New Arm Tumbleweed snapshot 20231213 released!
Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=3&version=Tumbleweed&build=20231213 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: 389-ds (2.4.0~git74.4297d88 -> 2.4.0~git113.84a845c) gnu-unifont-fonts google-noto-coloremoji-fonts opensc (0.23.0 -> 0.24.0) python-outcome (1.2.0 -> 1.3.0.post0) === Details === ==== 389-ds ==== Version update (2.4.0~git74.4297d88 -> 2.4.0~git113.84a845c) Subpackages: lib389 libsvrcore0 - Update to support newer obs-service-cargo-vendor - Update to version 2.4.0~git113.84a845c: * Issue 5980 - Improve instance startup failure handling (#5991) * Issue 5976 - Fix freeipa install regression with lmdb (#5977) * Issue 5984 - Crash when paged result search are abandoned - fix2 (#5987) * Issue 5984 - Crash when paged result search are abandoned (#5985) * Issue 5947 - CI test_vlv_recreation_reindex fails on LMDB (#5979) * Bump version to 2.5.0 * Issue 5971 - CLI - Fix password prompt for repl status (#5972) * Issue 5973 - Fix fedora cop RawHide builds (#5974) * Revert "Issue 5761 - Worker thread dynamic management (#5796)" (#5970) * Issue 5966 - CLI - Custom schema object is removed on a failed edit (#5967) * Issue 5786 - Update permissions for Release workflow * Issue 5960 - Subpackages should have more strict interdependencies * Issue 3555 - UI - Fix audit issue with npm - babel/traverse (#5959) * Issue 4843 - Fix dscreate create-template issue (#5950) * bugfix for --passwd-file not working on latest version (#5934) * Issue 5843 - dsconf / dscreate should be able to handle lmdb parameters (#5943) * Bump postcss from 8.4.24 to 8.4.31 in /src/cockpit/389-console (#5945) * Issue 5938 - Attribute Names changed to lowercase after adding the Attributes (#5940) * issue 5924 - ASAN server build crash when looping opening/closing connections (#5926) * Issue 1925 - Add a CI test (#5936) * Issue 5732 - Localizing Cockpit's 389ds Plugin using CockpitPoPlugin (#5764) * Issue 1870 - Add a CI test (#5929) * Issue 843 - Add a warning to slapi_valueset_add_value_ext (#5925) * Issue 5761 - Worker thread dynamic management (#5796) * Issue 1802 - Improve ldclt man page (#5928) * Issue 1456 - Add a CI test that verifies there is no issue (#5927) * Issue 1317 - Add a CI test (#5923) * Issue 1081 - CI - Add more tests for overwriting x-origin issue (#5815) * Issue 1115 - Add a CI test (#5913) * Issue 5848 - Fix condition and add a CI test (#5916) * Issue 5848 - Fix condition and add a CI test (#5916) * Issue 5914 - UI - server settings page validation improvements and db index fixes * Issue 5909 - Multi listener hang with 20k connections (#5917) * Issue 5902 - Fix previous commit regression (#5919) * pass instance correctly to ds_is_older (#5903) * Issue 5909 - Multi listener hang with 20k connections (#5910) * Issue 5722 - improve testcase (#5904) * Issue 5203 - outdated version in provided metadata for lib389 * Bug Description: ==== gnu-unifont-fonts ==== - add %reconfigure_fonts_prereq to the subpackages * required by the presence of the macro: %reconfigure_fonts_scriptlets -n <subpackage-name> ==== google-noto-coloremoji-fonts ==== - add %reconfigure_fonts_prereq * required by the presence of the macro: %reconfigure_fonts_scriptlets ==== opensc ==== Version update (0.23.0 -> 0.24.0) - Update to OpenSC 0.24.0: * Security - CVE-2023-40660: Fix Potential PIN bypass (#2806, frankmorgner/OpenSCToken#50, #2807) - CVE-2023-40661: Important dynamic analyzers reports - CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys (f1993dc) * General improvements - Fix compatibility of EAC with OpenSSL 3.0 (#2674) - Enable use_file_cache by default (#2501) - Use custom libctx with OpenSSL >= 3.0 (#2712, #2715) - Fix record-based files (#2604) - Fix several race conditions (#2735) - Run tests under Valgrind (#2756) - Test signing of data bigger than 512 bytes (#2789) - Update to OpenPACE 1.1.3 (#2796) - Implement logout for some of the card drivers (#2807) - Fix wrong popup position of opensc-notify (#2901) - Fixed various issues reported by OSS-Fuzz and Coverity regarding card drivers, PKCS#11 and PKCS#15 init * PKCS#11 - Check card presence state in C_GetSessionInfo (#2740) - Remove onepin-opensc-pkcs11 module (#2681) - Do not use colons in the token info label (#2760) - Present profile objects in all slots with the CKA_TOKEN attribute to resolve issues with NSS (#2928, #2924) - Use secure memory for PUK (#2906) - Don't logout to preserve concurrent access from different processes (#2907) - Add more examples to manual page (#2936) - Present profile objects in all virtual slots (#2928) - Provide CKA_TOKEN attribute for profile objects (#2924) - Improve --slot parameter documentation (#2951) * PKCS#15 - Honor cache offsets when writing file cache (#2858) - Prevent needless amount of PIN prompts from pkcs15init layer (#2916) - Propagate CKA_EXTRACTABLE and SC_PKCS15_PRKEY_ACCESS_SENSITIVE from and back to PKCS#11 (#2936) * Minidriver - Fix for private keys that do not need a PIN (#2722) - Unbreak decipher when the first null byte of PKCS#1.5 padding is missing (#2939* * pkcs11-tool - Fix RSA key import with OpenSSL 3.0 (#2656) - Add support for attribute filtering when listing objects (#2687) - Add support for --private flag when writing certificates (#2768) - Add support for non-AEAD ciphers to the test mode (#2780) - Show CKA_SIGN attribute for secret keys (#2862) - Do not attempt to read CKA_ALWAYS_AUTHENTICATE on secret keys (#2864, #2913) - Show Sign/VerifyRecover attributes (#2888) - Add option to import generic keys (#2955) * westcos-tool - Generate 2k RSA keys by default (b53fc5c) * pkcs11-register - Disable autostart on Linux by default (#2680) * IDPrime - Add support for IDPrime MD 830, 930 and 940 (#2666) - Add support for SafeNet eToken 5110 token (#2812) - Process index even without keyrefmap and use correct label for second PIN (#2878) - Add support for Gemalto IDPrime 940C (#2941) * EPass2003 - Change of PIN requires verification of the PIN (#2759) - Fix incorrect CMAC computation for subkeys (#2759, issue #2734) - Use true random number for mutual authentication for SM (#2766) - Add verification of data coming from the token in the secure messaging mode (#2772) - Avoid success when using unsupported digest and fix data length for RAW ECDSA signatures (#2845) * OpenPGP - Fix select data command (#2753, issue #2752) - Unbreak ed/curve25519 support (#2892) * eOI - Add support for Slovenian eID card (eOI) (#2646) * Italian CNS - Add support for IDEMIA (Oberthur) tokens (#2483) * PIV - Add support for Swissbit iShield FIDO2 Authenticator (#2671) - Implement PIV secure messaging (#2053) * SkeID - Add support for Slovak eID cards (#2672) * isoApplet - Support ECDSA with off-card hashing (#2642) * MyEID - Fix WRAP operation when using T0 (#2695) - Identify changes on the card and enable use_file_cache (#2798) - Workaround for unwrapping using 2K RSA key (#2921) * SC-HSM - Add support for opensc-tool --serial (#2675) - Fix unwrapping of 4096 keys with handling reader limits (#2682) - Indicate supported hashes and MGF1s (#2827) - Remove patches: * opensc-CVE-2023-40660-1of2.patch * opensc-CVE-2023-40660-2of2.patch * opensc-CVE-2023-40661-1of12.patch * opensc-CVE-2023-40661-2of12.patch * opensc-CVE-2023-40661-3of12.patch * opensc-CVE-2023-40661-4of12.patch ... changelog too long, skipping 10 lines ... * opensc-NULL_pointer_fix.patch ==== python-outcome ==== Version update (1.2.0 -> 1.3.0.post0) - update to 1.3.0.post0: * Added type hints to the package. :py:class:`Value` and :py:class:`Outcome` are now generic. A type alias was also added (:py:data:`Maybe`) for the union of :py:class:`Value` and :py:class:`Error`. (#36)
participants (1)
-
Guillaume Gardet