Hi Paramjit
You will not get an exact list of what is needed. You can look at the SAP_GRAC* roles as a base of what is needed and refine the access. You can also look at the GRAC authorisation objects.
Security does not appear to change much between a support pack unless SAP identified a missing or incorrect authorisation check. Looking at the notes for the SP may help you identify these changes
Ultimately, trial/error and testing/investigation. SAP standard roles are a starting point but then you will need to determine if you need to restrict access further.
Regards
Colleen