-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2017.2700
        SUSE Security Update: Security update for the Linux Kernel
                              26 October 2017

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Access Privileged Data         -- Remote/Unauthenticated
                   Increased Privileges           -- Existing Account      
                   Provide Misleading Information -- Remote/Unauthenticated
                   Denial of Service              -- Existing Account      
                   Reduced Security               -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2017-1000252 CVE-2017-15649 CVE-2017-15265
                   CVE-2017-14489 CVE-2017-14106 CVE-2017-14051
                   CVE-2017-13080 CVE-2017-12154 CVE-2017-12153
                   CVE-2017-12134 CVE-2017-11472 CVE-2017-6346

Reference:         ASB-2017.0141
                   ESB-2017.2364
                   ESB-2017.1136
                   ESB-2017.0614

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2017/suse-su-20172847-1/

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2017:2847-1
Rating:             important
References:         #1004527 #1005776 #1005778 #1005780 #1005781 
                    #1012382 #1012829 #1015342 #1015343 #1019675 
                    #1019680 #1019695 #1019699 #1020412 #1020645 
                    #1020657 #1020989 #1021424 #1022595 #1022604 
                    #1022743 #1022912 #1022967 #1024346 #1024373 
                    #1024405 #1025461 #1030850 #1031717 #1031784 
                    #1032150 #1034048 #1034075 #1035479 #1036060 
                    #1036215 #1036737 #1037579 #1037838 #1037890 
                    #1038583 #1040813 #1042847 #1043598 #1044503 
                    #1046529 #1047238 #1047487 #1047989 #1048155 
                    #1048228 #1048325 #1048327 #1048356 #1048501 
                    #1048893 #1048912 #1048934 #1049226 #1049272 
                    #1049291 #1049336 #1049361 #1049580 #1050471 
                    #1050742 #1051790 #1051987 #1052093 #1052094 
                    #1052095 #1052360 #1052384 #1052580 #1052593 
                    #1052888 #1053043 #1053309 #1053472 #1053627 
                    #1053629 #1053633 #1053681 #1053685 #1053802 
                    #1053915 #1053919 #1054082 #1054084 #1054654 
                    #1055013 #1055096 #1055272 #1055290 #1055359 
                    #1055493 #1055567 #1055709 #1055755 #1055896 
                    #1055935 #1055963 #1056061 #1056185 #1056230 
                    #1056261 #1056427 #1056587 #1056588 #1056596 
                    #1056686 #1056827 #1056849 #1056982 #1057015 
                    #1057031 #1057035 #1057038 #1057047 #1057067 
                    #1057383 #1057498 #1057849 #1058038 #1058116 
                    #1058135 #1058410 #1058507 #1058512 #1058550 
                    #1059051 #1059465 #1059500 #1059863 #1060197 
                    #1060229 #1060249 #1060400 #1060985 #1061017 
                    #1061046 #1061064 #1061067 #1061172 #1061451 
                    #1061721 #1061775 #1061831 #1061872 #1062279 
                    #1062520 #1062962 #1063102 #1063349 #1063460 
                    #1063475 #1063479 #1063501 #1063509 #1063520 
                    #1063570 #1063667 #1063671 #1063695 #1064064 
                    #1064206 #1064388 #1064436 #963575 #964944 
                    #966170 #966172 #966186 #966191 #966316 #966318 
                    #969476 #969477 #969756 #971975 #981309 
Cross-References:   CVE-2017-1000252 CVE-2017-11472 CVE-2017-12134
                    CVE-2017-12153 CVE-2017-12154 CVE-2017-13080
                    CVE-2017-14051 CVE-2017-14106 CVE-2017-14489
                    CVE-2017-15265 CVE-2017-15649
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP3
                    SUSE Linux Enterprise Software Development Kit 12-SP3
                    SUSE Linux Enterprise Server 12-SP3
                    SUSE Linux Enterprise Live Patching 12-SP3
                    SUSE Linux Enterprise High Availability 12-SP3
                    SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 170 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.92 to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2017-1000252: The KVM subsystem in the Linux kernel allowed guest OS
     users to cause a denial of service (assertion failure, and hypervisor
     hang or crash) via an out-of bounds guest_irq value, related to
     arch/x86/kvm/vmx.c and virt/kvm/eventfd.c (bnc#1058038).
   - CVE-2017-11472: The acpi_ns_terminate() function in
     drivers/acpi/acpica/nsutils.c in the Linux kernel did not flush the
     operand cache and causes a kernel stack dump, which allowed local users
     to obtain sensitive information from kernel memory and bypass the KASLR
     protection mechanism (in the kernel through 4.9) via a crafted ACPI
     table (bnc#1049580).
   - CVE-2017-12134: The xen_biovec_phys_mergeable function in
     drivers/xen/biomerge.c in Xen might allow local OS guest users to
     corrupt block device data streams and consequently obtain sensitive
     memory information, cause a denial of service, or gain host OS
     privileges by leveraging incorrect block IO merge-ability calculation
     (bnc#1051790 bsc#1053919).
   - CVE-2017-12153: A security flaw was discovered in the
     nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux
     kernel This function did not check whether the required attributes are
     present in a Netlink request. This request can be issued by a user with
     the CAP_NET_ADMIN capability and may result in a NULL pointer
     dereference and system crash (bnc#1058410).
   - CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the
     Linux kernel did not ensure that the "CR8-load exiting" and "CR8-store
     exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR
     shadow" vmcs12 control, which allowed KVM L2 guest OS users to obtain
     read and write access to the hardware CR8 register (bnc#1058507).
   - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed
     reinstallation of the Group Temporal Key (GTK) during the group key
     handshake, allowing an attacker within radio range to replay frames from
     access points to clients (bnc#1056061 1063479 1063667 1063671).
   - CVE-2017-14051: An integer overflow in the
     qla2x00_sysfs_write_optrom_ctl function in
     drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users
     to cause a denial of service (memory corruption and system crash) by
     leveraging root access (bnc#1056588).
   - CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the
     Linux kernel allowed local users to cause a denial of service
     (__tcp_select_window divide-by-zero error and system crash) by
     triggering a disconnect within a certain tcp_recvmsg code path
     (bnc#1056982).
   - CVE-2017-14489: The iscsi_if_rx function in
     drivers/scsi/scsi_transport_iscsi.c in the Linux kernel allowed local
     users to cause a denial of service (panic) by leveraging incorrect
     length validation (bnc#1059051).
   - CVE-2017-15265: Use-after-free vulnerability in the Linux kernel before
     4.14-rc5 allowed local users to have unspecified impact via vectors
     related to /dev/snd/seq (bnc#1062520).
   - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local
     users to gain privileges via crafted system calls that trigger
     mishandling of packet_fanout data structures, because of a race
     condition (involving fanout_add and packet_do_bind) that leads to a
     use-after-free, a different vulnerability than CVE-2017-6346
     (bnc#1064388).

   The following non-security bugs were fixed:

   - acpi: apd: Add clock frequency for Hisilicon Hip07/08 I2C controller
     (bsc#1049291).
   - acpi: apd: Fix HID for Hisilicon Hip07/08 (bsc#1049291).
   - acpi: apei: Enable APEI multiple GHES source to share a single external
     IRQ (bsc#1053627).
   - acpica: iort: Update SMMU models for revision C (bsc#1036060).
   - acpi: irq: Fix return code of acpi_gsi_to_irq() (bsc#1053627).
   - acpi/nfit: Fix memory corruption/Unregister mce decoder on failure
     (bsc#1057047).
   - acpi: pci: fix GIC irq model default PCI IRQ polarity (bsc#1053629).
   - acpi/processor: Check for duplicate processor ids at hotplug time
     (bnc#1056230).
   - acpi/processor: Implement DEVICE operator for processor enumeration
     (bnc#1056230).
   - ahci: do not use MSI for devices with the silly Intel NVMe remapping
     scheme (bsc#1048912).
   - ahci: thunderx2: stop engine fix update (bsc#1057031).
   - alsa: au88x0: avoid theoretical uninitialized access (bnc#1012382).
   - alsa: compress: Remove unused variable (bnc#1012382).
   - alsa: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978)
     (bsc#1020657).
   - alsa: hda - Implement mic-mute LED mode enum (bsc#1055013).
   - alsa: hda/realtek - Add support headphone Mic for ALC221 of HP platform
     (bsc#1024405).
   - alsa: hda - Workaround for i915 KBL breakage
     (bsc#1048356,bsc#1047989,bsc#1055272).
   - alsa: ice1712: Add support for STAudio ADCIII (bsc#1048934).
   - alsa: usb-audio: Apply sample rate quirk to Sennheiser headset
     (bsc#1052580).
   - alsa: usb-audio: Check out-of-bounds access by corrupted buffer
     descriptor (bnc#1012382).
   - alsa: usx2y: Suppress kernel warning at page allocation failures
     (bnc#1012382).
   - arc: Re-enable MMU upon Machine Check exception (bnc#1012382).
   - arm64: add function to get a cpu's MADT GICC table (bsc#1062279).
   - arm64: do not trace atomic operations (bsc#1055290).
   - arm64: dts: Add Broadcom Vulcan PMU in dts (fate#319481).
   - arm64: fault: Route pte translation faults via do_translation_fault
     (bnc#1012382).
   - arm64: Make sure SPsel is always set (bnc#1012382).
   - arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT (bsc#1046529).
   - arm64: pci: Fix struct acpi_pci_root_ops allocation failure path
     (bsc#1056849).
   - arm64/perf: Access pmu register using <read/write>_sys_reg (bsc#1062279).
   - arm64/perf: Add Broadcom Vulcan PMU support (fate#319481).
   - arm64/perf: Changed events naming as per the ARM ARM (fate#319481).
   - arm64/perf: Define complete ARMv8 recommended implementation defined
     events (fate#319481).
   - arm64: perf: do not expose CHAIN event in sysfs (bsc#1062279).
   - arm64: perf: Extend event config for ARMv8.1 (bsc#1062279).
   - arm64/perf: Filter common events based on PMCEIDn_EL0 (fate#319481).
   - arm64: perf: Ignore exclude_hv when kernel is running in HYP
     (bsc#1062279).
   - arm64: perf: move to common attr_group fields (bsc#1062279).
   - arm64: perf: Use the builtin_platform_driver (bsc#1062279).
   - arm64: pmu: add fallback probe table (bsc#1062279).
   - arm64: pmu: Hoist pmu platform device name (bsc#1062279).
   - arm64: pmu: Probe default hw/cache counters (bsc#1062279).
   - arm64: pmuv3: handle pmuv3+ (bsc#1062279).
   - arm64: pmuv3: handle !PMUv3 when probing (bsc#1062279).
   - arm64: pmuv3: use arm_pmu ACPI framework (bsc#1062279).
   - arm64: pmu: Wire-up Cortex A53 L2 cache events and DTLB refills
     (bsc#1062279).
   - arm: 8635/1: nommu: allow enabling REMAP_VECTORS_TO_RAM (bnc#1012382).
   - arm: dts: r8a7790: Use R-Car Gen 2 fallback binding for msiof nodes
     (bnc#1012382).
   - arm/perf: Convert to hotplug state machine (bsc#1062279).
   - arm/perf: Fix hotplug state machine conversion (bsc#1062279).
   - arm/perf: Use multi instance instead of custom list (bsc#1062279).
   - arm: pxa: add the number of DMA requestor lines (bnc#1012382).
   - arm: pxa: fix the number of DMA requestor lines (bnc#1012382).
   - arm: remove duplicate 'const' annotations' (bnc#1012382).
   - asoc: dapm: fix some pointer error handling (bnc#1012382).
   - asoc: dapm: handle probe deferrals (bnc#1012382).
   - audit: log 32-bit socketcalls (bnc#1012382).
   - bcache: correct cache_dirty_target in __update_writeback_rate()
     (bnc#1012382).
   - bcache: Correct return value for sysfs attach errors (bnc#1012382).
   - bcache: do not subtract sectors_to_gc for bypassed IO (bnc#1012382).
   - bcache: fix bch_hprint crash and improve output (bnc#1012382).
   - bcache: fix for gc and write-back race (bnc#1012382).
   - bcache: Fix leak of bdev reference (bnc#1012382).
   - bcache: initialize dirty stripes in flash_dev_run() (bnc#1012382).
   - blacklist.conf: a7b8829d242b1a58107e9c02b09e93aec446d55c is not
     applicable
   - blacklist.conf: Add commit b5accbb0dfae
   - blacklist.conf: add one more
   - blacklist.conf: Blacklist d12fe87e62d7 signal/testing: Do not look for
     __SI_FAULT in userspace It just fixes a self-test.
   - blacklist.conf: e859afe1ee0c5ae981c55387ccd45eba258a7842 is not
     applicable
   - blacklist.conf: fixes on relevant for MIPS/driver not in our tree
   - blacklist.conf: gcc7 compiler warning (bsc#1056849)
   - block: genhd: add device_add_disk_with_groups (bsc#1060400).
   - block: Relax a check in blk_start_queue() (bnc#1012382).
   - block: return on congested block device (FATE#321994).
   - bluetooth: bnep: fix possible might sleep error in bnep_session
     (bsc#1031784).
   - bluetooth: cmtp: fix possible might sleep error in cmtp_session
     (bsc#1031784).
   - bnx2x: Do not log mc removal needlessly (bsc#1019680 FATE#321692).
   - bnxt: add a missing rcu synchronization (bnc#1038583).
   - bnxt: do not busy-poll when link is down (bnc#1038583).
   - bnxt_en: Add a callback to inform RDMA driver during PCI shutdown
     (bsc#1053309).
   - bnxt_en: Add additional chip ID definitions (bsc#1053309).
   - bnxt_en: Add bnxt_get_num_stats() to centrally get the number of ethtool
     stats (bsc#1053309).
   - bnxt_en: Add missing logic to handle TPA end error conditions
     (bsc#1053309).
   - bnxt_en: Add PCI IDs for BCM57454 VF devices (bsc#1053309).
   - bnxt_en: Allow the user to set ethtool stats-block-usecs to 0
     (bsc#1053309).
   - bnxt_en: Call bnxt_dcb_init() after getting firmware DCBX configuration
     (bsc#1053309).
   - bnxt_en: Check status of firmware DCBX agent before setting
     DCB_CAP_DCBX_HOST (bsc#1053309).
   - bnxt_en: Do not setup MAC address in bnxt_hwrm_func_qcaps() (bsc#963575
     FATE#320144).
   - bnxt_en: Enable MRU enables bit when configuring VNIC MRU (bnc#1038583).
   - bnxt_en: Fix and clarify link_info->advertising (bnc#1038583).
   - bnxt_en: Fix a VXLAN vs GENEVE issue (bnc#1038583).
   - bnxt_en: Fix bug in ethtool -L (bsc#1053309).
   - bnxt_en: Fix netpoll handling (bsc#1053309).
   - bnxt_en: Fix NULL pointer dereference in a failure path during open
     (bnc#1038583).
   - bnxt_en: Fix NULL pointer dereference in reopen failure path
     (bnc#1038583).
   - bnxt_en: fix pci cleanup in bnxt_init_one() failure path (bnc#1038583).
   - bnxt_en: Fix race conditions in .ndo_get_stats64() (bsc#1053309).
   - bnxt_en: Fix ring arithmetic in bnxt_setup_tc() (bnc#1038583).
   - bnxt_en: Fix SRIOV on big-endian architecture (bsc#1053309).
   - bnxt_en: Fix TX push operation on ARM64 (bnc#1038583).
   - bnxt_en: Fix "uninitialized variable" bug in TPA code path (bnc#1038583).
   - bnxt_en: Fix VF virtual link state (bnc#1038583).
   - bnxt_en: Fix xmit_more with BQL (bsc#1053309).
   - bnxt_en: Free MSIX vectors when unregistering the device from bnxt_re
     (bsc#1020412 FATE#321671).
   - bnxt_en: Implement ndo_bridge_{get|set}link methods (bsc#1053309).
   - bnxt_en: Implement xmit_more (bsc#1053309).
   - bnxt_en: initialize rc to zero to avoid returning garbage (bnc#1038583).
   - bnxt_en: Optimize doorbell write operations for newer chips
     (bsc#1053309).
   - bnxt_en: Pad TX packets below 52 bytes (bnc#1038583).
   - bnxt_en: Pass in sh parameter to bnxt_set_dflt_rings() (bsc#1053309).
   - bnxt_en: Refactor TPA code path (bnc#1038583).
   - bnxt_en: Report firmware DCBX agent (bsc#1053309).
   - bnxt_en: Retrieve the hardware bridge mode from the firmware
     (bsc#1053309).
   - bnxt_en: Set ETS min_bw parameter for older firmware (bsc#1053309).
   - bnxt_en: Support for Short Firmware Message (bsc#1053309).
   - bnxt_en: Update firmware interface spec to 1.8.0 (bsc#1053309).
   - bnxt: fix unsigned comparsion with 0 (bsc#1053309).
   - bnxt: fix unused variable warnings (bsc#1053309).
   - bnxt_re: Do not issue cmd to delete GID for QP1 GID entry before the QP
     is destroyed (bsc#1056596).
   - bnxt_re: Fix compare and swap atomic operands (bsc#1056596).
   - bnxt_re: Fix memory leak in FRMR path (bsc#1056596).
   - bnxt_re: Fix race between the netdev register and unregister events
     (bsc#1037579).
   - bnxt_re: Fix update of qplib_qp.mtu when modified (bsc#1056596).
   - bnxt_re: Free up devices in module_exit path (bsc#1056596).
   - bnxt_re: Remove RTNL lock dependency in bnxt_re_query_port (bsc#1056596).
   - bnxt_re: Stop issuing further cmds to FW once a cmd times out
     (bsc#1056596).
   - brcmfmac: setup passive scan if requested by user-space (bnc#1012382).
   - bridge: netlink: register netdevice before executing changelink
     (bnc#1012382).
   - bsg-lib: do not free job in bsg_prepare_job (bnc#1012382).
   - btrfs: change how we decide to commit transactions during flushing
     (bsc#1060197).
   - btrfs: fix early ENOSPC due to delalloc (bsc#1049226).
   - btrfs: fix NULL pointer dereference from free_reloc_roots()
     (bnc#1012382).
   - btrfs: nowait aio: Correct assignment of pos (FATE#321994).
   - btrfs: nowait aio support (FATE#321994).
   - btrfs: prevent to set invalid default subvolid (bnc#1012382).
   - btrfs: propagate error to btrfs_cmp_data_prepare caller (bnc#1012382).
   - btrfs: qgroup: move noisy underflow warning to debugging build
     (bsc#1055755).
   - ceph: avoid accessing freeing inode in ceph_check_delayed_caps()
     (bsc#1048228).
   - ceph: avoid invalid memory dereference in the middle of umount
     (bsc#1048228).
   - ceph: avoid panic in create_session_open_msg() if utsname() returns NULL
     (bsc#1061451).
   - ceph: check negative offsets in ceph_llseek() (bsc#1061451).
   - ceph: cleanup writepage_nounlock() (bsc#1048228).
   - ceph: do not re-send interrupted flock request (bsc#1048228).
   - ceph: fix message order check in handle_cap_export() (bsc#1061451).
   - ceph: fix NULL pointer dereference in ceph_flush_snaps() (bsc#1061451).
   - ceph: fix readpage from fscache (bsc#1057015).
   - ceph: getattr before read on ceph.* xattrs (bsc#1048228).
   - ceph: handle epoch barriers in cap messages (bsc#1048228).
   - ceph: limit osd read size to CEPH_MSG_MAX_DATA_LEN (bsc#1061451).
   - ceph: limit osd write size (bsc#1061451).
   - ceph: new mount option that specifies fscache uniquifier (bsc#1048228).
   - ceph: redirty page when writepage_nounlock() skips unwritable page
     (bsc#1048228).
   - ceph: remove special ack vs commit behavior (bsc#1048228).
   - ceph: remove useless page->mapping check in writepage_nounlock()
     (bsc#1048228).
   - ceph: re-request max size after importing caps (bsc#1048228).
   - ceph: stop on-going cached readdir if mds revokes FILE_SHARED cap
     (bsc#1061451).
   - ceph: update ceph_dentry_info::lease_session when necessary
     (bsc#1048228).
   - ceph: update the 'approaching max_size' code (bsc#1048228).
   - ceph: validate correctness of some mount options (bsc#1061451).
   - ceph: when seeing write errors on an inode, switch to sync writes
     (bsc#1048228).
   - cifs: add build_path_from_dentry_optional_prefix() (fate#323482).
   - cifs: add use_ipc flag to SMB2_ioctl() (fate#323482).
   - cifs: Fix maximum SMB2 header size (bsc#1056185).
   - cifs: Fix SMB3.1.1 guest authentication to Samba (bnc#1012382).
   - cifs: Fix sparse warnings (fate#323482).
   - cifs: implement get_dfs_refer for SMB2+ (fate#323482).
   - cifs: let ses->ipc_tid hold smb2 TreeIds (fate#323482).
   - cifs: move DFS response parsing out of SMB1 code (fate#323482).
   - cifs: release auth_key.response for reconnect (bnc#1012382).
   - cifs: remove any preceding delimiter from prefix_path (fate#323482).
   - cifs: set signing flag in SMB2+ TreeConnect if needed (fate#323482).
   - cifs: use DFS pathnames in SMB2+ Create requests (fate#323482).
   - clocksource/drivers/arm_arch_timer: Fix mem frame loop initialization
     (bsc#1055709).
   - cpufreq: intel_pstate: Disable energy efficiency optimization
     (bsc#1054654).
   - crush: assume weight_set != null imples weight_set_size > 0
     (bsc#1048228).
   - crush: crush_init_workspace starts with struct crush_work (bsc#1048228).
   - crush: implement weight and id overrides for straw2 (bsc#1048228).
   - crush: remove an obsolete comment (bsc#1048228).
   - crypto: AF_ALG - remove SGL terminator indicator when chaining
     (bnc#1012382).
   - crypto: chcr - Add ctr mode and process large sg entries for cipher
     (bsc#1048325).
   - crypto: chcr - Avoid changing request structure (bsc#1048325).
   - crypto: chcr - Ensure Destination sg entry size less than 2k
     (bsc#1048325).
   - crypto: chcr - Fix fallback key setting (bsc#1048325).
   - crypto: chcr - Pass lcb bit setting to firmware (bsc#1048325).
   - crypto: chcr - Return correct error code (bsc#1048325).
   - crypto: talitos - Do not provide setkey for non hmac hashing algs
     (bnc#1012382).
   - crypto: talitos - fix sha224 (bnc#1012382).
   - cxgb4: Fix stack out-of-bounds read due to wrong size to
     t4_record_mbox() (bsc#1021424 bsc#1022743).
   - cxgb4: update latest firmware version supported (bsc#1048327).
   - cxgbit: add missing __kfree_skb() (bsc#1052095).
   - cxgbit: fix sg_nents calculation (bsc#1052095).
   - cxl: Fix driver use count (bnc#1012382).
   - device-dax: fix cdev leak (bsc#1057047).
   - dmaengine: mmp-pdma: add number of requestors (bnc#1012382).
   - dmaengine: mv_xor_v2: do not use descriptors not acked by async_tx
     (bsc#1056849).
   - dmaengine: mv_xor_v2: enable XOR engine after its configuration
     (bsc#1056849).
   - dmaengine: mv_xor_v2: fix tx_submit() implementation (bsc#1056849).
   - dmaengine: mv_xor_v2: handle mv_xor_v2_prep_sw_desc() error properly
     (bsc#1056849).
   - dmaengine: mv_xor_v2: properly handle wrapping in the array of HW
     descriptors (bsc#1056849).
   - dmaengine: mv_xor_v2: remove interrupt coalescing (bsc#1056849).
   - dmaengine: mv_xor_v2: set DMA mask to 40 bits (bsc#1056849).
   - dm mpath: do not lock up a CPU with requeuing activity (bsc#1048912).
   - documentation: arm64: pmu: Add Broadcom Vulcan PMU binding (fate#319481).
   - driver-core: platform: Add platform_irq_count() (bsc#1062279).
   - driver core: platform: Do not read past the end of "driver_override"
     buffer (bnc#1012382).
   - drivers: base: cacheinfo: fix boot error message when acpi is enabled
     (bsc#1057849).
   - drivers: firmware: psci: drop duplicate const from psci_of_match
     (FATE#319482 bnc#1012382).
   - drivers: hv: fcopy: restore correct transfer length (bnc#1012382).
   - drivers: net: phy: xgene: Fix mdio write (bsc#1057383).
   - drivers: net: xgene: Fix wrong logical operation (bsc#1056827).
   - drivers/perf: arm_pmu_acpi: avoid perf IRQ init when guest PMU is off
     (bsc#1062279).
   - drivers/perf: arm_pmu_acpi: Release memory obtained by kasprintf
     (bsc#1062279).
   - drivers/perf: arm_pmu: add ACPI framework (bsc#1062279).
   - drivers/perf: arm_pmu: add common attr group fields (bsc#1062279).
   - drivers/perf: arm_pmu: Always consider IRQ0 as an error (bsc#1062279).
   - drivers/perf: arm_pmu: Avoid leaking pmu->irq_affinity on error
     (bsc#1062279).
   - drivers/perf: arm_pmu: avoid NULL dereference when not using devicetree
     (bsc#1062279).
   - drivers/perf: arm-pmu: convert arm_pmu_mutex to spinlock (bsc#1062279).
   - drivers/perf: arm_pmu: Defer the setting of __oprofile_cpu_pmu
     (bsc#1062279).
   - drivers/perf: arm_pmu: define armpmu_init_fn (bsc#1062279).
   - drivers/perf: arm_pmu: expose a cpumask in sysfs (bsc#1062279).
   - drivers/perf: arm_pmu: factor out pmu registration (bsc#1062279).
   - drivers/perf: arm-pmu: Fix handling of SPI lacking "interrupt-affinity"
     property (bsc#1062279).
   - drivers/perf: arm_pmu: Fix NULL pointer dereference during probe
     (bsc#1062279).
   - drivers/perf: arm-pmu: fix RCU usage on pmu resume from low-power
     (bsc#1062279).
   - drivers/perf: arm_pmu: Fix reference count of a device_node in
     of_pmu_irq_cfg (bsc#1062279).
   - drivers/perf: arm_pmu: fold init into alloc (bsc#1062279).
   - drivers/perf: arm_pmu: handle no platform_device (bsc#1062279).
   - drivers/perf: arm-pmu: Handle per-interrupt affinity mask (bsc#1062279).
   - drivers/perf: arm_pmu: implement CPU_PM notifier (bsc#1062279).
   - drivers/perf: arm_pmu: make info messages more verbose (bsc#1062279).
   - drivers/perf: arm_pmu: manage interrupts per-cpu (bsc#1062279).
   - drivers/perf: arm_pmu: move irq request/free into probe (bsc#1062279).
   - drivers/perf: arm_pmu: only use common attr_groups (bsc#1062279).
   - drivers/perf: arm_pmu: remove pointless PMU disabling (bsc#1062279).
   - drivers/perf: arm_pmu: rename irq request/free functions (bsc#1062279).
   - drivers/perf: arm_pmu: Request PMU SPIs with IRQF_PER_CPU (bsc#1062279).
   - drivers/perf: arm_pmu: rework per-cpu allocation (bsc#1062279).
   - drivers/perf: arm_pmu: simplify cpu_pmu_request_irqs() (bsc#1062279).
   - drivers/perf: arm_pmu: split cpu-local irq request/free (bsc#1062279).
   - drivers/perf: arm_pmu: split irq request from enable (bsc#1062279).
   - drivers/perf: arm_pmu: split out platform device probe logic
     (bsc#1062279).
   - drivers/perf: kill armpmu_register (bsc#1062279).
   - drm: Add driver-private objects to atomic state (bsc#1055493).
   - drm/amdkfd: fix improper return value on error (bnc#1012382).
   - drm: bridge: add DT bindings for TI ths8135 (bnc#1012382).
   - drm/dp: Introduce MST topology state to track available link bandwidth
     (bsc#1055493).
   - drm_fourcc: Fix DRM_FORMAT_MOD_LINEAR #define (bnc#1012382).
   - drm/i915/bios: ignore HDMI on port A (bnc#1012382).
   - drm/vmwgfx: Limit max desktop dimensions to 8Kx8K (bsc#1048155).
   - e1000e: use disable_hardirq() also for MSIX vectors in e1000_netpoll()
     (bsc#1022912 FATE#321246).
   - edac, sb_edac: Assign EDAC memory controller per h/w controller
     (bsc#1061721).
   - edac, sb_edac: Avoid creating SOCK memory controller (bsc#1061721).
   - edac, sb_edac: Bump driver version and do some cleanups (bsc#1061721).
   - edac, sb_edac: Carve out dimm-populating loop (bsc#1061721).
   - edac, sb_edac: Check if ECC enabled when at least one DIMM is present
     (bsc#1061721).
   - edac, sb_edac: Classify memory mirroring modes (bsc#1061721).
   - edac, sb_edac: Classify PCI-IDs by topology (bsc#1061721).
   - edac, sb_edac: Do not create a second memory controller if HA1 is not
     present (bsc#1061721).
   - edac, sb_edac: Do not use "Socket#" in the memory controller name
     (bsc#1061721).
   - edac, sb_edac: Drop NUM_CHANNELS from 8 back to 4 (bsc#1061721).
   - edac, sb_edac: Fix mod_name (bsc#1061721).
   - edac, sb_edac: Get rid of ->show_interleave_mode() (bsc#1061721).
   - edac, sb_edac: Remove double buffering of error records (bsc#1061721).
   - edac, sb_edac: Remove NULL pointer check on array pci_tad (bsc#1061721).
   - edac, skx_edac: Handle systems with segmented PCI busses (bsc#1063102).
   - edac, thunderx: Fix a warning during l2c debugfs node creation
     (bsc#1057038).
   - edac, thunderx: Fix error handling path in thunderx_lmc_probe()
     (bsc#1057038).
   - efi/fb: Avoid reconfiguration of BAR that covers the framebuffer
     (bsc#1051987).
   - efi/fb: Correct PCI_STD_RESOURCE_END usage (bsc#1051987).
   - ext4: do not allow encrypted operations without keys (bnc#1012382).
   - ext4: fix incorrect quotaoff if the quota feature is enabled
     (bnc#1012382).
   - ext4: fix quota inconsistency during orphan cleanup for read-only mounts
     (bnc#1012382).
   - ext4: nowait aio support (FATE#321994).
   - extcon: axp288: Use vbus-valid instead of -present to determine cable
     presence (bnc#1012382).
   - exynos-gsc: Do not swap cb/cr for semi planar formats (bnc#1012382).
   - f2fs: check hot_data for roll-forward recovery (bnc#1012382).
   - fix flags ordering (bsc#1034075 comment 131)
   - Fix mpage_writepage() for pages with buffers (bsc#1050471).
   - fix whitespace according to upstream commit
   - fix xen_swiotlb_dma_mmap prototype (bnc#1012382).
   - fs/epoll: cache leftmost node (bsc#1056427).
   - fs: Introduce filemap_range_has_page() (FATE#321994).
   - fs: Introduce RWF_NOWAIT and FMODE_AIO_NOWAIT (FATE#321994).
   - fs/mpage.c: fix mpage_writepage() for pages with buffers (bsc#1050471).
     Update to version in mainline
   - fs/proc: kcore: use kcore_list type to check for vmalloc/module address
     (bsc#1046529).
   - fs: return if direct I/O will trigger writeback (FATE#321994).
   - fs: Separate out kiocb flags setup based on RWF_* flags (FATE#321994).
   - fs: Use RWF_* flags for AIO operations (FATE#321994).
   - ftrace: Fix kmemleak in unregister_ftrace_graph (bnc#1012382).
   - ftrace: Fix memleak when unregistering dynamic ops when tracing disabled
     (bnc#1012382).
   - ftrace: Fix selftest goto location on error (bnc#1012382).
   - genirq: Fix for_each_action_of_desc() macro (bsc#1061064).
   - getcwd: Close race with d_move called by lustre (bsc#1052593).
   - gfs2: Do not clear SGID when inheriting ACLs (bsc#1012829).
   - gfs2: Fix debugfs glocks dump (bnc#1012382).
   - gfs2: Fix reference to ERR_PTR in gfs2_glock_iter_next (bnc#1012382).
   - gianfar: Fix Tx flow control deactivation (bnc#1012382).
   - hid: i2c-hid: allocate hid buffers for real worst case (bnc#1012382).
   - Hid: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch
     (bnc#1022967).
   - hwmon: (gl520sm) Fix overflows and crash seen when writing into limit
     attributes (bnc#1012382).
   - i2c: designware: Add ACPI HID for Hisilicon Hip07/08 I2C controller
     (bsc#1049291).
   - i2c: designware: Convert to use unified device property API
     (bsc#1049291).
   - i2c: meson: fix wrong variable usage in meson_i2c_put_data (bnc#1012382).
   - i2c: xgene: Set ACPI_COMPANION_I2C (bsc#1053633).
   - i2c: xgene-slimpro: Add ACPI support by using PCC mailbox (bsc#1053633).
   - i2c: xgene-slimpro: include linux/io.h for memremap (bsc#1053633).
   - i2c: xgene-slimpro: Use a single function to send command message
     (bsc#1053633).
   - i40e/i40evf: fix out-of-bounds read of cpumask (bsc#1053685).
   - i40e: Initialize 64-bit statistics TX ring seqcount (bsc#1024346
     FATE#321239 bsc#1024373 FATE#321247).
   - i40iw: Add missing memory barriers (bsc#969476 FATE#319648 bsc#969477
     FATE#319816).
   - i40iw: Fix port number for query QP (bsc#969476 FATE#319648 bsc#969477
     FATE#319816).
   - ib/core: Add generic function to extract IB speed from netdev
     (bsc#1056596).
   - ib/core: Add ordered workqueue for RoCE GID management (bsc#1056596).
   - ib/core: Fix for core panic (bsc#1022595 FATE#322350).
   - ib/core: Fix the validations of a multicast LID in attach or detach
     operations (bsc#1022595 FATE#322350).
   - ib/hns: checking for IS_ERR() instead of NULL (bsc#1056849).
   - ib/i40iw: Fix error code in i40iw_create_cq() (bsc#969476 FATE#319648
     bsc#969477 FATE#319816).
   - ib/ipoib: Fix deadlock over vlan_mutex (bnc#1012382 bsc#1022595
     FATE#322350).
   - ib/ipoib: Replace list_del of the neigh->list with list_del_init
     (FATE#322350 bnc#1012382 bsc#1022595).
   - ib/ipoib: rtnl_unlock can not come after free_netdev (FATE#322350
     bnc#1012382 bsc#1022595).
   - ib/mlx5: Change logic for dispatching IB events for port state
     (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
   - ib/mlx5: Fix cached MR allocation flow (bsc#1015342 FATE#321688
     bsc#1015343 FATE#321689).
   - ib/mlx5: Fix Raw Packet QP event handler assignment (bsc#966170
     FATE#320225 bsc#966172 FATE#320226).
   - ibmvnic: Clean up resources on probe failure (fate#323285, bsc#1058116).
   - ibmvnic: Set state UP (bsc#1062962).
   - ib/qib: fix false-postive maybe-uninitialized warning (FATE#321231
     FATE#321473 FATE#322149 FATE#322153 bnc#1012382).
   - ib/rxe: Add dst_clone() in prepare_ipv6_hdr() (bsc#1049361).
   - ib/rxe: Avoid ICRC errors by copying into the skb first (bsc#1049361).
   - ib/rxe: Disable completion upcalls when a CQ is destroyed (bsc#1049361).
   - ib/rxe: Fix destination cache for IPv6 (bsc#1049361).
   - ib/rxe: Fix up rxe_qp_cleanup() (bsc#1049361).
   - ib/rxe: Fix up the responder's find_resources() function (bsc#1049361).
   - ib/rxe: Handle NETDEV_CHANGE events (bsc#1049361).
   - ib/rxe: Move refcounting earlier in rxe_send() (bsc#1049361).
   - ib/rxe: Remove dangling prototype (bsc#1049361).
   - ib/rxe: Remove unneeded initialization in prepare6() (bsc#1049361).
   - ib/rxe: Set dma_mask and coherent_dma_mask (bsc#1049361).
   - igb: re-assign hw address pointer on reset after PCI error (bnc#1012382).
   - iio: ad7793: Fix the serial interface reset (bnc#1012382).
   - iio: adc: axp288: Drop bogus AXP288_ADC_TS_PIN_CTRL register
     modifications (bnc#1012382).
   - iio: adc: hx711: Add DT binding for avia,hx711 (bnc#1012382).
   - iio: adc: mcp320x: Fix oops on module unload (bnc#1012382).
   - iio: adc: mcp320x: Fix readout of negative voltages (bnc#1012382).
   - iio: adc: twl4030: Disable the vusb3v1 rugulator in the error handling
     path of 'twl4030_madc_probe()' (bnc#1012382).
   - iio: adc: twl4030: Fix an error handling path in 'twl4030_madc_probe()'
     (bnc#1012382).
   - iio: ad_sigma_delta: Implement a dedicated reset function (bnc#1012382).
   - iio: core: Return error for failed read_reg (bnc#1012382).
   - input: i8042 - add Gigabyte P57 to the keyboard reset table
     (bnc#1012382).
   - iommu/arm-smmu-v3, acpi: Add temporary Cavium SMMU-V3 IORT model number
     definitions (bsc#1036060).
   - iommu/arm-smmu-v3: Increase CMDQ drain timeout value (bsc#1035479).
     Refresh patch to mainline version
   - iommu/io-pgtable-arm: Check for leaf entry before dereferencing it
     (bnc#1012382).
   - iommu/vt-d: Avoid calling virt_to_phys() on null pointer (bsc#1061067).
   - ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
     (bnc#1012382).
   - ipv6: add rcu grace period before freeing fib6_node (bnc#1012382).
   - ipv6: fix memory leak with multiple tables during netns destruction
     (bnc#1012382).
   - ipv6: fix sparse warning on rt6i_node (bnc#1012382).
   - ipv6: fix typo in fib6_net_exit() (bnc#1012382).
   - irqchip/gic-v3-its: Fix command buffer allocation (bsc#1057067).
   - iscsi-target: fix invalid flags in text response (bsc#1052095).
   - iw_cxgb4: put ep reference in pass_accept_req() (FATE#321658 bsc#1005778
     FATE#321660 bsc#1005780 FATE#321661 bsc#1005781).
   - iwlwifi: add workaround to disable wide channels in 5GHz (bnc#1012382).
   - iwlwifi: mvm: do not send CTDP commands via debugfs if not supported
     (bsc#1031717).
   - kabi: arm64: compatibility workaround for lse atomics (bsc#1055290).
   - kabi fix drivers/nvme/target/nvmet.h (bsc#1058550).
   - KABI fixup struct nvmet_sq (bsc#1063349).
   - kABI: protect enum fs_flow_table_type (bsc#1015342 FATE#321688
     bsc#1015343 FATE#321689).
   - kABI: protect enum pid_type (kabi).
   - kABI: protect struct iscsi_np (kabi).
   - kABI: protect struct mlx5_priv (bsc#1015342 FATE#321688 bsc#1015343
     FATE#321689).
   - kABI: protect struct rm_data_op (kabi).
   - kABI: protect struct sdio_func (kabi).
   - kabi/severities: add fs/ceph to kabi severities (bsc#1048228).
   - kabi/severities: Ignore drivers/scsi/cxgbi (bsc#1052094)
   - kabi/severities: Ignore kABI changes due to last patchset (bnc#1053472)
   - kabi/severities: ignore nfs_pgio_data_destroy
   - kABI: uninline task_tgid_nr_nr (kabi).
   - kABI: Workaround kABI breakage of AMD-AVIC fixes (bsc#1044503).
   - kernel/*: switch to memdup_user_nul() (bsc#1048893).
   - kernel/sysctl_binary.c: check name array length in
     deprecated_sysctl_warning() (FATE#323821).
   - keys: fix writing past end of user-supplied buffer in keyring_read()
     (bnc#1012382).
   - keys: prevent creating a different user's keyrings (bnc#1012382).
   - keys: prevent KEYCTL_READ on negative key (bnc#1012382).
   - kvm: Add struct kvm_vcpu pointer parameter to get_enable_apicv()
     (bsc#1044503).
   - kvm: arm64: Restore host physical timer access on hyp_panic()
     (bsc#1054082).
   - kvm: arm/arm64: Fix bug in advertising KVM_CAP_MSI_DEVID capability
     (bsc#1054082).
   - kvm: async_pf: Fix #DF due to inject "Page not Present" and "Page Ready"
     exceptions simultaneously (bsc#1061017).
   - kvm, pkeys: do not use PKRU value in vcpu->arch.guest_fpu.state
     (bsc#1055935).
   - kvm: PPC: Book3S: Fix race and leak in kvm_vm_ioctl_create_spapr_tce()
     (bnc#1012382).
   - kvm: SVM: Add a missing 'break' statement (bsc#1061017).
   - kvm: SVM: Add irqchip_split() checks before enabling AVIC (bsc#1044503).
   - kvm: SVM: delete avic_vm_id_bitmap (2 megabyte static array)
     (bsc#1059500).
   - kvm: SVM: Refactor AVIC vcpu initialization into avic_init_vcpu()
     (bsc#1044503).
   - kvm: VMX: do not change SN bit in vmx_update_pi_irte() (bsc#1061017).
   - kvm: VMX: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt
     (bsc#1061017).
   - kvm: VMX: use cmpxchg64 (bnc#1012382).
   - kvm: x86: block guest protection keys unless the host has them enabled
     (bsc#1055935).
   - kvm: x86: kABI workaround for PKRU fixes (bsc#1055935).
   - kvm: x86: simplify handling of PKRU (bsc#1055935).
   - libata: transport: Remove circular dependency at free time (bnc#1012382).
   - libceph: abort already submitted but abortable requests when map or pool
     goes full (bsc#1048228).
   - libceph: add an epoch_barrier field to struct ceph_osd_client
     (bsc#1048228).
   - libceph: advertise support for NEW_OSDOP_ENCODING and SERVER_LUMINOUS
     (bsc#1048228).
   - libceph: advertise support for OSD_POOLRESEND (bsc#1048228).
   - libceph: allow requests to return immediately on full conditions if
     caller wishes (bsc#1048228).
   - libceph: always populate t->target_{oid,oloc} in calc_target()
     (bsc#1048228).
   - libceph: always signal completion when done (bsc#1048228).
   - libceph: apply_upmap() (bsc#1048228).
   - libceph: avoid unnecessary pi lookups in calc_target() (bsc#1048228).
   - libceph: ceph_connection_operations::reencode_message() method
     (bsc#1048228).
   - libceph: ceph_decode_skip_* helpers (bsc#1048228).
   - libceph: compute actual pgid in ceph_pg_to_up_acting_osds()
     (bsc#1048228).
   - libceph, crush: per-pool crush_choose_arg_map for crush_do_rule()
     (bsc#1048228).
   - libceph: delete from need_resend_linger before check_linger_pool_dne()
     (bsc#1048228).
   - libceph: do not allow bidirectional swap of pg-upmap-items (bsc#1061451).
   - libceph: do not call encode_request_finish() on MOSDBackoff messages
     (bsc#1048228).
   - libceph: do not call ->reencode_message() more than once per message
     (bsc#1048228).
   - libceph: do not pass pgid by value (bsc#1048228).
   - libceph: drop need_resend from calc_target() (bsc#1048228).
   - libceph: encode_{pgid,oloc}() helpers (bsc#1048228).
   - libceph: fallback for when there isn't a pool-specific choose_arg
     (bsc#1048228).
   - libceph: fix old style declaration warnings (bsc#1048228).
   - libceph: foldreq->last_force_resend into ceph_osd_request_target
     (bsc#1048228).
   - libceph: get rid of ack vs commit (bsc#1048228).
   - libceph: handle non-empty dest in ceph_{oloc,oid}_copy() (bsc#1048228).
   - libceph: initialize last_linger_id with a large integer (bsc#1048228).
   - libceph: introduce and switch to decode_pg_mapping() (bsc#1048228).
   - libceph: introduce ceph_spg, ceph_pg_to_primary_shard() (bsc#1048228).
   - libceph: kill __{insert,lookup,remove}_pg_mapping() (bsc#1048228).
   - libceph: make DEFINE_RB_* helpers more general (bsc#1048228).
   - libceph: make encode_request_*() work with r_mempool requests
     (bsc#1048228).
   - libceph: make RECOVERY_DELETES feature create a new interval
     (bsc#1048228).
   - libceph: make sure need_resend targets reflect latest map (bsc#1048228).
   - libceph: MOSDOp v8 encoding (actual spgid + full hash) (bsc#1048228).
   - libceph: new features macros (bsc#1048228).
   - libceph: new pi->last_force_request_resend (bsc#1048228).
   - libceph: NULL deref on osdmap_apply_incremental() error path
     (bsc#1048228).
   - libceph: osd_request_timeout option (bsc#1048228).
   - libceph: osd_state is 32 bits wide in luminous (bsc#1048228).
   - libceph: pg_upmap[_items] infrastructure (bsc#1048228).
   - libceph: pool deletion detection (bsc#1048228).
   - libceph: potential NULL dereference in ceph_msg_data_create()
     (bsc#1048228).
   - libceph: remove ceph_sanitize_features() workaround (bsc#1048228).
   - libceph: remove now unused finish_request() wrapper (bsc#1048228).
   - libceph: remove req->r_replay_version (bsc#1048228).
   - libceph: resend on PG splits if OSD has RESEND_ON_SPLIT (bsc#1048228).
   - libceph: respect RADOS_BACKOFF backoffs (bsc#1048228).
   - libceph: set -EINVAL in one place in crush_decode() (bsc#1048228).
   - libceph: support SERVER_JEWEL feature bits (bsc#1048228).
   - libceph: take osdc->lock in osdmap_show() and dump flags in hex
     (bsc#1048228).
   - libceph: upmap semantic changes (bsc#1048228).
   - libceph: use alloc_pg_mapping() in __decode_pg_upmap_items()
     (bsc#1048228).
   - libceph: use target pi for calc_target() calculations (bsc#1048228).
   - lib: test_rhashtable: fix for large entry counts (bsc#1055359).
   - lib: test_rhashtable: Fix KASAN warning (bsc#1055359).
   - lightnvm: remove unused rq parameter of nvme_nvm_rqtocmd() to kill
     warning (FATE#319466).
   - locking/rwsem: Fix down_write_killable() for
     CONFIG_RWSEM_GENERIC_SPINLOCK=y (bsc#969756).
   - locking/rwsem-spinlock: Fix EINTR branch in __down_write_common()
     (bsc#969756).
   - lpfc: Add Buffer to Buffer credit recovery support (bsc#1052384).
   - lpfc: convert info messages to standard messages (bsc#1052384).
   - lpfc: Correct issues with FAWWN and FDISCs (bsc#1052384).
   - lpfc: Correct return error codes to align with nvme_fc transport
     (bsc#1052384).
   - lpfc: Fix bad sgl reposting after 2nd adapter reset (bsc#1052384).
   - lpfc: Fix crash in lpfc nvmet when fc port is reset (bsc#1052384).
   - lpfc: Fix duplicate NVME rport entries and namespaces (bsc#1052384).
   - lpfc: Fix handling of FCP and NVME FC4 types in Pt2Pt topology
     (bsc#1052384).
   - lpfc: fix "integer constant too large" error on 32bit archs
     (bsc#1052384).
   - lpfc: Fix loop mode target discovery (bsc#1052384).
   - lpfc: Fix MRQ > 1 context list handling (bsc#1052384).
   - lpfc: Fix NVME PRLI handling during RSCN (bsc#1052384).
   - lpfc: Fix nvme target failure after 2nd adapter reset (bsc#1052384).
   - lpfc: Fix oops when NVME Target is discovered in a nonNVME environment
     (bsc#1052384).
   - lpfc: Fix plogi collision that causes illegal state transition
     (bsc#1052384).
   - lpfc: Fix rediscovery on switch blade pull (bsc#1052384).
   - lpfc: Fix relative offset error on large nvmet target ios (bsc#1052384).
   - lpfc: fixup crash during storage failover operations (bsc#1042847).
   - lpfc: Limit amount of work processed in IRQ (bsc#1052384).
   - lpfc: lpfc version bump 11.4.0.3 (bsc#1052384).
   - lpfc: remove console log clutter (bsc#1052384).
   - lpfc: support nvmet_fc defer_rcv callback (bsc#1052384).
   - lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
     (bnc#1012382).
   - mac80211: flush hw_roc_start work before cancelling the ROC
     (bnc#1012382).
   - md/bitmap: disable bitmap_resize for file-backed bitmaps (bsc#1061172).
   - md/raid10: submit bio directly to replacement disk (bnc#1012382).
   - md/raid5: fix a race condition in stripe batch (linux-stable).
   - md/raid5: preserve STRIPE_ON_UNPLUG_LIST in break_stripe_batch_list
     (bnc#1012382).
   - md/raid5: release/flush io in raid5_do_work() (bnc#1012382).
   - media: uvcvideo: Prevent heap overflow when accessing mapped controls
     (bnc#1012382).
   - media: v4l2-compat-ioctl32: Fix timespec conversion (bnc#1012382).
   - megaraid_sas: Fix probing cards without io port (bsc#1053681).
   - mips: Ensure bss section ends on a long-aligned address (bnc#1012382).
   - mips: Fix minimum alignment requirement of IRQ stack (git-fixes).
   - mips: IRQ Stack: Unwind IRQ stack onto task stack (bnc#1012382).
   - mips: Lantiq: Fix another request_mem_region() return code check
     (bnc#1012382).
   - mips: math-emu: <MAXA|MINA>.<D|S>: Fix cases of both infinite inputs
     (bnc#1012382).
   - mips: math-emu: <MAXA|MINA>.<D|S>: Fix cases of input values with
     opposite signs (bnc#1012382).
   - mips: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix cases of both inputs zero
     (bnc#1012382).
   - mips: math-emu: <MAX|MAXA|MIN|MINA>.<D|S>: Fix quiet NaN propagation
     (bnc#1012382).
   - mips: math-emu: <MAX|MIN>.<D|S>: Fix cases of both inputs negative
     (bnc#1012382).
   - mips: math-emu: MINA.<D|S>: Fix some cases of infinity and zero inputs
     (bnc#1012382).
   - mips: ralink: Fix incorrect assignment on ralink_soc (bnc#1012382).
   - mlx5: Avoid that mlx5_ib_sg_to_klms() overflows the klms array
     (bsc#966170 FATE#320225 bsc#966172 FATE#320226).
   - mm: avoid marking swap cached page as lazyfree (VM Functionality,
     bsc#1061775).
   - mm/backing-dev.c: fix an error handling path in 'cgwb_create()'
     (bnc#1063475).
   - mmc: mmc: correct the logic for setting HS400ES signal voltage
     (bsc#1054082).
   - mm,compaction: serialize waitqueue_active() checks (for real)
     (bsc#971975).
   - mmc: sdhci-xenon: add set_power callback (bsc#1057035).
   - mmc: sdhci-xenon: Fix the work flow in xenon_remove() (bsc#1057035).
   - mmc: sdio: fix alignment issue in struct sdio_func (bnc#1012382).
   - mm: discard memblock data later (bnc#1063460).
   - mm: fix data corruption caused by lazyfree page (VM Functionality,
     bsc#1061775).
   - mm, madvise: ensure poisoned pages are removed from per-cpu lists (VM hw
     poison -- git fixes).
   - mm/memblock.c: reversed logic in memblock_discard() (bnc#1063460).
   - mm: meminit: mark init_reserved_page as __meminit (bnc#1063509).
   - mm/memory_hotplug: change pfn_to_section_nr/section_nr_to_pfn macro to
     inline function (bnc#1063501).
   - mm/memory_hotplug: define find_{smallest|biggest}_section_pfn as
     unsigned long (bnc#1063520).
   - mm/page_alloc.c: apply gfp_allowed_mask before the first allocation
     attempt (bnc#971975 VM -- git fixes).
   - mm: prevent double decrease of nr_reserved_highatomic (bnc#1012382).
   - mm/vmalloc.c: huge-vmap: fail gracefully on unexpected huge vmap
     mappings (bsc#1046529).
   - mptsas: Fixup device hotplug for VMWare ESXi (bsc#1030850).
   - net: core: Prevent from dereferencing null pointer when releasing SKB
     (bnc#1012382).
   - net: ethernet: hip04: Call SET_NETDEV_DEV() (bsc#1049336).
   - netfilter: fix IS_ERR_VALUE usage (bsc#1052888).
   - netfilter: invoke synchronize_rcu after set the _hook_ to NULL
     (bnc#1012382).
   - netfilter: nfnl_cthelper: fix incorrect helper->expect_class_max
     (bnc#1012382).
   - netfilter: x_tables: pack percpu counter allocations (bsc#1052888).
   - netfilter: x_tables: pass xt_counters struct instead of packet counter
     (bsc#1052888).
   - netfilter: x_tables: pass xt_counters struct to counter allocator
     (bsc#1052888).
   - net: hns: add acpi function of xge led control (bsc#1049336).
   - net: hns: Fix a skb used after free bug (bsc#1049336).
   - net/mlx4_core: Enable 4K UAR if SRIOV module parameter is not enabled
     (bsc#966191 FATE#320230 bsc#966186 FATE#320228).
   - net/mlx5: Check device capability for maximum flow counters (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5: Delay events till ib registration ends (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Check for qos capability in dcbnl_initialize (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Do not add/remove 802.1ad rules when changing 802.1Q VLAN
     filter (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Fix calculated checksum offloads counters (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Fix dangling page pointer on DMA mapping error (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Fix DCB_CAP_ATTR_DCBX capability for DCBNL getcap
     (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Fix inline header size for small packets (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Print netdev features correctly in error message (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5e: Schedule overflow check work to mlx5e workqueue (bsc#966170
     FATE#320225 bsc#966172 FATE#320226).
   - net/mlx5: E-Switch, Unload the representors in the correct order
     (bsc#1015342 FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5: Fix arm SRQ command for ISSI version 0 (bsc#1015342
     FATE#321688 bsc#1015343 FATE#321689).
   - net/mlx5: Fix command completion after timeout access invalid structure
     (bsc#966318 FATE#320158 bsc#966316 FATE#320159).
   - net/mlx5: Fix counter list hardware structure (bsc#1015342 FATE#321688
     bsc#1015343 FATE#321689).
   - net/mlx5: Remove the flag MLX5_INTERFACE_STATE_SHUTDOWN (bsc#966170
     FATE#320225 bsc#966172 FATE#320226).
   - net/mlx5: Skip mlx5_unload_one if mlx5_load_one fails (bsc#966170
     FATE#320225 bsc#966172 FATE#320226).
   - net: mvpp2: fix the mac address used when using PPv2.2 (bsc#1032150).
   - net: mvpp2: use {get, put}_cpu() instead of smp_processor_id()
     (bsc#1032150).
   - net/packet: check length in getsockopt() called with PACKET_HDRLEN
     (bnc#1012382).
   - net: phy: Fix lack of reference count on PHY driver (bsc#1049336).
   - net: phy: Fix PHY module checks and NULL deref in phy_attach_direct()
     (bsc#1049336).
   - netvsc: Initialize 64-bit stats seqcount (fate#320485).
   - new helper: memdup_user_nul() (bsc#1048893).
   - nfsd: Fix general protection fault in release_lock_stateid()
     (bnc#1012382).
   - nfs: flush data when locking a file to ensure cache coherence for mmap
     (bsc#981309).
   - nvme: allow timed-out ios to retry (bsc#1063349).
   - nvme-fabrics: generate spec-compliant UUID NQNs (bsc#1057498).
   - nvme-fc: address target disconnect race conditions in fcp io submit
     (bsc#1052384).
   - nvme-fc: do not override opts->nr_io_queues (bsc#1052384).
   - nvme-fc: kABI fix for defer_rcv() callback (bsc#1052384).
   - nvme_fc/nvmet_fc: revise Create Association descriptor length
     (bsc#1052384).
   - nvme_fc: Reattach to localports on re-registration (bsc#1052384).
   - nvme-fc: revise TRADDR parsing (bsc#1052384).
   - nvme-fc: update tagset nr_hw_queues after queues reinit (bsc#1052384).
   - nvme-fc: use blk_mq_delay_run_hw_queue instead of open-coding it
     (bsc#1052384).
   - nvme: fix hostid parsing (bsc#1049272).
   - nvme: fix sqhd reference when admin queue connect fails (bsc#1063349).
   - nvme: fix visibility of "uuid" ns attribute (bsc#1060400).
   - nvme-loop: update tagset nr_hw_queues after reconnecting/resetting
     (bsc#1052384).
   - nvme: protect against simultaneous shutdown invocations (FATE#319965
     bnc#1012382 bsc#964944).
   - nvme-rdma: update tagset nr_hw_queues after reconnecting/resetting
     (bsc#1052384).
   - nvme: stop aer posting if controller state not live (bsc#1063349).
   - nvmet: avoid unneeded assignment of submit_bio return value
     (bsc#1052384).
   - nvmet_fc: Accept variable pad lengths on Create Association LS
     (bsc#1052384).
   - nvmet_fc: add defer_req callback for deferment of cmd buffer return
     (bsc#1052384).
   - nvmet-fc: correct use after free on list teardown (bsc#1052384).
   - nvmet-fc: eliminate incorrect static markers on local variables
     (bsc#1052384).
   - nvmet-fc: fix byte swapping in nvmet_fc_ls_create_association
     (bsc#1052384).
   - nvmet_fc: Simplify sg list handling (bsc#1052384).
   - nvmet: implement valid sqhd values in completions (bsc#1063349).
   - nvmet: Move serial number from controller to subsystem (bsc#1058550).
   - nvmet: prefix version configfs file with attr (bsc#1052384).
   - nvmet: preserve controller serial number between reboots (bsc#1058550).
   - nvmet: synchronize sqhd update (bsc#1063349).
   - nvme: use device_add_disk_with_groups() (bsc#1060400).
   - of: fix "/cpus" reference leak in of_numa_parse_cpu_nodes()
     (bsc#1056827).
   - ovl: fix dentry leak for default_permissions (bsc#1054084).
   - parisc: perf: Fix potential NULL pointer dereference (bnc#1012382).
   - partitions/efi: Fix integer overflow in GPT size calculation
     (FATE#322379 bnc#1012382 bsc#1020989).
   - pci: Allow PCI express root ports to find themselves (bsc#1061046).
   - pci: fix oops when try to find Root Port for a PCI device (bsc#1061046).
   - pci: Fix race condition with driver_override (bnc#1012382).
   - pci: Mark AMD Stoney GPU ATS as broken (bsc#1061046).
   - pci: rockchip: Handle regulator_get_current_limit() failure correctly
     (bsc#1056849).
   - pci: rockchip: Use normal register bank for config accessors
     (bsc#1056849).
   - pci: shpchp: Enable bridge bus mastering if MSI is enabled (bnc#1012382).
   - percpu_ref: allow operation mode switching operations to be called
     concurrently (bsc#1055096).
   - percpu_ref: remove unnecessary RCU grace period for staggered atomic
     switching confirmation (bsc#1055096).
   - percpu_ref: reorganize __percpu_ref_switch_to_atomic() and relocate
     percpu_ref_switch_to_atomic() (bsc#1055096).
   - percpu_ref: restructure operation mode switching (bsc#1055096).
   - percpu_ref: unify staggered atomic switching wait behavior (bsc#1055096).
   - perf: arm: acpi: remove cpu hotplug statemachine dependency
     (bsc#1062279).
   - perf: arm: platform: remove cpu hotplug statemachine dependency
     (bsc#1062279).
   - perf: arm: replace irq_get_percpu_devid_partition call (bsc#1062279).
   - perf: arm: temporary workaround for build errors (bsc#1062279).
   - perf: Convert to using %pOF instead of full_name (bsc#1062279).
   - perf/x86: Fix RDPMC vs. mm_struct tracking (bsc#1061831).
   - perf/x86: kABI Workaround for 'perf/x86: Fix RDPMC vs. mm_struct
     tracking' (bsc#1061831).
   - perf: xgene: Add APM X-Gene SoC Performance Monitoring Unit driver
     (bsc#1036737).
   - perf: xgene: Include module.h (bsc#1036737).
   - perf: xgene: Move PMU leaf functions into function pointer structure
     (bsc#1036737).
   - perf: xgene: Parse PMU subnode from the match table (bsc#1036737).
   - phy: Do not increment MDIO bus refcount unless it's a different owner
     (bsc#1049336).
   - phy: fix error case of phy_led_triggers_(un)register (bsc#1049336).
   - pm / Domains: Fix unsafe iteration over modified list of domains
     (bsc#1056849).
   - powerpc: Fix DAR reporting when alignment handler faults (bnc#1012382).
   - powerpc: Fix unused function warning 'lmb_to_memblock' (FATE#322022).
   - powerpc/perf: Cleanup of PM_BR_CMPL vs. PM_BRU_CMPL in Power9 event list
     (bsc#1056686, fate#321438, bsc#1047238, git-fixes 34922527a2bc).
   - powerpc/perf: Factor out PPMU_ONLY_COUNT_RUN check code from power8
     (fate#321438, bsc#1053043, git-fixes efe881afdd999).
   - powerpc/pseries: Add pseries hotplug workqueue (FATE#322022).
   - powerpc/pseries: Auto-online hotplugged memory (FATE#322022).
   - powerpc/pseries: Check memory device state before onlining/offlining
     (FATE#322022).
   - powerpc/pseries: Correct possible read beyond dlpar sysfs buffer
     (FATE#322022).
   - powerpc/pseries: Do not attempt to acquire drc during memory hot add for
     assigned lmbs (FATE#322022).
   - powerpc/pseries: Fix build break when MEMORY_HOTREMOVE=n (FATE#322022).
   - powerpc/pseries: fix memory leak in queue_hotplug_event() error path
     (FATE#322022).
   - powerpc/pseries: Fix parent_dn reference leak in add_dt_node()
     (bnc#1012382).
   - powerpc/pseries: Implement indexed-count hotplug memory add
     (FATE#322022).
   - powerpc/pseries: Implement indexed-count hotplug memory remove
     (FATE#322022).
   - powerpc/pseries: Introduce memory hotplug READD operation (FATE#322022).
   - powerpc/pseries: Make the acquire/release of the drc for memory a
     seperate step (FATE#322022).
   - powerpc/pseries: Remove call to memblock_add() (FATE#322022).
   - powerpc/pseries: Revert 'Auto-online hotplugged memory' (FATE#322022).
   - powerpc/pseries: Update affinity for memory and cpus specified in a PRRN
     event (FATE#322022).
   - powerpc/pseries: Use kernel hotplug queue for PowerVM hotplug events
     (FATE#322022).
   - powerpc/pseries: Use lmb_is_removable() to check removability
     (FATE#322022).
   - powerpc/pseries: Verify CPU does not exist before adding (FATE#322022).
   - qeth: add network device features for VLAN devices (bnc#1053472,
     LTC#157385).
   - qlge: avoid memcpy buffer overflow (bnc#1012382).
   - r8169: Add support for restarting auto-negotiation (bsc#1050742).
   - r8169:Correct the way of setting RTL8168DP ephy (bsc#1050742).
   - r8169:fix system hange problem (bsc#1050742).
   - r8169:Fix typo in setting RTL8168H PHY parameter (bsc#1050742).
   - r8169:Fix typo in setting RTL8168H PHY PFM mode (bsc#1050742).
   - r8169:Remove unnecessary phy reset for pcie nic when setting link spped
     (bsc#1050742).
   - r8169:Update the way of reading RTL8168H PHY register "rg_saw_cnt"
     (bsc#1050742).
   - rda=sRDMA: Fix the composite message user notification (bnc#1012382).
   - rdma/bnxt_re: Allocate multiple notification queues (bsc#1037579).
   - rdma/bnxt_re: Implement the alloc/get_hw_stats callback (bsc#1037579).
   - rdma: Fix return value check for ib_get_eth_speed() (bsc#1056596).
   - rdma/qedr: Parse VLAN ID correctly and ignore the value of zero
     (bsc#1019695 FATE#321703 bsc#1019699 FATE#321702 bsc#1022604
     FATE#321747).
   - rdma/qedr: Parse vlan priority as sl (bsc#1019695 FATE#321703
     bsc#1019699 FATE#321702 bsc#1022604 FATE#321747).
   - rds: ib: add error handle (bnc#1012382).
   - Remove patch
     0407-nvme_fc-change-failure-code-on-remoteport-connectivi.patch
     (bsc#1037838)
   - Remove superfluous hunk in bigmem backport (bsc#1064436).
   - Revert "ceph: SetPageError() for writeback pages if writepages fails"
     (bsc#1048228).
   - Revert "ipv6: add rcu grace period before freeing fib6_node" (kabi).
   - Revert "ipv6: fix sparse warning on rt6i_node" (kabi).
   - Revert "net: fix percpu memory leaks" (bnc#1012382).
   - Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"
     (bnc#1012382).
   - Revert "net: use lib/percpu_counter API for fragmentation mem
     accounting" (bnc#1012382).
   - Revert "Update
     patches.fixes/xfs-refactor-log-record-unpack-and-data-processing.patch
     (bsc#1043598, bsc#1036215)." This reverts commit
     54e17b011580b532415d2aee5e875c8cf0460df4.
   - Revert "x86/acpi: Enable MADT APIs to return disabled apicids"
     (bnc#1056230).
   - Revert "x86/acpi: Set persistent cpuid &lt;-&gt; nodeid mapping when
     booting" (bnc#1056230).
   - Revert "xfs: detect and handle invalid iclog size set by mkfs
     (bsc#1043598)." This reverts commit
     caf0b124b172568b3e39544cb9abfdaa7fb3d852.
   - Revert "xfs: detect and trim torn writes during log recovery
     (bsc#1036215)." This reverts commit
     a7a591776e8628a33f0223ca9a3f46c1e79bd908.
   - Revert "xfs: refactor and open code log record crc check (bsc#1036215)."
     This reverts commit 6aef5e1fee21246222618f2337c84d6093281561.
   - Revert "xfs: refactor log record start detection into a new helper
     (bsc#1036215)." This reverts commit
     a424c875bdc05dcf3bb0d1af740b644773091cf0.
   - Revert "xfs: return start block of first bad log record during recovery
     (bsc#1036215)." This reverts commit
     cb0ce8b2f1435d7ac9aaeb5d5709e73946d55bed.
   - Revert "xfs: support a crc verification only log record pass
     (bsc#1036215)." This reverts commit
     f5c0c41b1f3626750f1f0d76b6d71fac673854d2.
   - Rewrote KVM kABI fix patches for addressing regressions (bsc#1063570)
   - rtnetlink: fix rtnl_vfinfo_size (bsc#1056261).
   - s390/cpcmd,vmcp: avoid GFP_DMA allocations (bnc#1060249, LTC#159112).
   - s390/diag: add diag26c support (bnc#1053472, LTC#156729).
   - s390: export symbols for crash-kmp (bsc#1053915).
   - s390: Include uapi/linux/if_ether.h instead of linux/if_ether.h
     (bsc#1053472).
   - s390/pci: do not cleanup in arch_setup_msi_irqs (bnc#1053472,
     LTC#157731).
   - s390/pci: fix handling of PEC 306 (bnc#1053472, LTC#157731).
   - s390/pci: improve error handling during fmb (de)registration
     (bnc#1053472, LTC#157731).
   - s390/pci: improve error handling during interrupt deregistration
     (bnc#1053472, LTC#157731).
   - s390/pci: improve pci hotplug (bnc#1053472, LTC#157731).
   - s390/pci: improve unreg_ioat error handling (bnc#1053472, LTC#157731).
   - s390/pci: introduce clp_get_state (bnc#1053472, LTC#157731).
   - s390/pci: provide more debug information (bnc#1053472, LTC#157731).
   - s390/pci: recognize name clashes with uids (bnc#1053472, LTC#157731).
   - s390/qdio: avoid reschedule of outbound tasklet once killed
     (bnc#1060249, LTC#159885).
   - s390/qeth: no ETH header for outbound AF_IUCV (bnc#1053472, LTC#156276).
   - s390/qeth: size calculation outbound buffers (bnc#1053472, LTC#156276).
   - s390/qeth: use diag26c to get MAC address on L2 (bnc#1053472,
     LTC#156729).
   - s390/topology: alternative topology for topology-less machines
     (bnc#1060249, LTC#159177).
   - s390/topology: always use s390 specific sched_domain_topology_level
     (bnc#1060249, LTC#159177).
   - s390/topology: enable / disable topology dynamically (bnc#1060249,
     LTC#159177).
   - sched/cpuset/pm: Fix cpuset vs. suspend-resume bugs (bnc#1012382).
   - scsi: csiostor: add check for supported fw version (bsc#1005776).
   - scsi: csiostor: add support for Chelsio T6 adapters (bsc#1005776).
   - scsi: csiostor: fix use after free in csio_hw_use_fwconfig()
     (bsc#1005776).
   - scsi: csiostor: switch to pci_alloc_irq_vectors (bsc#1005776).
   - scsi: csiostor: update module version (bsc#1052093).
   - scsi: cxgb4i: assign rxqs in round robin mode (bsc#1052094).
   - scsi: fixup kernel warning during rmmod() (bsc#1052360).
   - scsi: hisi_sas: add missing break in switch statement (bsc#1056849).
   - scsi: ILLEGAL REQUEST + ASC==27 => target failure (bsc#1059465).
   - scsi: libfc: fix a deadlock in fc_rport_work (bsc#1063695).
   - scsi: lpfc: Ensure io aborts interlocked with the target (bsc#1056587).
   - scsi: megaraid_sas: Check valid aen class range to avoid kernel panic
     (bnc#1012382).
   - scsi: megaraid_sas: Return pended IOCTLs with cmd_status
     MFI_STAT_WRONG_STATE in case adapter is dead (bnc#1012382).
   - scsi: qedf: Fix a potential NULL pointer dereference (bsc#1048912).
   - scsi: qedf: Limit number of CQs (bsc#1040813).
   - scsi: qedi: off by one in qedi_get_cmd_from_tid() (bsc#1004527,
     FATE#321744).
   - scsi: qla2xxx: Fix uninitialized work element (bsc#1019675,FATE#321701).
   - scsi: scsi_transport_fc: Also check for NOTPRESENT in
     fc_remote_port_add() (bsc#1037890).
   - scsi: scsi_transport_fc: set scsi_target_id upon rescan (bsc#1058135).
   - scsi: sd: Do not override max_sectors_kb sysfs setting (bsc#1025461).
   - scsi: sd: Remove LBPRZ dependency for discards (bsc#1060985). This patch
     is originally part of a larger series which can't be easily backported
     to SLE-12. For a reasoning why we think it's safe to apply, see
     bsc#1060985, comment 20.
   - scsi: sg: close race condition in sg_remove_sfp_usercontext()
     (bsc#1064206).
   - scsi: sg: do not return bogus Sg_requests (bsc#1064206).
   - scsi: sg: factor out sg_fill_request_table() (bnc#1012382).
   - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE (bnc#1012382).
   - scsi: sg: off by one in sg_ioctl() (bnc#1012382).
   - scsi: sg: only check for dxfer_len greater than 256M (bsc#1064206).
   - scsi: sg: remove 'save_scat_len' (bnc#1012382).
   - scsi: sg: use standard lists for sg_requests (bnc#1012382).
   - scsi: storvsc: fix memory leak on ring buffer busy (bnc#1012382).
   - scsi_transport_fc: Also check for NOTPRESENT in fc_remote_port_add()
     (bsc#1037890).
   - scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path
     (bnc#1012382).
   - scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace
     records (bnc#1012382).
   - scsi: zfcp: fix missing trace records for early returns in TMF eh
     handlers (bnc#1012382).
   - scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with
     HBA (bnc#1012382).
   - scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records
     (bnc#1012382).
   - scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled
     (bnc#1012382).
   - scsi: zfcp: trace HBA FSF response by default on dismiss or timedout
     late response (bnc#1012382).
   - scsi: zfcp: trace high part of "new" 64 bit SCSI LUN (bnc#1012382).
   - seccomp: fix the usage of get/put_seccomp_filter() in
     seccomp_get_filter() (bnc#1012382).
   - sh_eth: use correct name for ECMR_MPDE bit (bnc#1012382).
   - skd: Avoid that module unloading triggers a use-after-free (bnc#1012382).
   - skd: Submit requests to firmware before triggering the doorbell
     (bnc#1012382).
   - SMB3: Do not ignore O_SYNC/O_DSYNC and O_DIRECT flags (bnc#1012382).
   - SMB: Validate negotiate (to protect against downgrade) even if signing
     off (bnc#1012382).
   - staging: iio: ad7192: Fix - use the dedicated reset function avoiding
     dma from stack (bnc#1012382).
   - stm class: Fix a use-after-free (bnc#1012382).
   - supported.conf: clear mistaken external support flag for cifs.ko
     (bsc#1053802).
   - supported.conf: enable dw_mmc-rockchip driver References: bsc#1064064
   - swiotlb-xen: implement xen_swiotlb_dma_mmap callback (bnc#1012382).
   - sysctl: fix lax sysctl_check_table() sanity check (bsc#1048893).
   - sysctl: fold sysctl_writes_strict checks into helper (bsc#1048893).
   - sysctl: kdoc'ify sysctl_writes_strict (bsc#1048893).
   - sysctl: simplify unsigned int support (bsc#1048893).
   - team: call netdev_change_features out of team lock (bsc#1055567).
   - team: fix memory leaks (bnc#1012382).
   - timer/sysclt: Restrict timer migration sysctl values to 0 and 1
     (bnc#1012382).
   - tpm: fix: return rc when devm_add_action() fails (bsc#1020645,
     fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes
     8e0ee3c9faed).
   - tpm: read burstcount from TPM_STS in one 32-bit transaction
     (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048,
     git-fixes 27084efee0c3).
   - tpm_tis_core: Choose appropriate timeout for reading burstcount
     (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048,
     git-fixes aec04cbdf723).
   - tpm_tis_core: convert max timeouts from msec to jiffies (bsc#1020645,
     fate#321435, fate#321507, fate#321600, bsc#1034048, git-fixes
     aec04cbdf723).
   - tracing: Apply trace_clock changes to instance max buffer (bnc#1012382).
   - tracing: Erase irqsoff trace with empty write (bnc#1012382).
   - tracing: Fix trace_pipe behavior for instance traces (bnc#1012382).
   - ttpci: address stringop overflow warning (bnc#1012382).
   - tty: fix __tty_insert_flip_char regression (bnc#1012382).
   - tty: goldfish: Fix a parameter of a call to free_irq (bnc#1012382).
   - tty: improve tty_insert_flip_char() fast path (bnc#1012382).
   - tty: improve tty_insert_flip_char() slow path (bnc#1012382).
   - tty: pl011: fix initialization order of QDF2400 E44 (bsc#1054082).
   - tty: serial: msm: Support more bauds (git-fixes).
   - ubifs: Correctly evict xattr inodes (bsc#1012829).
   - ubifs: Do not leak kernel memory to the MTD (bsc#1012829).
   - Update patches.drivers/0029-perf-xgene-Remove-bogus-IS_ERR-check.patch
     (bsc#1036737).
   - Update
     patches.drivers/tpm-141-fix-RC-value-check-in-tpm2_seal_trusted.patch
     (bsc#1020645, fate#321435, fate#321507, fate#321600, bsc#1034048,
     git-fixes 5ca4c20cfd37).
   - usb: chipidea: vbus event may exist before starting gadget (bnc#1012382).
   - usb: core: fix device node leak (bsc#1047487).
   - usb: core: harden cdc_parse_cdc_header (bnc#1012382).
   - usb: devio: Do not corrupt user memory (bnc#1012382).
   - usb: dummy-hcd: fix connection failures (wrong speed) (bnc#1012382).
   - usb: dummy-hcd: Fix erroneous synchronization change (bnc#1012382).
   - usb: dummy-hcd: fix infinite-loop resubmission bug (bnc#1012382).
   - usb: fix out-of-bounds in usb_set_configuration (bnc#1012382).
   - usb: gadgetfs: fix copy_to_user while holding spinlock (bnc#1012382).
   - usb: gadgetfs: Fix crash caused by inadequate synchronization
     (bnc#1012382).
   - usb: gadget: inode.c: fix unbalanced spin_lock in ep0_write
     (bnc#1012382).
   - usb: gadget: mass_storage: set msg_registered after msg registered
     (bnc#1012382).
   - usb: gadget: udc: atmel: set vbus irqflags explicitly (bnc#1012382).
   - usb: g_mass_storage: Fix deadlock when driver is unbound (bnc#1012382).
   - usb: Increase quirk delay for USB devices (bnc#1012382).
   - usb: pci-quirks.c: Corrected timeout values used in handshake
     (bnc#1012382).
   - usb: plusb: Add support for PL-27A1 (bnc#1012382).
   - usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
     (bnc#1012382).
   - usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
     (bnc#1012382).
   - usb: serial: mos7720: fix control-message error handling (bnc#1012382).
   - usb: serial: mos7840: fix control-message error handling (bnc#1012382).
   - usb-storage: unusual_devs entry to fix write-access regression for
     Seagate external drives (bnc#1012382).
   - usb: uas: fix bug in handling of alternate settings (bnc#1012382).
   - uwb: ensure that endpoint is interrupt (bnc#1012382).
   - uwb: properly check kthread_run return value (bnc#1012382).
   - vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
     (bnc#1012382).
   - video: fbdev: aty: do not leak uninitialized padding in clk to userspace
     (bnc#1012382).
   - Workaround for kABI compatibility with DP-MST patches (bsc#1055493).
   - x86/acpi: Restore the order of CPU IDs (bnc#1056230).
   - x86/cpu/amd: Hide unused legacy_fixup_core_id() function (bsc#1060229).
   - x86/cpu/amd: Limit cpu_core_id fixup to families older than F17h
     (bsc#1060229).
   - x86/cpu: Remove unused and undefined __generic_processor_info()
     declaration (bnc#1056230).
   - x86 edac, sb_edac.c: Take account of channel hashing when needed
     (bsc#1061721).
   - x86/fpu: Do not let userspace set bogus xcomp_bv (bnc#1012382).
   - x86/fsgsbase/64: Report FSBASE and GSBASE correctly in core dumps
     (bnc#1012382).
   - x86/ldt: Fix off by one in get_segment_base() (bsc#1061872).
   - x86/mm: Fix boot crash caused by incorrect loop count calculation in
     sync_global_pgds() (bsc#1058512).
   - x86/mm: Fix fault error path using unsafe vma pointer (fate#321300).
   - x86/mm: Fix use-after-free of ldt_struct (bsc#1055963).
   - x86/mshyperv: Remove excess #includes from mshyperv.h (fate#320485).
   - xfs/dmapi: fix incorrect file->f_path.dentry->d_inode usage
     (bsc#1055896).
   - xfs: fix inobt inode allocation search optimization (bsc#1012829).
   - xfs: handle error if xfs_btree_get_bufs fails (bsc#1059863).
   - xfs: nowait aio support (FATE#321994).
   - xfs: remove kmem_zalloc_greedy (bnc#1012382).
   - xgene: Always get clk source, but ignore if it's missing for SGMII ports
     (bsc#1048501).
   - xgene: Do not fail probe, if there is no clk resource for SGMII
     interfaces (bsc#1048501).
   - xhci: fix finding correct bus_state structure for USB 3.1 hosts
     (bnc#1012382).

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP3:

      zypper in -t patch SUSE-SLE-WE-12-SP3-2017-1770=1

   - SUSE Linux Enterprise Software Development Kit 12-SP3:

      zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1770=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2017-1770=1

   - SUSE Linux Enterprise Live Patching 12-SP3:

      zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2017-1770=1

   - SUSE Linux Enterprise High Availability 12-SP3:

      zypper in -t patch SUSE-SLE-HA-12-SP3-2017-1770=1

   - SUSE Linux Enterprise Desktop 12-SP3:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2017-1770=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):

      kernel-default-debuginfo-4.4.92-6.18.1
      kernel-default-debugsource-4.4.92-6.18.1
      kernel-default-extra-4.4.92-6.18.1
      kernel-default-extra-debuginfo-4.4.92-6.18.1

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-4.4.92-6.18.1
      kernel-obs-build-debugsource-4.4.92-6.18.1

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):

      kernel-docs-4.4.92-6.18.3

   - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):

      kernel-default-4.4.92-6.18.1
      kernel-default-base-4.4.92-6.18.1
      kernel-default-base-debuginfo-4.4.92-6.18.1
      kernel-default-debuginfo-4.4.92-6.18.1
      kernel-default-debugsource-4.4.92-6.18.1
      kernel-default-devel-4.4.92-6.18.1
      kernel-syms-4.4.92-6.18.1

   - SUSE Linux Enterprise Server 12-SP3 (noarch):

      kernel-devel-4.4.92-6.18.1
      kernel-macros-4.4.92-6.18.1
      kernel-source-4.4.92-6.18.1

   - SUSE Linux Enterprise Server 12-SP3 (s390x):

      kernel-default-man-4.4.92-6.18.1

   - SUSE Linux Enterprise Live Patching 12-SP3 (x86_64):

      kgraft-patch-4_4_92-6_18-default-1-4.3
      kgraft-patch-4_4_92-6_18-default-debuginfo-1-4.3

   - SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.4.92-6.18.1
      cluster-md-kmp-default-debuginfo-4.4.92-6.18.1
      dlm-kmp-default-4.4.92-6.18.1
      dlm-kmp-default-debuginfo-4.4.92-6.18.1
      gfs2-kmp-default-4.4.92-6.18.1
      gfs2-kmp-default-debuginfo-4.4.92-6.18.1
      kernel-default-debuginfo-4.4.92-6.18.1
      kernel-default-debugsource-4.4.92-6.18.1
      ocfs2-kmp-default-4.4.92-6.18.1
      ocfs2-kmp-default-debuginfo-4.4.92-6.18.1

   - SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

      kernel-default-4.4.92-6.18.1
      kernel-default-debuginfo-4.4.92-6.18.1
      kernel-default-debugsource-4.4.92-6.18.1
      kernel-default-devel-4.4.92-6.18.1
      kernel-default-extra-4.4.92-6.18.1
      kernel-default-extra-debuginfo-4.4.92-6.18.1
      kernel-syms-4.4.92-6.18.1

   - SUSE Linux Enterprise Desktop 12-SP3 (noarch):

      kernel-devel-4.4.92-6.18.1
      kernel-macros-4.4.92-6.18.1
      kernel-source-4.4.92-6.18.1

References:

   https://www.suse.com/security/cve/CVE-2017-1000252.html
   https://www.suse.com/security/cve/CVE-2017-11472.html
   https://www.suse.com/security/cve/CVE-2017-12134.html
   https://www.suse.com/security/cve/CVE-2017-12153.html
   https://www.suse.com/security/cve/CVE-2017-12154.html
   https://www.suse.com/security/cve/CVE-2017-13080.html
   https://www.suse.com/security/cve/CVE-2017-14051.html
   https://www.suse.com/security/cve/CVE-2017-14106.html
   https://www.suse.com/security/cve/CVE-2017-14489.html
   https://www.suse.com/security/cve/CVE-2017-15265.html
   https://www.suse.com/security/cve/CVE-2017-15649.html
   https://bugzilla.suse.com/1004527
   https://bugzilla.suse.com/1005776
   https://bugzilla.suse.com/1005778
   https://bugzilla.suse.com/1005780
   https://bugzilla.suse.com/1005781
   https://bugzilla.suse.com/1012382
   https://bugzilla.suse.com/1012829
   https://bugzilla.suse.com/1015342
   https://bugzilla.suse.com/1015343
   https://bugzilla.suse.com/1019675
   https://bugzilla.suse.com/1019680
   https://bugzilla.suse.com/1019695
   https://bugzilla.suse.com/1019699
   https://bugzilla.suse.com/1020412
   https://bugzilla.suse.com/1020645
   https://bugzilla.suse.com/1020657
   https://bugzilla.suse.com/1020989
   https://bugzilla.suse.com/1021424
   https://bugzilla.suse.com/1022595
   https://bugzilla.suse.com/1022604
   https://bugzilla.suse.com/1022743
   https://bugzilla.suse.com/1022912
   https://bugzilla.suse.com/1022967
   https://bugzilla.suse.com/1024346
   https://bugzilla.suse.com/1024373
   https://bugzilla.suse.com/1024405
   https://bugzilla.suse.com/1025461
   https://bugzilla.suse.com/1030850
   https://bugzilla.suse.com/1031717
   https://bugzilla.suse.com/1031784
   https://bugzilla.suse.com/1032150
   https://bugzilla.suse.com/1034048
   https://bugzilla.suse.com/1034075
   https://bugzilla.suse.com/1035479
   https://bugzilla.suse.com/1036060
   https://bugzilla.suse.com/1036215
   https://bugzilla.suse.com/1036737
   https://bugzilla.suse.com/1037579
   https://bugzilla.suse.com/1037838
   https://bugzilla.suse.com/1037890
   https://bugzilla.suse.com/1038583
   https://bugzilla.suse.com/1040813
   https://bugzilla.suse.com/1042847
   https://bugzilla.suse.com/1043598
   https://bugzilla.suse.com/1044503
   https://bugzilla.suse.com/1046529
   https://bugzilla.suse.com/1047238
   https://bugzilla.suse.com/1047487
   https://bugzilla.suse.com/1047989
   https://bugzilla.suse.com/1048155
   https://bugzilla.suse.com/1048228
   https://bugzilla.suse.com/1048325
   https://bugzilla.suse.com/1048327
   https://bugzilla.suse.com/1048356
   https://bugzilla.suse.com/1048501
   https://bugzilla.suse.com/1048893
   https://bugzilla.suse.com/1048912
   https://bugzilla.suse.com/1048934
   https://bugzilla.suse.com/1049226
   https://bugzilla.suse.com/1049272
   https://bugzilla.suse.com/1049291
   https://bugzilla.suse.com/1049336
   https://bugzilla.suse.com/1049361
   https://bugzilla.suse.com/1049580
   https://bugzilla.suse.com/1050471
   https://bugzilla.suse.com/1050742
   https://bugzilla.suse.com/1051790
   https://bugzilla.suse.com/1051987
   https://bugzilla.suse.com/1052093
   https://bugzilla.suse.com/1052094
   https://bugzilla.suse.com/1052095
   https://bugzilla.suse.com/1052360
   https://bugzilla.suse.com/1052384
   https://bugzilla.suse.com/1052580
   https://bugzilla.suse.com/1052593
   https://bugzilla.suse.com/1052888
   https://bugzilla.suse.com/1053043
   https://bugzilla.suse.com/1053309
   https://bugzilla.suse.com/1053472
   https://bugzilla.suse.com/1053627
   https://bugzilla.suse.com/1053629
   https://bugzilla.suse.com/1053633
   https://bugzilla.suse.com/1053681
   https://bugzilla.suse.com/1053685
   https://bugzilla.suse.com/1053802
   https://bugzilla.suse.com/1053915
   https://bugzilla.suse.com/1053919
   https://bugzilla.suse.com/1054082
   https://bugzilla.suse.com/1054084
   https://bugzilla.suse.com/1054654
   https://bugzilla.suse.com/1055013
   https://bugzilla.suse.com/1055096
   https://bugzilla.suse.com/1055272
   https://bugzilla.suse.com/1055290
   https://bugzilla.suse.com/1055359
   https://bugzilla.suse.com/1055493
   https://bugzilla.suse.com/1055567
   https://bugzilla.suse.com/1055709
   https://bugzilla.suse.com/1055755
   https://bugzilla.suse.com/1055896
   https://bugzilla.suse.com/1055935
   https://bugzilla.suse.com/1055963
   https://bugzilla.suse.com/1056061
   https://bugzilla.suse.com/1056185
   https://bugzilla.suse.com/1056230
   https://bugzilla.suse.com/1056261
   https://bugzilla.suse.com/1056427
   https://bugzilla.suse.com/1056587
   https://bugzilla.suse.com/1056588
   https://bugzilla.suse.com/1056596
   https://bugzilla.suse.com/1056686
   https://bugzilla.suse.com/1056827
   https://bugzilla.suse.com/1056849
   https://bugzilla.suse.com/1056982
   https://bugzilla.suse.com/1057015
   https://bugzilla.suse.com/1057031
   https://bugzilla.suse.com/1057035
   https://bugzilla.suse.com/1057038
   https://bugzilla.suse.com/1057047
   https://bugzilla.suse.com/1057067
   https://bugzilla.suse.com/1057383
   https://bugzilla.suse.com/1057498
   https://bugzilla.suse.com/1057849
   https://bugzilla.suse.com/1058038
   https://bugzilla.suse.com/1058116
   https://bugzilla.suse.com/1058135
   https://bugzilla.suse.com/1058410
   https://bugzilla.suse.com/1058507
   https://bugzilla.suse.com/1058512
   https://bugzilla.suse.com/1058550
   https://bugzilla.suse.com/1059051
   https://bugzilla.suse.com/1059465
   https://bugzilla.suse.com/1059500
   https://bugzilla.suse.com/1059863
   https://bugzilla.suse.com/1060197
   https://bugzilla.suse.com/1060229
   https://bugzilla.suse.com/1060249
   https://bugzilla.suse.com/1060400
   https://bugzilla.suse.com/1060985
   https://bugzilla.suse.com/1061017
   https://bugzilla.suse.com/1061046
   https://bugzilla.suse.com/1061064
   https://bugzilla.suse.com/1061067
   https://bugzilla.suse.com/1061172
   https://bugzilla.suse.com/1061451
   https://bugzilla.suse.com/1061721
   https://bugzilla.suse.com/1061775
   https://bugzilla.suse.com/1061831
   https://bugzilla.suse.com/1061872
   https://bugzilla.suse.com/1062279
   https://bugzilla.suse.com/1062520
   https://bugzilla.suse.com/1062962
   https://bugzilla.suse.com/1063102
   https://bugzilla.suse.com/1063349
   https://bugzilla.suse.com/1063460
   https://bugzilla.suse.com/1063475
   https://bugzilla.suse.com/1063479
   https://bugzilla.suse.com/1063501
   https://bugzilla.suse.com/1063509
   https://bugzilla.suse.com/1063520
   https://bugzilla.suse.com/1063570
   https://bugzilla.suse.com/1063667
   https://bugzilla.suse.com/1063671
   https://bugzilla.suse.com/1063695
   https://bugzilla.suse.com/1064064
   https://bugzilla.suse.com/1064206
   https://bugzilla.suse.com/1064388
   https://bugzilla.suse.com/1064436
   https://bugzilla.suse.com/963575
   https://bugzilla.suse.com/964944
   https://bugzilla.suse.com/966170
   https://bugzilla.suse.com/966172
   https://bugzilla.suse.com/966186
   https://bugzilla.suse.com/966191
   https://bugzilla.suse.com/966316
   https://bugzilla.suse.com/966318
   https://bugzilla.suse.com/969476
   https://bugzilla.suse.com/969477
   https://bugzilla.suse.com/969756
   https://bugzilla.suse.com/971975
   https://bugzilla.suse.com/981309

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWfEzoYx+lLeg9Ub1AQjW/Q//d7CaI5xI1FY8BUtkNe6ryOqCjtSrDsUr
nWtol0ZdjoSSzUq9XdVBvsjO4U5/SaEXeTewDXsUU/3LGF1zLl2fIBrw0dzmlJMi
DSE2+2FefNW1e6a58Aunpjm6fMs9u2OsRCBvDr2KybXZQFSqe/RlANeaynq0rdZy
u/zeUF/e0b2Rft88HjqchBTBm4hxpBJEW/+yWPv5aYcF8bWpnsipFrj6uyBVSB5O
3nGPPEYokFAHbfZjnw+e0z2IdCjRe6zmYE9stgp9mKLQlqHBfKbHYJhB+PZLp69E
6Ujbl9JshX4H3DHy6/Cp/qaLZvlrSK6cpWcKRsuPNd16kJvvzGIAyotnip+wjT74
VqGJ4qnNgrD/j2h4zqoWLCpGUjAxYgsWcd5tkCdAq9eSUVDKfuTR/2iCbo5I8gma
maAvxTGdbBvzZ+m+8RR8qiAiWQz2TFdZNsZPs0BLkil/YOOrpy5CLFxOE564H1rY
BZ/ELLagCb3QIPiolk/lB0j6fo/Ce+yuX28NtwyrhPFN5dOwmQ/jtj8w3GbMX2/V
g1f2l69H4Gkvwu5dEiE0Q2WvBfFv2ix+XIn8SQZbiCzcTWMo+bkElxgB/iHo3Bxo
j/VpGNSR5rdvhRLtfpBNDcLXKAAHFeY2kXSj6s/EoINFzM3MudsA4KaFb5VE8QbX
h/DFQ5egWb8=
=3WRy
-----END PGP SIGNATURE-----