CVE-2022-23960).
+- ARM: include unprivileged BPF status in Spectre V2 reporting
+  (bsc#1085308 CVE-2022-23960).
+- commit 2b85b07
+
+- ARM: Spectre-BHB workaround (bsc#1085308 CVE-2022-23960).
+- Update config files.
+- commit 214f301
+
+- ARM: use LOADADDR() to get load address of sections (bsc#1085308
+  CVE-2022-23960).
+- ARM: early traps initialisation (bsc#1085308 CVE-2022-23960).
+- ARM: report Spectre v2 status through sysfs (bsc#1085308
+  CVE-2022-23960).
+- commit 20f8a99
+
+- nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787 bsc#1197146 bsc#1193554).
+- commit 68439a4
+
+- arm64: proton-pack: Include unprivileged eBPF status in
+  Spectre v2 mitigation reporting (bsc#1085308 CVE-2022-23960
+  CVE-2022-0001 CVE-2022-0002).
+- arm64: Use the clearbhb instruction in mitigations (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered
+  and migrated (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- commit 52f56e7
+
+- arm64: Mitigate spectre style branch history side channels
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- Update config files.
+- Refresh
+  patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch.
+- commit 1403b73
+
+- arm64: proton-pack: Report Spectre-BHB vulnerabilities as
+  part of Spectre-v2 (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: Add percpu vectors for EL1 (bsc#1085308 CVE-2022-23960
+  CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Add macro for reading symbol addresses from
+  the trampoline (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Add vectors that have the bhb mitigation sequences
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Add non-kpti __bp_harden_el1_vectors for
+  mitigations (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Allow the trampoline text to occupy multiple pages
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Make the kpti trampoline's kpti sequence optional
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Move trampoline macros out of ifdef'd section
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Don't assume tramp_vectors is the start
+  of the vectors (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Allow tramp_alias to access symbols after
+  the 4K boundary (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: entry: Move the trampoline data page before the text page
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Free up another register on kpti's tramp_exit path
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry: Make the trampoline cleanup optional (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- KVM: arm64: Allow indirect vectors to be used without
+  SPECTRE_V3A (bsc#1085308 CVE-2022-23960 CVE-2022-0001
+  CVE-2022-0002).
+- arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit
+  (bsc#1085308 CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- arm64: entry.S: Add ventry overflow sanity checks (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- commit 39b0cd1
+
+- arm64: Add Cortex-X2 CPU part definition (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- Refresh
+  patches.suse/arm64-Add-Cortex-A510-CPU-part-definition.patch.
+- commit 1489419
+
+- arm64: add ID_AA64ISAR2_EL1 sys register (bsc#1085308
+  CVE-2022-23960 CVE-2022-0001 CVE-2022-0002).
+- commit 76b95f9
+
+- bpf/selftests: Test PTR_TO_RDONLY_MEM (bsc#1196261 CVE-2022-0500).
+- bpf: Add MEM_RDONLY for helper args that are pointers to rdonly mem
+  (bsc#1196261 CVE-2022-0500).
+- bpf: Make per_cpu_ptr return rdonly PTR_TO_MEM
+  (bsc#1196261CVE-2022-0500).
+- bpf: Convert PTR_TO_MEM_OR_NULL to composable types
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Introduce MEM_RDONLY flag (bsc#1194111 bsc#1194765
+  bsc#1196261 CVE-2021-4204 CVE-2022-0500 CVE-2022-23222).
+- Refresh
+  patches.suse/bpf-Fix-out-of-bounds-access-for-ringbuf-helpers.patch.
+- Refresh
+  patches.suse/bpf-Generally-fix-helper-register-offset-check.patch.
+- bpf: Replace PTR_TO_XXX_OR_NULL with PTR_TO_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- Refresh
+  patches.suse/bpf-Generalize-check_ctx_reg-for-reuse-with-other-ty.patch.
+- Refresh
+  patches.suse/bpf-Generally-fix-helper-register-offset-check.patch.
+- bpf: Replace RET_XXX_OR_NULL with RET_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Replace ARG_XXX_OR_NULL with ARG_XXX | PTR_MAYBE_NULL
+  (bsc#1194111 bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- bpf: Introduce composable reg, ret and arg types (bsc#1194111
+  bsc#1194765 bsc#1196261 CVE-2021-4204 CVE-2022-0500
+  CVE-2022-23222).
+- commit 4db4b9b
+
+- Delete ACPI patch that broke s2idle (bsc#1196213)
+  Deleted:
+  patches.suse/ACPI-EC-Rework-flushing-of-EC-work-while-suspended-t.patch
+  A new kABI compat patch was added instead
+- commit 99c6bc9
+
+- NFSD: Fix READDIR buffer overflow (git-fixes bsc#1196346).
+- commit a149497
+
+- arm64: Add Cortex-A510 CPU part definition (git-fixes).
+- commit 1fd20fb
+
kernel-zfcpdump
+- powerpc/rtas: Keep MSR RI set when calling RTAS (bsc#1197174
+  ltc#196362).
+- commit be99d79
+
+- watch_queue: Actually free the watch (CVE-2022-0995
+  bsc#1197246).
+- watch_queue: Fix NULL dereference in error cleanup
+  (CVE-2022-0995 bsc#1197246).
+- commit 9f97636
+
+- ALSA: pcm: Fix races among concurrent prealloc proc writes
+  (CVE-2022-1048 bsc#1197331).
+- commit 7ca9b7d
+
+- ALSA: pcm: Fix races among concurrent prepare and
+  hw_params/hw_free calls (CVE-2022-1048 bsc#1197331).
+- commit bdcd5ee
+
+- ALSA: pcm: Fix races among concurrent read/write and buffer
+  changes (CVE-2022-1048 bsc#1197331).
+- commit 8bb5c1f
+
+- ALSA: pcm: Fix races among concurrent hw_params and hw_free
+  calls (CVE-2022-1048 bsc#1197331).
+- commit 4ce87ae
+
+- ALSA: kABI workaround for snd_pcm_runtime changes (CVE-2022-1048
+  bsc#1197331).
+- commit 15a1bad
+
keybinder
-- Disabled python binding on Leap 15.4
+- Disable python2 bindings on 15.4 - they fail to build.
kgamma5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
khotkeys5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kinfocenter5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kmenuedit5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kscreen5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * KCM: Center Orientation label when there's no automatic options
+  * X11: align touchscreen to internal display (kde#415683)
+- Drop code for obsolete versions
+
kscreenlocker
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
ksshaskpass5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
ksystemstats5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kwayland-integration
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
kwayland-server
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * outputchangeset: set default values for vrr policy and rgb range (kde#442520)
+
kwin5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * backends/drm: attempt a modeset on output disabling (kde#449878)
+  * plugins/screencast: Fix a glitch in cursor bitmap
+  * backends/drm: set max bpc in DrmPipeline
+  * backends/drm: fall back to legacy mode in virtual machines (kde#427060)
+  * backends/drm: only allow ARGB8888 as the cursor format
+  * effects/blur: Fix window flickering when the clip intersected with the current blur region. (kde#421135)
+  * screencast: better solution for missing context on cursor move
+  * Revert "screencast: make context current in tryEnqueue"
+  * src/kcmkwin: fix botched indentation code for final checkbox
+  * backends/drm: don't do direct scanout with software rotation
+  * screencast: make context current in tryEnqueue
+  * effects/desktopgrid: don't forget to schedule repaints when timeline is running (kde#444678)
+  * effects/desktopgrid: register down gesture (kde#444694)
+  * inputmethod: Do not reset when hiding
+  * inputmethod: Listen to text-input enablement changes when starting disabled
+- Drop patches, now upstream:
+  * 0001-backends-drm-fall-back-to-legacy-mode-in-virtual-mac.patch
+
+- Add patch to fix client cursor offset in VMs (kde#427060):
+  * 0001-backends-drm-fall-back-to-legacy-mode-in-virtual-mac.patch
+
kwrited5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
layer-shell-qt
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
libkdecoration2
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * Add RtL support (kde#432390)
+
libkscreen2
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
libksysguard5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
+- Force PIE when building with gcc-10 (boo#1195628, boo#1197641)
+
libosinfo
+- bsc#1197769 - FTBFS: libosinfo won't compile on SP4
+  libosinfo.spec
+
libqt5-qtwebengine
+- Add security fixes:
+  * CVE-2022-0971-qtwebengine-5.15.patch (CVE-2022-0971, boo#1197163)
+  * CVE-2022-1096-qtwebengine-5.15.patch (CVE-2022-1096, boo#1197552)
+
+- Add patch to fix build with GCC 12:
+  * 0001-skia-Some-includes-to-fix-build-with-GCC-12.patch
+
libsolv
+- reworked choice rule generation to cover more usecases
+- support SOLVABLE_PREREQ_IGNOREINST in the ordering code
+  [bsc#1196514]
+- support parsing of Debian's Multi-Arch indicator
+- bump version to 0.7.22
+
libzypp
-- Fix package signature check (bsc#184501)
+- ZConfig: Update solver settings if target changes (bsc#1196368)
+- version 17.30.0 (22)
+
+- Fix possible hang in singletrans mode (bsc#1197134)
+- Do 2 retries if mount is still busy.
+- version 17.29.7 (22)
+
+- Fix package signature check (bsc#1184501)
lzma-sdk
+- Update to version 21.07
+  * New switches: -spm and -im!{file_path} to exclude
+    directories from processing for specified paths that don't
+    contain path separator character at the end of path.
+  * The sorting order of files in archives was slightly changed
+    to be more consistent for cases where the name of some
+    directory is the same as the prefix part of the name of
+    another directory or file.
+
makedumpfile
+- makedumpfile-sadump-kaslr-fix-kaslr_offset-calculation.patch:
+  sadump, kaslr: fix failure of calculating kaslr_offset
+  (bsc#1196736).
+
+- Turn on zstd in Tumbleweed.
+
milou5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
nvme-cli
+- Fix install conflict caused by new bash completion script
+  location (bsc#1197365).
+
nvme-stas
+- Update to version 1.0-rc5:
+  * Remove misconfiguration check. (bsc#1197361)
+  * Document how to increase the number of interfaces that Avahi can monitor.
+- Removed python3-netifaces dependency (bsc#1197361)
+- Added ahahi dependency
+- Do not list files twice (add %dir to directory paths)
+- Drop workaround for Python interpreter path fixup.
+
+- Update to version 1.0-rc4:
+  * Check ignore-iface when creating TransportId object
+  * Adding man pages for ip-family and ignore-iface
+  * Add ignore-iface and ip-family conf. options
+  * Update the documentation
+  * Change default address returned by name resolver
+  * Filter out invalid IP addresses. (bsc#1197361)
+  * When reading the Host NQN, warn people if the NQN seems invalid
+  * Print descriptive message when unable to run stafctl/stacctl
+  * Use the newly added cntlrtype to check the type of controller
+  * minor fix to previous change to set the log level on libnvme
+  * LOG: enable libnvme debug when trace is enabled
+- Added python3-netifaces dependency
+
openblas:gnu-hpc
+- Build PPC64LE libraries with the lastest gcc available to
+  take advantage of instruction sets in later CPUs used in
+  the CPU specific kernels (jsc#SLE-18143, bsc#1197721).
+  For fortran use the stock compiler to avoid compatibility
+  issues between different versions of libfortran.
+  This is relevant for Leap/SLE only. It may be dropped once
+  gcc < 10 is no longer supported.
+
openblas:gnu-hpc-pthreads
+- Build PPC64LE libraries with the lastest gcc available to
+  take advantage of instruction sets in later CPUs used in
+  the CPU specific kernels (jsc#SLE-18143, bsc#1197721).
+  For fortran use the stock compiler to avoid compatibility
+  issues between different versions of libfortran.
+  This is relevant for Leap/SLE only. It may be dropped once
+  gcc < 10 is no longer supported.
+
openblas:openmp
+- Build PPC64LE libraries with the lastest gcc available to
+  take advantage of instruction sets in later CPUs used in
+  the CPU specific kernels (jsc#SLE-18143, bsc#1197721).
+  For fortran use the stock compiler to avoid compatibility
+  issues between different versions of libfortran.
+  This is relevant for Leap/SLE only. It may be dropped once
+  gcc < 10 is no longer supported.
+
openblas:pthreads
+- Build PPC64LE libraries with the lastest gcc available to
+  take advantage of instruction sets in later CPUs used in
+  the CPU specific kernels (jsc#SLE-18143, bsc#1197721).
+  For fortran use the stock compiler to avoid compatibility
+  issues between different versions of libfortran.
+  This is relevant for Leap/SLE only. It may be dropped once
+  gcc < 10 is no longer supported.
+
openblas:serial
+- Build PPC64LE libraries with the lastest gcc available to
+  take advantage of instruction sets in later CPUs used in
+  the CPU specific kernels (jsc#SLE-18143, bsc#1197721).
+  For fortran use the stock compiler to avoid compatibility
+  issues between different versions of libfortran.
+  This is relevant for Leap/SLE only. It may be dropped once
+  gcc < 10 is no longer supported.
+
openssl-1_1
+- FIPS: Additional PBKDF2 requirements for KAT [bsc#1197280]
+  * The IG 10.3.A and SP800-132 require some minimum parameters for
+    the salt length, password length and iteration count. These
+    parameters should be also used in the KAT.
+  * Add openssl-1_1-FIPS-PBKDF2-KAT-requirements.patch
+
+- Security Fix: [bsc#1196877, CVE-2022-0778]
+  * Infinite loop in BN_mod_sqrt() reachable when parsing certificates
+  * Add openssl-CVE-2022-0778.patch openssl-CVE-2022-0778-tests.patch
+
+- Added openssl-1_1-use-include-directive.patch so that the default
+  /etc/ssl/openssl.cnf file will include any configuration files that
+  other packages might place into /etc/ssl/engines.d/ and
+  /etc/ssl/engdef.d/ This is a fix for bsc#1004463 where scripting was
+  being used to modify the openssl.cnf file. The scripting would fail
+  if either the default openssl.cnf file, or the sample openssl-ibmca
+  configuration file would be changed by upstream.
+- Updated spec file to create the two new necessary directores for
+  the above patch. [bsc#1194187, bsc#1004463]
+
+- FIPS: add openssl-1_1-fips-bsc1190652_release_num_in_version_string.patch
+  * bsc#1190652 - Provide a service to output module name/identifier
+    and version
+
+- Security fix: [bsc#1192820, CVE-2002-20001]
+  * Fix DHEATER: The Diffie-Hellman Key Agreement Protocol allows
+    remote attackers (from the client side) to send arbitrary
+    numbers that are actually not public keys, and trigger
+    expensive server-side DHE calculation.
+  * Stop recommending the DHE in SSL_DEFAULT_SUSE_CIPHER_LIST
+  * Rebase openssl-DEFAULT_SUSE_cipher.patch
+
+- FIPS: Reintroduce the FFC and ECC checks in openssl-DH.patch
+  that were removed in the update to 1.1.1l [bsc#1185313]
+
+- FIPS: Fix sn_objs and ln_objs in crypto/objects/obj_mac.num
+  * Rebase openssl-DH.patch [bsc#1194327]
+- Merge openssl-keep_EVP_KDF_functions_version.patch into
+  openssl-1.1.1-evp-kdf.patch
+- Add function codes for pbkdf2, hkdf, tls and ssh selftests.
+  Rebase patches:
+  * openssl-fips-kdf-hkdf-selftest.patch
+  * openssl-kdf-selftest.patch
+  * openssl-kdf-ssh-selftest.patch
+  * openssl-kdf-tls-selftest.patch
+
+- Pull libopenssl-1_1 when updating openssl-1_1 with the same
+  version. [bsc#1195792]
+
+- FIPS: Fix function and reason error codes [bsc#1182959]
+  * Add openssl-1_1-FIPS-fix-error-reason-codes.patch
+
+- Enable zlib compression support [bsc#1195149]
+
+- Remove the openssl-has-RSA_get0_pss_params provides as it is
+  now fixed in the nodejs16 side [bsc#1192489]
+
+- FIPS: Move the HMAC-SHA2-256 used for integrity test [bsc#1185320]
+  * Add openssl-FIPS-KAT-before-integrity-tests.patch
+
+- FIPS: Add missing KAT for HKDF/TLS 1.3/IPSEC IKEv2 [bsc#1192442]
+  * Add openssl-fips-kdf-hkdf-selftest.patch
+
openssl-ibmca
+- Completely revamped the postinstall scriptlet so that it doesn't
+  need to know or care about how many lines are in either
+  /etc/ssl/openssl.cnf, or the sample file at
+  /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
+  We're now using the ".include" directive for the openssl.cnf
+  file, and only modifying that file the minimum necessary to
+  implement the change. (bsc#1004463)
+
-  * Define a global variable enginedir the same was as IBM does
+  * Define a global variable enginesdir the same was as IBM does
oxygen5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
pam
+- Between allocating the variable "ai" and free'ing them, there are
+  two "return NO" were we don't free this variable. This patch
+  inserts freaddrinfo() calls before the "return NO;"s.
+  [bsc#1197024, pam-bsc1197024-free-addrinfo-before-return.patch]
+
+- Define _pam_vendordir as "/%{_sysconfdir}/pam.d"
+  The variable is needed by systemd and others.
+  [bsc#1196093, macros.pam]
+
pam_kwallet
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
parsec
+- Update to 1.0.0:
+  * Update changelog file only
+- Disable build on x86 since the build fails
+
+- Update to 1.0.0-rc3:
+  * Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc2...1.0.0-rc3
+  * Fixes CVE-2022-24713 - boo#1196972
+
+- Update to 1.0.0-rc2:
+  * Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc1...1.0.0-rc2
+- Remove CryptoAuthLib (CAL) provider as it is unmaintained.
+
+- Update to 1.0.0-rc1:
+  * Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.1...1.0.0-rc1
+- Drop upstream patch:
+  * harden_parsec.service.patch
+
parsec-tool
+- Update to 0.5.2:
+  * changelog from 0.5.1 to 0.5.2:
+    https://github.com/parallaxsecond/parsec-tool/compare/0.5.1...0.5.2
+  * Fixes CVE-2022-24713 - boo#1196972
+
pipewire
+- Reorder BuildRequires and space conditions a bit better in the
+  spec file.
+
+- Update to version 0.3.49:
+  * Highlights
+  - Sample rate switching should work again.
+  - pw-dot can now use the output of pw-dump to render a graph.
+  - Bluetooth A2DP streaming was improved that would reduce
+    stuttering on some devices.
+  - A JACK bug was fixed that would sometimes make it impossible
+    to add more tracks in Ardour. (#1714)
+  - Many bugfixes and improvements.
+  * PipeWire
+  - Fix a potential crash when NULL params were configured.
+  - Add some simple functional tests to avoid some recent
+    regressions. Improve the test framework for this as well.
+  - Improvements to the poll loop to avoid some use-after-free
+    scenarios.
+  - Fix samplerate switching again.
+  - setlocale is not called anymore from the pipewire library.
+    This should be called by the application. (#2223)
+  - pw_init() and pw_deinit() can now be nested and called
+    multiple times.
+  - pw_stream will now report the resampler delay in the
+    pw_time.queued field.
+  * modules
+  - module-filter-chain now supports arbitrary many properties
+    and will use property hints to assign them the right type.
+  - The ROC modules now accept a sink/source_properties
+    parameter.
+  - The module-rt can now also be built without RT-Kit support.
+  - module-echo-cancel can now use a fraction to specify the
+    delay for more precise control.
+  * SPA
+  - The channelmixer will now do upmixing by default and will not
+    use normalization. It will also use a simple upmixing
+    algorithm that duplicates channels by default. A more
+    interesting upmix method is also available (PSD) but needs to
+    be enabled manually. (#861)
+  - Add SSE optimized (de)interleave functions for 32 bits
+    samples with and without byteswap.
+  - JSON parsing of empty strings will now give an invalid number
+    instead of 0.
+  - JSON numbers are now parsed and serialized in a locale
+    independent way so that , and . are not mixed up.
+  - The resampler will now report the resample delay and queued
+    samples as the extra delay.
+  * tools
+  - pw-cat will read more dsf files correctly and will not crash
+    at the end.
+  - pw-top now has a man page.
+  - pw-dot can now use the output of pw-dump to render a graph.
+  * bluetooth
+  - Improve interactions with oFono.
+  - Fix recovery with slow connections.
+  - Improve frame size of AptX-ll.
+  - A2DP can now use any quantum and will flush packets in
+    smaller chunks when needed to adapt. This improves stuttering
+    in some cases.
+  * pulse-server
+  - The server configuration can now be placed in
+    pulse.properties section, which also makes it possible to
+    have custom overrides.
+  - Implement FIX_ flags for capture as well.
+  - Small fixes and improvements in module loading.
+  * JACK
+  - Clear the last error before executing a new action or else we
+    could end up with error from a previous action. This causes
+    some problems in Ardour where adding a track would fail after
+    some time. (#1714)
+- Rebase reduce-meson-dependency.patch.
+
+- Update to version 0.3.48:
+  * Highlights
+  - Fix IEC958 passthrough again.
+  - Fix pulse-server crashes when playing a sample.
+  - Support for more a more advanced upmixing algorithm.
+  - filter-chain now supports arbitrary many ports.
+  - Fix multichannel support in WINE (with new WirePlumber).
+  - Many bugfixes and improvements.
+  * PipeWire
+  - The work queue is now created in the context so we can fail
+    early and avoid further error checking in various places.
+  - Fix a potential use after free with threaded loops.
+  - The protocol now has a message footer. This is used to pass
+    around global state such as the last registered object
+    serial number. This can be used to detect when a client tries
+    to bind to old (but reused) object ids. This avoids some
+    races in the session manager but also when binding objects.
+  - The zero-denormals CPU flag is now not touched anymore unless
+    explicitly selected by the user. Denormals are avoided in
+    filter-chain now in software. If the zero-denormals are now
+    only configured in the data thread. This should fix issues
+    with luajit.
+  - Configuration parsing will not actually fail on errors.
+  - pw-top now correctly clips unicode characters.
+  - Many places now use a dynamic POD builder to support
+    arbitrary large property sets.
+  - pw-stream now support PropInfo parameters so that they can
+    announce custom properties.
+  - Serial number are now also set on metadata and
+    session-manager objects.
+  * SPA
+  - audioadapter is now smarter when trying to fixate the format.
+    It will use the PortConfig format to fill in any wildcards.
+    This results in the least amount of conversions when the
+    stream can handle it. It also is part of a fix (also requires
+    a session manager fix) for WINE multichannel support.
+  - Fix 5.1 to 2 channels mixing. It was using the volume of the
+    stereo pair on all channels.
+  - Fix some weird volume issues when a source is capturing and
+    channelmixing.
+  - Add stereo to 7.1 upmixing.
+  - The channelmix parameters can be changed at runtime now.
+  - Many improvements to the upmixing algorithms. Rear channels
+    are now constructed from the ambient sound and can have delay
+    and phase shift applied to them to improve spacialisation.
+    The stereo channels can be filtered so that the dialogue is
+    more concentrated in the centre channel.
+  * modules
+  - Module X11 bell received cleanups and improvements.
+  - The module now has a private method to schedule unload later.
+    This simplifies cleanup in many modules.
+  - module-filter-chain now handles arbitrary many ports and
+    control ports.
+  - Fix a bug in RAOP where it was reading from the wrong port.
+  * pulse-server
+  - Nodes with the DONT_MOVE property should fail with -EINVAL
+    when they are moved.
+  - Fix a segfault when playing a sample.
+  - The _FIX flags in pulse-server also now ignore the configured
+    sample format, just like pulseaudio does.
+  - Fix IEC958 passthrough again. It got accidentally broken
+    since 0.3.45 with a fix for another issue.
+  - Fix module-null-sink device.description.
+  * Bluetooth
+  - Don't try to connect HSP/HFP when no backend is available.
+- Drop patches already included upstream:
+  * 0001-revert-loop-remove-destroy-list.patch
+  * 0002-pulse-server-free-pending-sample-reply.patch
+- Rebase reduce-meson-dependency.patch.
+- Enable pulseaudio-setup use on openSUSE Leap 15.4.
+- Some spec clean-up.
+
+- Add 0001-revert-loop-remove-destroy-list.patch: fix MPD crash.
+- Add 0002-pulse-server-free-pending-sample-reply.patch: fix
+  "fast volume change".
+
+- Update to version 0.3.47:
+  * Fix a bug in pulse-server that caused cached notifications to
+    play multiple times.
+  * Remove a check and warnings to catch leaked listeners on the
+    proxy. This might access invalid memory and cause infinite
+    loops in older wireplumber.
+- Rebase reduce-meson-dependency.patch.
+
+- Update to version 0.3.46:
+  * Highlights:
+  - Fix a critical bug in pipewire-pulse buffer size handling
+    that made some apps (MuseScore, ... ) stutter.
+  - Fix a critical bug where devices would not show when the
+    kernel was compiled without VERBOSE_PROCSFS.
+  - JACK clients will now use lock-quantum by default. This
+    makes sure that all dynamic quantum changes are disabled
+    while a JACK app is running. The only way to force a
+    quantum chance is through a JACK app or with the metadata.
+  - Almost all limits on number of ports, clients and nodes are
+    removed.
+  - A Dummy fallback sink is now automatically created when
+    there are no other sinks. This avoids stalling browsers.
+  - Sound sharing with Zoom should work better. A new WirePlumber
+    release might be required.
+  - Many more fixes and improvements.
+  * PipeWire
+  - Update docs with new config overrides.
+  - The rule matching logic was moved to config and code is now
+    shared with pulse-server and JACK.
+  - Add new Romanian translation.
+  - When a quantum is forced with metadata, any node that asked
+    to lock-quantum is ignored so that the quantum change can
+    happen.
+  - Fix a bug where a mixer was removed twice, leading to
+    potential memory corruption.
+  - The port limits on nodes and filters are now removed.
+    Some code was simplified.
+  - Fix a potential leak because listeners where removed while
+    they could be emitted.
+  - Improve context.exec and avoid zombie processes.
+  * Modules
+  - The RAOP module now has a default latency of 2 seconds,
+    like PulseAudio.
+  - The echo-cancel module now uses the plugin loader to load
+    the backends. This makes it possible to add custom, out of
+    tree, echo cancel plugins.
+  * Tools
+  - Improve help of pw-link.
+  - Output to stdout and error to stderr. Use setlinebuf for
+    stdout to improve piping between apps. (#2110)
+  * SPA
+  - Improve removing sources when dispatching. Also improve
+    performance now that a destroy loop can be removed. (#2114)
+  - Fix an fd leak in the logger when logging to a file.
+  - Improve loop enter/leave checks and support recursive loops.
+  * pulse-server
+  - Clamp various buffer attributes to the max length. Fixes some
+    issues with various applications. (#2100)
+  - Module properties are now remapped correctly from their
+    pulseaudio variant to the PipeWire ones.
+  - Fix module index in introspect. Use the right index when
+    loaded from our internal modules. (#2101)
+  - Improve argument parsing and node.description. (#2086)
+  - The sink-index should now be filled in correctly when playing
+    a sample. (#2129)
+  - module-always-sink is now implemented and loaded by default.
+    (#1838)
+  - Add support for loading some modules only once.
+  - Module load and unload now does extra sync to make it appear
+    synchronous, like in PulseAudio. This improves sounds sharing
+    in Zoom.
+  * ALSA
+  - Fix critical bug where alsa devices would not show when the
+    kernel was compiled without VERBOSE_PROCFS.
+  - Some corner cases were fixed in the ALSA timing code. When
+    the capture node is follower, it will now not try to read too
+    much data and xrun but it will instead produce a cycle of
+    silence.
+  - Various fixes and improvements to make ALSA devices resync to
+    the driver more quickly and accurately.
+  * JACK
+  - Add an option to name the default device as system to improve
+    compatibility with some applications,
+  - Use lock-quantum by default. This makes sure that all dynamic
+    quantum changes are disabled while a JACK app is running. The
+    only way to force a quantum chance is through a JACK app or
+    with the metadata.
+  - It is now possible to do IPC calls from the data thread. Note
+    that this is a very bad idea but required for compatibility
+    with JACK2.
+  * GStreamer
+  - GStreamer sink will now set a default channelmap to make it
+    possible to remap to the channel layout of the device.
+- Update patch for further uses of "new" meson features used by
+  upstream:
+  * reduce-meson-dependency.patch
+
+- Run ldconfig for pipewire-libjack-0_3
+  * The JACK libraries are made available system-wide using
+    /etc/ld.so.conf.d. Hence, ldconfig should be run to make sure
+    the dynamic linker picks them up.
+
plasma-browser-integration
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+- Drop handling for 0%{?suse_version} < 1330
+
plasma-nm5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma-vault
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-addons
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-desktop
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * kcms/componentchooser: unify combobox lengths (kde#451365)
+
plasma5-disks
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-firewall
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-integration
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-nano
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-pa
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-phone-components
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * mmplugin: set all connections to not autoconnect on setMobileDataEnabled(false) (#182)
+
plasma5-sdk
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-systemmonitor
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-thunderbolt
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plasma5-workspace
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * kcms/users: Adjust for padding in overlay sheet (kde#451031)
+  * [Media Controller] Explicitly set slider "to" before setting "value"
+  * [Notifications] Fix implicit size propagation in SelectableLabel
+  * applets/kicker: Skip creating KService for non-desktop files or folders (kde#442970)
+  * Fix sleep/suspend sometimes not working ... from ksmserver-logout-greeter, by making the DBus calls synchronous.
+  * kicker/actionlist: Ensure we parse the args for the jumplist actions (kde#451418)
+  * libtaskmanager: recompute active task when a task is removed
+  * sddm/lockscreen: Fix weird behaviour
+  * [Notifications] Limit notification heading line count
+
plasma5-workspace-wallpapers
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
plymouth-theme-breeze
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
polkit-kde-agent-5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
powerdevil5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
protobuf
+- Fix incorrect parsing of nullchar in the proto symbol, CVE-2021-22570,
+  bsc#1195258
+  * Add protobuf-CVE-2021-22570.patch
+
python-Twisted
+- Add skip-namespacewithwhitespace.patch to make the test suite
+  skip test failing with the modern libexpat.
+
python-rpm
-- Add no-hardocded-python2.diff to avoid hardcoding of python2
-  (jsc#SLE-16747)
-
+- update to rpm-4.11.1
+
python-subliminal
+- Build only for default python3 version
+
python310
+- (bsc#1196784, CVE-2022-25236) Rename patch:
+  support-expat-245.patch to support-expat-CVE-2022-25236-patched.patch
+  and update the patch to detect expat >= 2.4.4 instead of >= 2.4.5
+  as it was fully patched against CVE-2022-25236.
+
+- Add patch support-expat-245.patch:
+  * Support Expat >= 2.4.5
+
python310:base
+- (bsc#1196784, CVE-2022-25236) Rename patch:
+  support-expat-245.patch to support-expat-CVE-2022-25236-patched.patch
+  and update the patch to detect expat >= 2.4.4 instead of >= 2.4.5
+  as it was fully patched against CVE-2022-25236.
+
+- Add patch support-expat-245.patch:
+  * Support Expat >= 2.4.5
+
python310:doc
+- (bsc#1196784, CVE-2022-25236) Rename patch:
+  support-expat-245.patch to support-expat-CVE-2022-25236-patched.patch
+  and update the patch to detect expat >= 2.4.4 instead of >= 2.4.5
+  as it was fully patched against CVE-2022-25236.
+
+- Add patch support-expat-245.patch:
+  * Support Expat >= 2.4.5
+
qemu:linux-user
+- Support the SGX feature (bsc#1197807)
+  * Patches added:
+  doc-Add-the-SGX-numa-description.patch
+  numa-Enable-numa-for-SGX-EPC-sections.patch
+  numa-Support-SGX-numa-in-the-monitor-and.patch
+
+- Backport CVE-2021-3929 (bsc#1193880)
+  * Patches added:
+  hw-nvme-fix-CVE-2021-3929.patch
+
+- The patches from upstream cause testsuit failures (bsc#1197150 bsc#1197528)
+  * Patches added:
+  Revert-python-iotests-replace-qmp-with-a.patch
+  Revert-python-machine-add-instance-disam.patch
+  Revert-python-machine-add-sock_dir-prope.patch
+  Revert-python-machine-handle-fast-QEMU-t.patch
+  Revert-python-machine-move-more-variable.patch
+  Revert-python-machine-remove-_remove_mon.patch
+
+- Add missing patch from a PTFs (bsc#1194938)
+  * Patches added:
+  scsi-generic-check-for-additional-SG_IO-.patch
+
+- Kill downstream patches around bifmt handling that makes
+  cumbersome to run multi-arch containers, and switch to the
+  upstream behavior, which is well documented and valid on
+  all other distros. This is possible thanks to Linux kernel
+  commit 2347961b11d4 and QEMU commit 6e1c0d7b951e19c53 (so
+  it can only work on Leap/SLE 15.4 and higher). (bsc#1197298)
+  * Patches dropped:
+  qemu-binfmt-conf.sh-allow-overriding-SUS.patch
+  qemu-binfmt-conf-use-qemu-ARCH-binfmt.patch
+
+- Fix update_git.sh wiping all the package file of the local
+  checkout while cloning the git repository on demand (in case they
+  don't exist and the user as to do so).
+
+- Improve test reliability
+  * Patches added:
+  Fix-the-module-building-problem-for-s390.patch
+  tests-qemu-iotests-040-Skip-TestCommitWi.patch
+  tests-qemu-iotests-testrunner-Quote-case.patch
+
+- Fix virtiofs crashing with glibc >= 2.35, due to rseq syscall
+  (bsc#1196924)
+  * Patches added:
+  tools-virtiofsd-Add-rseq-syscall-to-the-.patch
+
+- Avoid warnings caused by a GCC 12 bug, see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98503
+  (bsc#1197018)
+  * Patches added:
+  hw-i386-amd_iommu-Fix-maybe-uninitialize.patch
+  Silence-GCC-12-spurious-warnings.patch
+  Ignore-spurious-GCC-12-warning.patch
+
+- Proactive fix
+  * Patches added:
+  hw-nvram-at24-return-0xff-if-1-byte-addr.patch
+
qqc2-breeze-style
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+
qt6-webengine
+- Add security fixes:
+  * CVE-2022-0971-qtwebengine-5.15.patch (CVE-2022-0971, boo#1197163)
+  * CVE-2022-1096-qtwebengine-5.15.patch (CVE-2022-1096, boo#1197552)
+
qt6-webengine:docs
+- Add security fixes:
+  * CVE-2022-0971-qtwebengine-5.15.patch (CVE-2022-0971, boo#1197163)
+  * CVE-2022-1096-qtwebengine-5.15.patch (CVE-2022-1096, boo#1197552)
+
raspberrypi-firmware-dt
+- With recent Linux kernel gpio-ranges Device Tree property is now
+  required. Add following patches to fix immediate issue described
+  in bsc#1197578.
+    ARM-dts-gpio-ranges-property-is-now-required.patch
+    ARM-dts-Add-GPIO-line-names-for-downstream-RPis.patch
+  We do not update whole package because this will create new
+  issues like the one described in comment#12 in bsc#1193434
+  and comment#2 in bsc#1196632. Once patches referenced in
+  bsc#1196632 are accepted upstream. _This_ package could be
+  upgraded too.
+
rpm
+- Revert unwanted /usr/bin/python -> /usr/bin/python2 change we
+  got with the update to 4.14.3 [bsc#1194968]
+  new patch: no-python2.diff
+
+- Backport header check changes so that old rpms get no longer
+  rejected [bsc#1190824]
+  updated patch: headerchk3.diff
+
+- Add explicit requirement on python-rpm-macros to avoid widespread
+  breakage by package mistakenly ignoring their requirement of
+  python-rpm-macros (bsc#1180125, bsc#1193711).
+
+- backport zstd detection fix [bsc#1187670]
+  new patch: zstddetection.diff
+- backport ndb rofs support [bsc#1188548]
+  new patch: ndbrofs.diff
+- backport pgp hardening changes from upstream [bsc#1185299]
+  new patch: pgpharden.diff
+- fix deadlock when multiple rpm processes try tp acquire the
+  database lock [bsc#1183659]
+  new patch: deadlock.diff
+
salt
+- Fix salt-ssh opts poisoning (bsc#1197637)
+- Added:
+  * fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch
+
+- Fix multiple security issues (bsc#1197417)
+- * Sign authentication replies to prevent MiTM (CVE-2022-22935)
+- * Sign pillar data to prevent MiTM attacks. (CVE-2022-22934)
+- * Prevent job and fileserver replays (CVE-2022-22936)
+- * Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941)
+- Added:
+  * fix-multiple-security-issues-bsc-1197417.patch
+
spice
+- Add patch to let spice build with gstreamer 1.20.x
+  (https://gitlab.freedesktop.org/spice/spice/-/merge_requests/207)
+  * fix-build-with-gstreamer-1.20.patch
+
sudo
+- Add sudo-1.9.9-honor-T_opt.patch
+  * the -T option of sudo does nothing even when
+  'Defaults user_command_timeouts' is present in the configuration.
+  * [bsc#1193446]
+  * Credit to Jaroslav Jindrak <dzejrou@gmail.com>
+
+- Restrict use of sudo -U other -l to people who have permission
+  to run commands as that user (bsc#1181703, jsc#SLE-22569)
+  * feature-upstream-restrict-sudo-U-other-l.patch
+
systemd
+- spec: enable 'efi' support regardless of whether sd_boot is enabled or not
+  We should support EFI systems even if systemd-boot is not enabled.
+
+- spec: cope with %{_modprobedir} being /lib/modprobe.d on SLE
+
systemd:mini
+- spec: enable 'efi' support regardless of whether sd_boot is enabled or not
+  We should support EFI systems even if systemd-boot is not enabled.
+
+- spec: cope with %{_modprobedir} being /lib/modprobe.d on SLE
+
systemsettings5
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- Changes since 5.24.3:
+  * Don't let back arrow be re-colored to monochrome
+  * systemsettings runner: Ensure that we match keywords case insensitively (kde#451634)
+
termcap
+- Convert changes file to proper UTF-8 format: new
+  version of RPM are getting strict in interpreting files.
+
+- Use FAT LTO objects in order to provide proper static library.
+
+- curses-bsd4.4-linux.patch: remove use of internal macro name
+- Don't unpack Source0 twice
+
-- added baselibs.conf file to build xxbit packages
-  for multilib support
-
-- converted neededforbuild to BuildRequires
-
-- Remove one of two __END_DECLS (bug #140467)
-
texlive
+- Add also a Conflicts for texlive-texconfig-bin in
+  texlive-scripts-extra-bin (bsc#1197569)
+
trilinos:documentation
+- Update to version 13.2.0
+  For information on changes consult the release notes of
+  its sub-packages.
+  * Remove: Make-kokkos-build-reproducible.patch
+    Add-missing-ENV-DESTDIR.patch
+  * Add: Fix-control-reaches-end-of-non-void-function-error.patch
+    Convert-python2-isms-to-python3.patch
+  Not-a-shell-script.patch
+- Add dependency for library package to devel package.
+- Fix cmake include path (boo#1194648):
+  cmake/tribits/core/package_arch/TribitsWriteClientExportFiles.cmake
+  uses a logic to calculate the relative path elements between
+  the cmake directory and the installation directory. This works
+  only if Trilinos_INSTALL_LIB_DIR is relative, while other parts
+  of the code allow it to be absolute.
+- Fix doc building.
+
trilinos:gnu-openmpi2-hpc
+- Update to version 13.2.0
+  For information on changes consult the release notes of
+  its sub-packages.
+  * Remove: Make-kokkos-build-reproducible.patch
+    Add-missing-ENV-DESTDIR.patch
+  * Add: Fix-control-reaches-end-of-non-void-function-error.patch
+    Convert-python2-isms-to-python3.patch
+  Not-a-shell-script.patch
+- Add dependency for library package to devel package.
+- Fix cmake include path (boo#1194648):
+  cmake/tribits/core/package_arch/TribitsWriteClientExportFiles.cmake
+  uses a logic to calculate the relative path elements between
+  the cmake directory and the installation directory. This works
+  only if Trilinos_INSTALL_LIB_DIR is relative, while other parts
+  of the code allow it to be absolute.
+- Fix doc building.
+
trilinos:openmpi2
+- Update to version 13.2.0
+  For information on changes consult the release notes of
+  its sub-packages.
+  * Remove: Make-kokkos-build-reproducible.patch
+    Add-missing-ENV-DESTDIR.patch
+  * Add: Fix-control-reaches-end-of-non-void-function-error.patch
+    Convert-python2-isms-to-python3.patch
+  Not-a-shell-script.patch
+- Add dependency for library package to devel package.
+- Fix cmake include path (boo#1194648):
+  cmake/tribits/core/package_arch/TribitsWriteClientExportFiles.cmake
+  uses a logic to calculate the relative path elements between
+  the cmake directory and the installation directory. This works
+  only if Trilinos_INSTALL_LIB_DIR is relative, while other parts
+  of the code allow it to be absolute.
+- Fix doc building.
+
trilinos:serial
+- Update to version 13.2.0
+  For information on changes consult the release notes of
+  its sub-packages.
+  * Remove: Make-kokkos-build-reproducible.patch
+    Add-missing-ENV-DESTDIR.patch
+  * Add: Fix-control-reaches-end-of-non-void-function-error.patch
+    Convert-python2-isms-to-python3.patch
+  Not-a-shell-script.patch
+- Add dependency for library package to devel package.
+- Fix cmake include path (boo#1194648):
+  cmake/tribits/core/package_arch/TribitsWriteClientExportFiles.cmake
+  uses a logic to calculate the relative path elements between
+  the cmake directory and the installation directory. This works
+  only if Trilinos_INSTALL_LIB_DIR is relative, while other parts
+  of the code allow it to be absolute.
+- Fix doc building.
+
vlc
+- Update to version 3.0.17.3:
+  + This is a fixup release which fixes a regression that could
+    cause a lack of audio for adaptive streaming playback. It is
+    identical to 3.0.17.2 otherwise.
+  + This updates contains various fixes and improvements:
+  - Major adaptive streaming stack overhaul
+  - Major codec updates
+  - Many third party libraries update
+  - Allow brackets in the path section of URLs
+  - Better notch support for new macbooks
+  - Add support for DAV video and Webp image formats
+  - Improve AV1 live streaming support
+  - Several SRT support improvements
+  - Numerous crash fixes
+  - Update youtube script
+- Changes from version 3.0.17.2:
+  + This is a fixup release which fixes youtube playback and
+    contextual menus on integrated video for the Qt interface. It
+    is identical to 3.0.17-1 otherwise.
+- Changes from version 3.0.17-1:
+  + This is a fixup release which bumps libflac to 1.3.4 in order
+    to fix CVE-2020-0499 and CVE-2021-0561 on platforms for which
+    we provide binary releases.
+
+- Disable libnfs and soxr integration on suse_version < 1500 (e.g
+  SLE12).
+
+- Update to version 3.0.17:
+  + Core:
+  * Fix a regression in parsing secondary source MRLs
+  * Allow brackets in path part of URLs
+  + Access:
+  * Fix support for screen capture on macOS with avcapture
+  * Fix closing of HTTP 1.x connections
+  * Improve HTTP2 memory usage
+  * Improve AVCapture module
+  * Improve AudioCD support (audio/data mixed mode, musicbrainz)
+  * Improve SMB compatibility by changing the read size
+  * Several improvements on the SRT modules (including streamID)
+  + Decoders/Packetizers:
+  * Add support for DTS LBR
+  * Fix some HEVC hardware decoding on Windows and crashes when aspect ratio changes
+  * Fix hardware decoding for some AMD GPU drivers
+  * Add support for new Fourcc for E-AC3, AV1, GeoVision
+  * Fix crashes with VP9 streams
+  * Fix styling issues with subs tx3g (mp4) tracks
+  * Fix playback of live AV1 streams
+  + Audio Output:
+  * iOS/tvOS: add support for spatial audio
+  * macOS: fix some channels ordering for > 5.1 channels
+  * Android: rework audio volume management
+  + Video Output:
+  * Fix a D3D11 crash when the stream changes aspect ratio
+  + Demux:
+  * Major overhaul of the adaptive streaming stack
+  * Support for DAV video files
+  * Add WebP image mapping
+  * Fix missing audio start of Opus audio in MKV/WebM
+  * Fix an infinite loop in MP4
+  * Fix attachments extractions in ogg files
+  * Support Uncompressed audio in mp4 (ISO/IEC 23003-5)
+  * Fix some lip sync issue in rare MPEG-TS streams
+  + Interface:
+  * Qt/macOS: Fixup user provided URLs
+  * Add safe area handling on macOS
+  * Qt: improve preferences search
+  * Qt: fix --no-mouse-events option
+  + Misc:
+  * Update YouTube script
+  * Fix Icecast directory parsing which could lead to missing entries
+  * Improve UPnP compatibility with some servers
+- Drop vlc-srto_tsbpddelay.patch: fixed upstream.
+
+- BuildRequires pkgconfig(smbclient) instead of smbclient-devel:
+  smbclient-devel was merged into samba-devel, and we do not want
+  to care for actual package names.
+
+- Guard --enable-libplacebo configure parameter with is_opensuse:
+  the buildrequires is also guarded the same way.
+
vokoscreenNG
+- Update to 3.2.0
+  * Adjust log file name, add timestamps
+  * Only show filename without path in the player window title
+  * Improve audio recording when recording from multiple devices on
+    PulseAudio
+  * Show message in audio tab if no PulseAudio server is found
+  * Translation Updates
+
wireplumber
+- Add patch from upstream to fix no sound on reconnection of
+  bluetooth device (glfo#pipewire/wireplumber#234):
+  * 0001-scripts-policy-device-profile-clear-tables-when-devices-removed.patch
+
+- Add patch from upstream to set locale in apps now that pw_init
+  doesn't call it by itself anymore in pipewire 0.3.49:
+  * 0001-src-setlocale-in-main-for-tools-and-the-daemon.patch
+
+- Make the wireplumber-audio noarch as it just contains a lua
+  config file.
+
+- Update to version 0.4.9:
+  * Fixes:
+  - restore-stream no longer crashes if properties for it are not
+    present in the config (#190)
+  - spa-json no longer crashes on non-x86 architectures
+  - Fixed a potential crash in the bluetooth auto-switch module
+    (#193)
+  - Fixed a race condition that would cause Zoom desktop audio
+    sharing to fail (#197)
+  - Surround sound in some games is now exposed properly
+    (pipewire#876)
+  - Fixed a race condition that would cause the default source &
+    sink to not be set at startup
+  - policy-node now supports the 'target.object' key on streams
+    and metadata
+  - Multiple fixes in policy-node that make the logic in some
+    cases behave more like PulseAudio (regarding nodes with the
+    dont-reconnect property and regarding following the default
+    source/sink)
+  - Fixed a bug with parsing unquoted strings in spa-json
+  * Misc:
+  - The policy now supports configuring "persistent" device
+    profiles. If a device is manually set to one of these
+    profiles, then it will not be auto-switched to another
+    profile automatically under any circumstances (#138, #204)
+  - The device-activation module was re-written in lua
+  - Brave, Edge, Vivaldi and Telegram were added in the bluetooth
+    auto-switch applications list
+  - ALSA nodes now use the PCM name to populate node.nick, which
+    is useful at least on HDA cards using UCM, where all outputs
+    (analog, hdmi, etc) are exposesd as nodes on a single profile
+  - An icon name is now set on the properties of bluetooth devices
+- Drop patches already upstream:
+  * 0001-spa-json-fix-va_list-APIs-for-different-architectures.patch
+  * 0001-restore-stream-do-not-crash-if-config_properties-is-nil.patch
+  * 0002-policy-bluetooth-fix-string.find-crash-with-nil-string.patch
+  * 0003-si-audio-adapter-relax-format-parsing.patch
+- Update split-config-file.py script
+
+- Add patch from upstream to fix a crash on tty switch
+  (glfo#pipewire/wireplumber#193):
+  * 0002-policy-bluetooth-fix-string.find-crash-with-nil-string.patch
+- Add patch from upstream to fix issues with PulseAudio support with
+  PipeWire 0.3.48+ (glfo#pipewire/pipewire#2189):
+  * 0003-si-audio-adapter-relax-format-parsing.patch
+- Some spec clean-up.
+
xdg-desktop-portal-kde
+- Update to 5.24.4
+  * New bugfix release
+  * For more details please see:
+  * https://kde.org/announcements/plasma/5/5.24.4
+- No code changes since 5.24.3
+