Packages changed: MicroOS-release (20260707 -> 20260708) apparmor dracut (110+suse.35.g9834432 -> 110+suse.41.g38f7c003) fdk-aac-free (2.0.0 -> 2.0.3) gpg2 (2.5.20 -> 2.5.21) gpgme (2.1.1 -> 2.1.2) kernel-source (7.1.2 -> 7.1.3) keylime (7.14.2 -> 7.14.3) leancrypto (1.7.2 -> 1.8.0) libapparmor llvm22 (22.1.7 -> 22.1.8) openexr (3.4.12 -> 3.4.13) rust-keylime (0.2.9+8 -> 0.2.9+49) tiff (4.7.1 -> 4.7.2) xwayland (24.1.11 -> 24.1.12) === Details === ==== MicroOS-release ==== Version update (20260707 -> 20260708) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== apparmor ==== - add curl.diff to fix curl console output ==== dracut ==== Version update (110+suse.35.g9834432 -> 110+suse.41.g38f7c003) Subpackages: dracut-ima - Update to version 110+suse.41.g38f7c003: * fix(devicetree-firmware): do not call inst_multiple if there are no fw files * fix(systemd-pcrextend): add missing systemd-pcr{nvdone,osseparator}.service * fix(systemd-pcrextend): add NVPCR definition files * fix(tpm2-tss): add missing systemd-tpm2-setup-early.service * feat(dracut): add module to load Qualcomm ADSP module pre-udev * feat(dracut): add module to add fw files from DT firmware-name properties (bsc#1261649) ==== fdk-aac-free ==== Version update (2.0.0 -> 2.0.3) - Update to version 2.0.3: + Minor upstream updates + Fixed one case of a failed assert in SBR encoding + Added build support for s390x - Changes from version 2.0.2: + Minor upstream updates + Lots of upstream and local fuzzing fixes + Added CMake project files + Removed the MSVC specific makefile - Changes from version 2.0.1: + Minor release with a number of crash/fuzz fixes, primarily for the decoder ==== gpg2 ==== Version update (2.5.20 -> 2.5.21) - Update to 2.5.21: * gpg, gpgsm: Use partial file on decryption, remove on failure. Disable with "--compatibility-flags=no-partial-file-guard". * gpg: Use the INT_RCP_FPR subpacket in revocation signatures. * gpg: Fix potential use-after-free in batch key generation when handling the keyserver URL option * gpgsm: Fix regression in gpgsm_verify with expired certificates. * gpgsm: Require a minimum tag length for GCM decryption. (CVE-2026-57062, boo#1269279) * scd: Limit the size of returned APDU objects from faulty cards. * scd: Fix condition to retrieve ATR * scd:openpgp: Fix regression in CHV1 retry counter byte index. * agent: Make batch import of Kyber keys work * dirmngr: Add a validation check in get_dns_cert_standard. * gpgconf: Raise an error on certain parse errors. - rebase gnupg-set_umask_before_open_outfile.patch ==== gpgme ==== Version update (2.1.1 -> 2.1.2) - Update to 2.1.2: * fix issues affecting other platforms ==== kernel-source ==== Version update (7.1.2 -> 7.1.3) - Update patches.kernel.org/7.1.1-006-arm64-errata-Mitigate-TLBI-errata-on-various-Ar.patch (bsc#1012628 CVE-2026-53354 bsc#1270230). - Update patches.kernel.org/7.1.3-001-KVM-x86-Fix-shadow-paging-use-after-free-due-to.patch (bsc#1012628 CVE-2026-53359). - Update patches.kernel.org/7.1.3-028-ipv6-account-for-fraggap-on-the-paged-allocatio.patch (bsc#1012628 CVE-2026-53362). suse-add-cves - commit 1cb5006 - Linux 7.1.3 (bsc#1012628). - KVM: x86: Fix shadow paging use-after-free due to unexpected role (bsc#1012628). - batman-adv: tp_meter: keep unacked list in ascending ordered (bsc#1012628). - batman-adv: tp_meter: initialize dup_acks explicitly (bsc#1012628). - batman-adv: tp_meter: initialize dec_cwnd explicitly (bsc#1012628). - batman-adv: tp_meter: avoid window underflow (bsc#1012628). - batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (bsc#1012628). - batman-adv: tp_meter: fix fast recovery precondition (bsc#1012628). - batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (bsc#1012628). - batman-adv: tp_meter: add only finished tp_vars to lists (bsc#1012628). - batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (bsc#1012628). - batman-adv: prevent ELP transmission interval underflow (bsc#1012628). - batman-adv: tp_meter: initialize last_recv_time during init (bsc#1012628). - batman-adv: gw: don't deselect gateway with active hardif (bsc#1012628). - batman-adv: ensure bcast is writable before modifying TTL (bsc#1012628). - batman-adv: fix (m|b)cast csum after decrementing TTL (bsc#1012628). - batman-adv: frag: ensure fragment is writable before modifying TTL (bsc#1012628). - batman-adv: frag: avoid underflow of TTL (bsc#1012628). - batman-adv: v: prevent OGM aggregation on disabled hardif (bsc#1012628). - batman-adv: tp_meter: restrict number of unacked list entries (bsc#1012628). - batman-adv: tp_meter: annotate last_recv_time access with READ/WRITE_ONCE (bsc#1012628). - batman-adv: tp_meter: prevent parallel modifications of last_recv (bsc#1012628). - batman-adv: tp_meter: handle overlapping packets (bsc#1012628). - batman-adv: tt: don't merge change entries with different VIDs (bsc#1012628). - batman-adv: tt: track roam count per VID (bsc#1012628). - batman-adv: dat: prevent false sharing between VLANs (bsc#1012628). - batman-adv: tvlv: enforce 2-byte alignment (bsc#1012628). - batman-adv: tvlv: avoid race of cifsnotfound handler state (bsc#1012628). - ipv6: account for fraggap on the paged allocation path (bsc#1012628). - ipv4: account for fraggap on the paged allocation path (bsc#1012628). - ntfs3: reject direct userspace writes to reserved $LX* xattrs (bsc#1012628). - wifi: mt76: add wcid publish check in mt76_sta_add (bsc#1012628). - mac802154: llsec: add skb_cow_data() before in-place crypto (bsc#1012628). - net: skmsg: preserve sg.copy across SG transforms (bsc#1012628). - net: ip_gre: require CAP_NET_ADMIN in the device netns for changelink (bsc#1012628). - PCI/P2PDMA: Add Intel QAT, DSA, IAA devices to whitelist (bsc#1012628). - apparmor: mediate the implicit connect of TCP fast open sendmsg (bsc#1012628). - NTB: epf: Avoid pci_iounmap() with offset when PEER_SPAD and CONFIG share BAR (bsc#1012628). - fbdev: fix use-after-free in store_modes() (bsc#1012628). - fscrypt: Fix key setup in edge case with multiple data unit sizes (bsc#1012628). - kernel/fork: clear PF_BLOCK_TS in copy_process() (bsc#1012628). - block: invalidate cached plug timestamp after task switch (bsc#1012628). - KVM: arm64: Omit tag sync on stage-2 mappings of the zero page (bsc#1012628). - err.h: use __always_inline on all error pointer helpers (bsc#1012628). - gcov: use atomic counter updates to fix concurrent access crashes (bsc#1012628). - KEYS: fix overflow in keyctl_pkey_params_get_2() (bsc#1012628). - keys: Pin request_key_auth payload in instantiate paths (bsc#1012628). - userfaultfd: ensure mremap_userfaultfd_fail() releases mmap_changing (bsc#1012628). - userfaultfd: build __VMA_UFFD_FLAGS from config-gated masks (bsc#1012628). ... changelog too long, skipping 136 lines ... - commit 0709164 ==== keylime ==== Version update (7.14.2 -> 7.14.3) Subpackages: keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tenant keylime-tpm_cert_store keylime-verifier python313-keylime - Update to version 7.14.3: * Bump to version 7.14.3 * tests: verify GET handler race condition fix with unit tests * fix: handle concurrent agent deletion in verifier GET handler * DB: increase evidence_items.agent_id column length * [Automatic] Update Keylime base image 2026-07-02 * fix: suppress type checker errors for compatibility import in types.py * fix: correct [A-z] regex in DM-IMA grammar STRING token * docs: empty refstate skips PCR replay and policy evaluation * tpm: use only policy's relevant PCRs for event log verification * tests: accept both error messages for invalid ECC points * tests: fix asyncio.Event() usage in shutdown tests * CI: Use PR label to disable e2e tests through Packit * [CI] Split e2e CI testing to fast and full * elparsing: harden stderr decoding for tpm2_eventlog * elparsing: check tpm2_eventlog exit code instead of stderr * [Automatic] Update Keylime base image 2026-06-01 * tpm: Parse TPM2B_NAME with _unpackv instead of fixed-size slice * fix: Update pre-commit isort to 8.0.1 to match tox * docs: Document qualifying data change for IAK certification in v2.6 * api: Bump pull-mode API version to 2.6 * tpm: Refactor verify_aik_with_iak to use proper TPMS_ATTEST parsing * registrar: Fix missing return after error in _bind_ak_to_iak * Fix mypy error and include runtime deps in test-requirements * Preserve FAIL status when timeout fires * Block PUSH mode FAIL to PASS auto-recovery * Fix PUSH mode agent status tracking across restarts and recovery * server: Add max_workers config to cap worker process count ==== leancrypto ==== Version update (1.7.2 -> 1.8.0) - Update to 1.8.0: * X.509: provide a common automated serial number generator which is the 20 leftmost bytes of the SHA3-256 hash of the certificate DER blob with the serial number being 20 bytes of 0xff and the signature part equally a range of 0xff bytes * Add full support for internal IV generation with GCM - this allows AES-GCM to be used in FIPS mode * Curve448: Fix AVX2 ABI issue * Rust: add X25519 / X448 API to support rustls * Rust: add HKDF API * Rust: add ED25519 API to support rustls * X.509: Add support for ED25519 and ED448 certificates to support rustTLS for a smooth transition to PQC * HMAC: deentangle key and hash management * Remove VLA in the entire library * Fixes to ChaCha20-Poly1305 and HKDF based on Wycheproof * Add first drop of rustls-leancrypto provider - this code is not production-ready, but it works with OpenSSL via localhost as well as AWS-provider procedurally * Add lc_kyber_[x25519|448]_[enc|dec] API * BIKE: fix bug on 32-bit Intel systems * Rust: add status API * Harden various functions, add defense in depth checks suggested by LLMs * Bug fix: ML-KEM KDF helper ingested only ML-KEM part and skipped X25519 * Add return code checker defending against fault injections * ML-DSA / SLH-DSA: slicing the implementation to allow keygen, siggen and sigver to be compiled independently - together with dead code stripping, only the desired functionality is present (e.g. in secure boot mode, only sigver is of interest) - build-script/shim_support.sh compiles only signature verification * Linux kernel: add HMAC support * Ascon: add support and tests for NULL AAD and NULL PT * symmetric ciphers: return error codes for encrypt/decrypt * PBKDF2: add FIPS140-3 compliance checks * AEAD / Symmetric ciphers; add support for parallel use of cipher contexts - this fixes issues with the AES symmetric support in the Linux kernel * ChaCha20: increment only the 32 bit counter to be 100% compliant with RFC7539 - but that implies that for one given setiv only 2^32 - 1 bytes are allowed to be en/decrypted * All production and test code is now subject to regular UBSAN tests * Add Wycheproof compliance testing using Rust interface * Linux kernel: fix all UBSAN reports - the leancrypto.ko and all tests now work do not show any report with ASAN/UBSAN/kmemleak detector tested on X86 and ARMv8. * Remove patches fixed upstream: - leancrypto-ABI-fix.patch - 0001-Linux-kernel-leancrypto_kernel_rng_tester-include-li.patch ==== libapparmor ==== - add curl.diff to fix curl console output ==== llvm22 ==== Version update (22.1.7 -> 22.1.8) - Update to version 22.1.8. * This release contains bug-fixes for the LLVM 22.1.0 release. This release is API and ABI compatible with 22.1.0. ==== openexr ==== Version update (3.4.12 -> 3.4.13) Subpackages: libIex-3_4-33 libIlmThread-3_4-33 libOpenEXR-3_4-33 libOpenEXRCore-3_4-33 - update to 3.4.13 ( bsc#1269562, CVE-2026-55371, bsc#1269701, CVE-2026-55373, bsc#1269702, CVE-2026-55059, bsc#1269703, CVE-2026-54920, bsc#1269705, CVE-2026-53532): * Fix a regression introduced in v3.4.11 in decoding of DWAA compression * Fix to handling deep images and very large images with the OpenEXRUtil library * Fix initiliazation issue in B44A decoding * Validate HTJ2K chunk header length before decode * Fix when building statically and using the vendored OpenJPH library * Fix CVE-2026-55373 OpenEXRUtil SampleCountChannel endEdit() can loop forever on UINT_MAX sample counts * Fix CVE-2026-55371 OpenEXRCore exr_attr_set_bytes() accepts NULL type_hint with positive hint_length * Fix CVE-2026-55059 OpenEXRUtil SampleCountChannel row setter heap out-of-bounds write * Fix CVE-2026-54920 Integer Overflow and Use of Uninitialized Pointer leading to Invalid Delete in OpenEXRUtil Image Resize * Fix CVE-2026-53532 Unhandled assert abort in HTJ2K decoder via crafted QCD marker (DoS) ==== rust-keylime ==== Version update (0.2.9+8 -> 0.2.9+49) - Remove Cargo_toml.patch (merged upstream) - Update openssl to 0.10.81 bsc#1270174, CVE-2026-41676 bsc#1270999, CVE-2026-45784 bsc#1270903, CVE-2026-44662 bsc#1270842, CVE-2026-41898 bsc#1270792, CVE-2026-41681 bsc#1270699, CVE-2026-41678 bsc#1270614, CVE-2026-41677 bsc#1270523, CVE-2026-42327 - Update to version 0.2.9+49: * build(deps): bump uuid from 1.23.3 to 1.23.4 * build(deps): bump syn from 2.0.117 to 2.0.118 * build(deps): bump openssl from 0.10.80 to 0.10.81 * build(deps): bump rand from 0.9.4 to 0.10.1 * Added new regression test into packit-ci.yaml * build(deps): bump actions/checkout from 6 to 7 * build(deps): bump uuid from 1.23.1 to 1.23.3 * build(deps): bump log from 0.4.29 to 0.4.32 * build(deps): bump http from 1.4.0 to 1.4.2 * build(deps): bump codecov/codecov-action from 6 to 7 * build(deps): bump retry-policies from 0.5.1 to 0.5.2 * fix: Remove unused base64::Engine import in context_info tests * build(deps): bump reqwest-middleware from 0.5.1 to 0.5.2 * build(deps): bump serde_json from 1.0.149 to 1.0.150 * build(deps): bump openssl from 0.10.79 to 0.10.80 * agent: Hash agent ID before TPM2_Certify qualifying data * cargo: Bump tss-esapi, picky-asn1-x509, and picky-asn1-der * build(deps): bump openssl from 0.10.78 to 0.10.79 * build(deps): bump once_cell from 1.21.3 to 1.21.4 * build(deps): bump tempfile from 3.23.0 to 3.27.0 * push-model: cache UEFI event log bytes at startup * build(deps): bump quote from 1.0.40 to 1.0.45 * build(deps): bump chrono from 0.4.42 to 0.4.44 * build(deps): bump openssl from 0.10.73 to 0.10.78 * build(deps): bump serde_json from 1.0.143 to 1.0.149 * build(deps): bump syn from 2.0.106 to 2.0.117 * build(deps): bump libc from 0.2.175 to 0.2.184 * build(deps): bump rand from 0.9.2 to 0.9.4 - Make tss-esai-sys depends on bindgen 72.1 to support llvm > 21 - Update to version 0.2.9+21: * tests: use Express-style named params in Mockoon endpoints * build(deps): bump pest_derive from 2.8.1 to 2.8.6 * build(deps): bump trybuild from 1.0.110 to 1.0.115 * build(deps): bump log from 0.4.28 to 0.4.29 * build(deps): bump uuid from 1.19.0 to 1.20.0 * build(deps): bump codecov/codecov-action from 5 to 6 * build(deps): bump tracing-subscriber from 0.3.20 to 0.3.23 * build(deps): bump cfg-if from 1.0.3 to 1.0.4 * build(deps): bump tokio from 1.49.0 to 1.50.0 * build(deps): bump actix-web from 4.12.1 to 4.13.0 * build(deps): bump anyhow from 1.0.99 to 1.0.102 * build(deps): bump clap from 4.5.57 to 4.5.60 * build(deps): bump tracing from 0.1.36 to 0.1.44 ==== tiff ==== Version update (4.7.1 -> 4.7.2) - Update to 4.7.2: Software configuration changes: * cmake: Fix bundle identifiers to use reverse-DNS format * cmake: Fix and improve Apple framework build support * cmake: Use TurboJPEG CONFIG by default (issue #767) * cmake: changes related to 8-/12-bit modes * cmake: Replace CMath::CMath with direct link to avoid export. * Support for iOS-derived builds * Simplify cmake byte order version check * Add additional warnings, primarily floating precision conversions and integer arithmetic conversions * configure.ac: Require bootstrap with at least Autoconf 2.71. Library changes: * New/improved functionalities:: + Add TIFFGetMaxCompressionRatio() and use it in _TIFFReadEncoded[Tile|Strip)AndAllocBuffer() (issue #781) (CVE-2026-36849) (bsc#1268434) * API/ABI breaks: + None Bug fixes: * Handle negative TIFFReadFile results before state updates (issue #854) * tif_dirread.c: fix copy-paste bug in ChopUpSingleUncompressedStrip * tif_read.c: Fixed division by zero in TIFFStartStrip() (issue #777) * tif_dirwrite.c: add integer overflow checks to allocation size calculations * tif_print.c: add integer overflow checks to allocation size calculations * tif_write.c: fix OOB read and underflow in TIFFAppendToStrip copy loop * DumpModeSeek: add bounds check to prevent OOB pointer advance * TIFFGrowStrips: fix use-after-free on partial realloc failure. * Fix NULL dereference in _TIFFReserveLargeEnoughWriteBuffer() by validating the strip bytecount array before accessing it. * TIFFRGBAImage: avoid int overflows in put functions (issue #830) * tif_getimage: fix inconsistent fromskew handling in put16bitbwtile (issue #792) * tif_getimage: Widen pointer-offset arithmetic in tif_getimage * putcontig8bitYCbCr44tile: fix wrong fromskew computation (issue #798) * putcontig8bitYCbCr42tile: Reject invalid YCbCr subsampling when image dimensions are smaller than the subsampling block to prevent out-of-bounds writes. (issue #753) * TIFFReadRGBAImage(): prevent integer overflow and later heap overflow (issue #787) (CVE-2026-4775) (bsc#1260411) * TIFFFillStrip/Tile(): avoid excessive memory allocation (issue #831) * TIFFLinkDirectory() checks for IFD loops (issue #788) * Check result of _TIFFCheckRealloc to prevent memory leaks and segmentation fault when reallocation fails. * TIFFVTileSize64(): in YCbCr contig non upsampled mode, validate td_samplesperpixel==3 (issue #805) * TIFFReadDirEntryPersampleShort(): be tolerant to tags like SampleFormat not having 1 or SamplesPerPixel values (https://github.com/OSGeo/gdal/issues/13465) * tif_getimage: reject tile widths that would overflow toskew (issue #808) * Fix integer overflow in _TIFFPartialReadStripArray on 32-bit. * TIFFAppendToStrip(): add some checks to avoid null-pointer-dereferencing (issue #777). * _TIFFGetStrileOffsetOrByteCountValue(): fix potential crash on corrupted files when file opened in 'O' mode (https://issues.oss-fuzz.com/issues/471328917) * TIFFReadDirectory(): re-set TIFF_LAZYSTRILELOAD if file opened in 'O' mode * _TIFFMergeFields(): avoid NULL ptr dereference (issue #755). * Check td_stripbytecount_p and td_stripoffset_p for NULL pointer before (re-)writing to file. (issue #749) * JPEGDecodeRaw: initialize output buffer to avoid returning uninitialized memory (issue #892) * JPEG decompressor: initialize output buffer when JPEG image is smaller than strile dimension to avoid heap memory disclosure (issue #826) * JPEG: fix generation of tiled 12-bit JPEG compressed files with libjpeg-turbo 3.0.3 (issue #773) * JPEGDecode(): fix memory leak in error code path (https://issues.oss-fuzz.com/issues/471945501) * tif_jpeg: reject mismatched JPEG data precision to avoid write overflow * Fix signed left-shift UB in LogLuv RANDITHER encoding (issue #850) * PixarLog: error out on invalid ABGR output buffer sizes. * PixarLog: complete ABGR bounds check for multi-row strip decoding. * PixarLog: fix heap-buffer-overflow in 8BITABGR decode with stride 3 (issue #824) (CVE-2026-12912) (bsc#1269779) * PixarLog: fix undoing horizontal differencing when SamplesPerPixel != 3 and 4 (issue #789). * PixarLog codec: fix potential integer overflow/out-of-bounds access (issue #797) * TIFFAdvanceDirectory(): avoid potential read heap-buffer-overflow in mmap code path on 32 bit builds (https://issues.oss-fuzz.com/issues/506737072) * OJPEG: fix integer overflow in subsampling buffer allocation. * OJPEG: fix nullptr deref when changing compression method from OJPEG to something else (issue #795). * OJPEG fix potential integer overflow/out-of-bounds access (issue #796). * ojpeg: prevent EOF infinite loop (fixes commit 2a3d55b) * fix null pointer deference in issue #782. * fix stack-overflow in issue #784. Other changes: * Change EXIF and GPS tag type from IFD8 to LONG8 per EXIF-specification (issue #739). * Harden integer size and offset calculations (issue #897) * TIFFComputeTile/TIFFComputeStrip: use overflow-checked multiplication * Move widening casts inside multiplication scope. * Lots of compiler warning fixes related to enabling more warning flags * Align writing and reading of TIFF_LONG8 and TIFF_IFD8 tags (issue #773) * TIFFFillStrip(): prevent harmless unsigned integer overflow - Drop tiff-CVE-2026-4775.patch ==== xwayland ==== Version update (24.1.11 -> 24.1.12) - bsc1268893_CVE-2026-55999_0002-fb-mi-glamor-reject-glyphs-with-negative-dimensions.patch * glamor Font Atlas Heap Buffer Overflow (CVE-2026-55999, bsc#1268893) - bsc1268893_CVE-2026-55999_0003-glamor-reject-fonts-with-per-glyph-metrics-exceeding.patch * GLX contextTags Use-After-Free in CommonMakeCurrent() (CVE-2026-55999, bsc#1268893) - bsc1268894_CVE-2026-56000_0001-glx-free-old-context-tag-before-allocating-new-one-i.patch * GLX contextTags Use-After-Free in CommonMakeCurrent() (CVE-2026-56000, bsc#1268894) - Update to version 24.1.12: * This release contains the fixes for the issues reported in this security advisory: https://lists.x.org/archives/xorg-announce/2026-June/003702.html - Font Alias Stack-based Buffer Overflow - XSYNC Use-After-Free in miSyncDestroyFence() - XKB Key Types Stack-based Buffer Overflow - XKB SetMap Request Stack-based Buffer Overflow - XSYNC Use-After-Free in FreeCounter() - XSYNC Use-After-Free in SyncChangeCounter() - GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write - CreateSaverWindow Use-After-Free Information Disclosure * Additionally, it contains a number of other various fixes from the stable xwayland-24.1 branch. - Rebase U_xwayland_Dont_run_key_behaviors_and_actions.patch with quilt. - Drop patches fixed upstream: * bsc1266294_CVE-2026-XXXX1_0007-dix-increase-XLFDMAXFONTNAMELEN-to-match-libXfont2-s.patch * bsc1266295_CVE-2026-XXXX2_0001-sync-fix-deletion-of-counters-and-fences.patch * bsc1266296_CVE-2026-XXXX3_0003-xkb-reject-key-types-with-num_levels-exceeding-XkbMa.patch * bsc1266297_CVE-2026-XXXX4_0004-xkb-clamp-nMaps-to-mapWidths-buffer-size-in-CheckKey.patch * bsc1266299_CVE-2026-XXXX6_0002-sync-restart-trigger-list-iteration-in-SyncChangeCou.patch * bsc1266300_CVE-2026-XXXX7_0005-glx-fix-reversed-length-check-in-ChangeDrawableAttri.patch * bsc1266301_CVE-2026-XXXX8_0006-saver-re-fetch-screen-private-after-CheckScreenPriva.patch