openSUSE Factory
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
April 2021
- 132 participants
- 91 discussions
Hi,
I've been working on creating OpenSUSE packages for AMD's ROCm stack
for some time. It consists of components for building and running
compute workloads on AMD GPUs. One key component is a ROCm specific
version of LLVM. This makes things tricky to distribute in normal
fashion since we need to include an extra version of LLVM that do not
collide with the rest of the system. The solution by AMD has been to
put the entire stack in /opt/rocm.
AMD has also released a specific build of the stack called AOMP. The
focus is on OpenMP but it also includes support for OpenCL, HIP, CUDA
and Fortran. This is normally installed in /usr/lib/aomp-%{version}.
AOMP also includes build scripts for building the entire stack which is
very helpful.
What I've done is to create an AOMP package for Tumbleweed which is
available at [1]. It tries to mimic what AMD has done for the package
they provide for SLE15-SP1. I'm no expert on packaging so there's
probably improvents to be made.
Is this something that can be included in Tumbleweed? I know the
optimal solution would be to have all the ROCm specific parts
upstreamed and included in the official LLVM package and then provide
seperate packages with normal installation paths. Unfortunately we're
not there yet and this would be a stop-gap solution until then.
Any comments are welcome
Thanks
Patrik Jakobsson
[1] https://build.opensuse.org/package/show/science:GPU:ROCm/aomp
8
16
Dear Tumbleweed users and hackers,
This week seemed rather calm except for a minor glitch with the Linux
kernel 5.11.16, which, due to a build failure, was out of sync between
the various kernel sub-packages for one snapshot. The pace of the
snapshots was averaged at 5 snapshots (0423, 0425, 0426, 0427, and
0428).
The changes included things like:
* Linux kernel 5.11.16 & 5.12.0
* KDE Gear 21.04.0 (formerly KDE Applications)
* Mozilla Firefox 88.0
* NetworkManager 1.30.4
* Virtualbox 6.1.20: some services were renamed; e.g.
vboxautostart.service” is replaced by “vboxautostart-service.service
The plan for the upcoming snapshots currently includes:
* TeXLive 2021
* Move openmpi default from openmpi2 to openmpi4
* GNOME 40.1
* icu 69.1: for the ring packages, nodejs15 seems to be the last
blocker
* Switch from go 1.15 to go 1.16: most packages fixed, the last
failure in Staging:M is cilium
* GCC 11 as default compiler: Move from special-purpose Staging:Gcc7
to Staging:O (incl. openQA test coverage). There are a few more build
failures to be addressed.
* UsrMerge: The current state is that we checked in all changes and
are planning on actually doing the switch somewhen in the not too far
future, likely together with the planned distro-rebuild for GCC 11
Cheers,
Dominique
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
clazy
dnsmasq (2.83 -> 2.85)
file (5.39 -> 5.40)
hivex
kernel-source (5.11.16 -> 5.12.0)
krb5
monitoring-plugins (2.3~alpha.20200520T233014.cadac85e -> 2.3.1)
openSUSE-build-key
poppler
poppler-qt5
rpm
scout (0.2.4+20210325.6c2d9f3 -> 0.2.5+20210424.3bff388)
strace (5.11 -> 5.12)
tiff (4.2.0 -> 4.3.0)
vim (8.2.2725 -> 8.2.2800)
virtualbox (6.1.18 -> 6.1.20)
virtualbox-kmp (6.1.18_k5.11.16_1 -> 6.1.20_k5.12.0_1)
xdg-utils
=== Details ===
==== clazy ====
- Make sure C++17 support is available for Leap builds.
==== dnsmasq ====
Version update (2.83 -> 2.85)
- Update to 2.85:
* Fix problem with DNS retries in 2.83/2.84.
* Tweak sort order of tags in get-version.
* Avoid treating a --dhcp-host which has an IPv6 address as
eligible for use with DHCPv4 on the grounds that it has
no address, and vice-versa.
* Add --dynamic-host option: A and AAAA records which take their
network part from the network of a local interface. Useful
for routers with dynamically prefixes.
* Teach --bogus-nxdomain and --ignore-address to take an IPv4
subnet.
* CVE-2021-3448, bsc#1183709: Use random source ports where
possible if source addresses/interfaces in use.
* Change the method of allocation of random source ports for DNS.
* Scale the size of the DNS random-port pool based on the
value of the --dns-forward-max configuration.
* Tweak TFTP code to check sender of all received packets, as
specified in RFC 1350 para 4.
- update to 2.84:
* Change HAVE_NETTLEHASH compile-time to HAVE_CRYPTOHASH
* Tidy initialisation in hash_questions.c
* Optimise sort_rrset for the case where the RR type
* Move fd into frec_src
==== file ====
Version update (5.39 -> 5.40)
Subpackages: file-magic libmagic1
- Add patch file-5.40-ascii.patch
* fix regressions on dection of smaller ASCII files (boo#1184899)
- Add upstream comitts as patches
* file-5.40-9b0459af.patch
put attributes inside the xz magic. (boo#1184888, boo#1184891)
* file-5.40-749e1ecf.patch
If the file is less than 3 bytes, use the file length to determine type
* file-5.40-f0601504.patch
Fix regression after unsigned/signed printing changes
* file-5.40-f7705dca.patch
fix previous (cast >>)
* file-5.40-3096f87f.patch
Correct return values to exptexted
* file-5.40-4c5fe1ad.patch
Add missing parens
- Port patch
* file-5.28-btrfs-image.dif
due patch file-5.40-f0601504.patch
- Add upstream commits as patches
* file-5.40-1c677c04.patch
Don't count each byte encounter as 1, count the total number
of bytes found (Anatol Belski). This makes it behave like 5.39
* file-5.40-6b34436a.patch
remove "u" from the pattern (Joerg Jenderek)
* file-5.40-9e2becec.patch
Encoding bug fix
- Fix offsets of patches
* file-5.17-option.dif
* file-5.19-biorad.dif
* file-5.19-printf.dif
* file-5.19-zip2.0.dif
* file-5.22-elf.dif
* file-5.23-endian.patch
* file-5.28-btrfs-image.dif
* file-5.38-allow-readlinkat.dif
* file-secure_getenv.patch
- update to 5.40:
* Add limit to the number of bytes to scan for encoding
* Fix /T (trim flag) for regex
* Trim trailing separator.
* Convert system read errors from corrupt ELF
files into human readable error messages
* Exclude surrogate pairs from utf-8 detection
- drop upstreamed patches:
* file-5.16-ocloexec.patch
* file-5.39-alternate_format.dif
==== hivex ====
Subpackages: libhivex0 perl-Win-Hivex
- Remove ocaml_native_compiler conditional
build native target unconditionally
==== kernel-source ====
Version update (5.11.16 -> 5.12.0)
Subpackages: kernel-default kernel-docs
- Update to 5.12 final
- refresh configs (headers only)
- commit 9683115
- rpm/kernel-binary.spec.in: Require new enough pahole.
pahole 1.21 is required for building line-next BTF
- commit 8df1aaa
- rpm/macros.kernel-source: fix KMP failure in %install (bsc#1185244)
- commit 52805ed
==== krb5 ====
Subpackages: krb5-32bit krb5-client
- Use /run instead of /var/run for daemon PID files; (bsc#1185163);
==== monitoring-plugins ====
Version update (2.3~alpha.20200520T233014.cadac85e -> 2.3.1)
Subpackages: monitoring-plugins-breeze monitoring-plugins-by_ssh monitoring-plugins-cluster monitoring-plugins-common monitoring-plugins-cups monitoring-plugins-dhcp monitoring-plugins-dig monitoring-plugins-disk monitoring-plugins-disk_smb monitoring-plugins-dns monitoring-plugins-dummy monitoring-plugins-file_age monitoring-plugins-flexlm monitoring-plugins-http monitoring-plugins-icmp monitoring-plugins-ide_smart monitoring-plugins-ifoperstatus monitoring-plugins-ifstatus monitoring-plugins-ircd monitoring-plugins-load monitoring-plugins-log monitoring-plugins-mailq monitoring-plugins-mrtg monitoring-plugins-mrtgtraf monitoring-plugins-nagios monitoring-plugins-nt monitoring-plugins-ntp_peer monitoring-plugins-ntp_time monitoring-plugins-nwstat monitoring-plugins-oracle monitoring-plugins-overcr monitoring-plugins-ping monitoring-plugins-procs monitoring-plugins-real monitoring-plugins-rpc monitoring-plugins-sensors monitoring-plugins-smtp monitoring-plugins-ssh monitoring-plugins
-swap monitoring-plugins-tcp monitoring-plugins-time monitoring-plugins-ups monitoring-plugins-users monitoring-plugins-wave
- Update to 2.3.1:
Enhancements
* check_curl: Add an option to verify the peer certificate & host using the system CA's
Fixes
* check_icmp: fix simple typo, conspicuosly -> conspicuously
* check_curl: fixed help, usage and errors for TLS 1.3
* check_curl: fixed a potential buffer overflow in url buffer
* check_dns: split multiple IP addresses passed in one -a argument
* check_curl: added string_statuscode function for printing HTTP/1.1 and HTTP/2 correctly
* check_curl: fix crash if http header contains leading spaces
* check_curl: display a specific human-readable error message where possible
* check_pgsql: Using snprintf which honors the buffers size and guarantees null termination.
* check_snmp: put the "c" (to mark a counter) after the perfdata value
* check_http: Increase regexp limit
* check_http: make -C obvious
* check_curl: Increase regexp limit (to 1024 as in check_http)
* check_curl: make -C obvious (from check_http)
- refreshed patches:
+ monitoring-plugins-1.4.6-no_chown.patch
+ monitoring-plugins-2.1.1-check_logfile.patch
+ monitoring-plugins-2.2-mariadb_102_build_fix.patch
+ monitoring-plugins-2.3-check_ntp_perf_absolute.patch
+ monitoring-plugins-too_few_arguments_for_check_disk.patch
+ monitoring-plugins-wrong_return_in_check_swap.patch
+ monitoring-plugins.check_hpjd.c-64bit-portability-issue.patch
+ monitoring-plugins.check_snmp.arrayaddress.patch
- add sha1 checksum file as source
- Update to 2.3 (final):
Enhancements
* check_dns: allow 'expected address' (-a) to be specified in CIDR notation (IPv4 only).
* check_dns: allow for IPv6 RDNS
* check_dns: Accept CIDR
* check_dns: allow unsorted addresses
* check_dns: allow forcing complete match of all addresses
* check_apt: add --only-critical switch
* check_apt: add -l/--list option to print packages
* check_file_age: add range checking
* check_file_age: enable to test for maximum file size
* check_apt: adding packages-warning option
* check_load: Adding top consuming processes option
* check_http: Adding Proxy-Authorization and extra headers
* check_snmp: make calcualtion of timeout value in help output more clear
* check_uptime: new plugin for checking uptime to see how long the system is running
* check_curl: check_http replacement based on libcurl
* check_http: Allow user to specify HTTP method after proxy CONNECT
* check_http: Add new flag --show-body/-B to print body
* check_cluster: Added data argument validation
* check_icmp: Add IPv6 support
* check_icmp: Automatically detect IP protocol
* check_icmp: emit error if multiple protocol version
* check_disk: add support to display inodes usage in perfdata
* check_hpjd: Added -D option to disable warning on 'out of paper'
* check_http: support the --show-body/-B flag when --expect is used
* check_mysql: allow mariadbclient to be used
* check_tcp: add --sni
* check_dns: detect unreachable dns service in nslookup output
Fixes
* Fix regression where check_dhcp was rereading response in a tight loop
* check_dns: fix error detection on sles nslookup
* check_disk_smb: fix timeout issue
* check_swap: repaired -n behaviour
* check_icmp: Correctly set address_family on lookup
* check_icmp: Do not overwrite -4,-6 on lookup
* check_smtp: initializes n before it is used
* check_dns: fix typo in parameter description
* check_by_ssh: fix child process leak on timeouts
* check_mysql: Allow sockets to be specified to -H
* check_procs: improve command examples for 'at least' processes
* check_disk: include -P switch in help
* check_mailq: restore accidentially removed options
==== openSUSE-build-key ====
- fixed s390x key install (bsc#1185245)
==== poppler ====
Subpackages: libpoppler-cpp0 libpoppler-glib8 libpoppler109 poppler-tools
- Add Export-SplashFont-symbols-used-by-Scribus.patch to fix
scribus' PDF import plugin
==== poppler-qt5 ====
- Add Export-SplashFont-symbols-used-by-Scribus.patch to fix
scribus' PDF import plugin
==== rpm ====
Subpackages: librpmbuild9
- Use --dwz-single-file-mode for packages that use
baselibs.conf mechanism.
- Add add-dwz-single-file-mode-option.patch patch.
==== scout ====
Version update (0.2.4+20210325.6c2d9f3 -> 0.2.5+20210424.3bff388)
- Update to version 0.2.5+20210424.3bff388:
* Work with newer python3-rpm
==== strace ====
Version update (5.11 -> 5.12)
- Update to strace 5.12
* Improvements
* Implemented --secontext[=full] option to display SELinux contexts.
* Implemented decoding of mount_setattr syscall introduced in Linux 5.12.
* Updated decoding of IFLA_BRPORT_* netlink attributes to match Linux 5.12.
* Updated lists of DEVCONF_*, IORING_*, KVM_*, MPOL_*, MTD_*, NFT_MSG_*,
RESOLVE_*, RTM_*, ST_*, and V4L2_* constants.
* Updated lists of ioctl commands from Linux 5.12.
- strace-readelf-debug-dump-info-wide-output-changes-in-2.36.patch: removed
==== tiff ====
Version update (4.2.0 -> 4.3.0)
Subpackages: libtiff5 libtiff5-32bit
- version update to 4.3.0
* Build and usage of the library and its utilities requires a C99
capable compiler.
* New optional codec for the LERC (Limited Error Raster Compression)
compression scheme. To have it available, configure libtiff against
the SDK available at https://github.com/esri/lerc
* Removal of unused, or now useless due to C99 availability,
functions in port/
* tiffcmp: fix comparaison with pixels that are
fractional number of bytes
* tiff2ps: exit the loop in case of error
* tiff2pdf: check that tiff_datasize fits in a signed tsize_t
==== vim ====
Version update (8.2.2725 -> 8.2.2800)
Subpackages: gvim vim-data vim-data-common
- Updated to version 8.2.2800, fixes the following problems
* Vim9: message about compiling is wrong when using try/catch.
* Confusing error message with white space before comma in the arguments
of a function declaration.
* Function test fails.
* Special key names don't work if 'isident' is cleared.
* Vim9: wrong error message for referring to legacy script variable.
* Coverity complains about not restoring character.
* Prompt for s///c in Ex mode can be wrong.
* Detecting Lua version is not reliable.
* Vim9: cannot use legacy script-local var from :def function.
* Vim9: function reference found with prefix, not without.
* Vim9: for loop over string is a bit slow.
* Status line not updated when local 'statusline' option set.
* Extending a list with itself can give wrong result.
* Vim9: a lambda accepts too many arguments at the script level.
* Vim9: lambda with varargs doesn't work.
* Vim9: Partial call does not check right arguments.
* Vim9: when compiling a function fails it is cleared.
* Vim9: function state stuck when compiling with ":silent!".
* Vim9: no way to explicitly ignore an argument.
* Vim9: missing part of the argument change.
* Check for duplicate arguments does not work.
* Vim9: not always an error for too many function arguments.
* Vim9: memory leak when calling :def function fails.
* Vim9: test for error can be a bit flaky.
* Vim9: error for using underscore in nested function.
* Coverity warns for using NULL pointer.
* Vim9: cannot ignore an item in assignment unpack.
* :sleep! does not always hide the cursor.
* Vim9: no error for using a number in a condition.
* Vim9: blob index and slice not implemented yet.
* Vim9: blob tests for legacy and Vim9 script are separate.
* Vim9: wrong line number for autoload function with wrong name.
* Vim9: for loop infers type of loop variable.
* Vim9: no error for changing a for loop variable.
* Using "syn include" does not work properly.
* Vim9: function line truncated when compiling.
* Vim9: cannot use type in for loop unpack at script level.
* Memory leak when default function argument is allocated.
* Vim9: not all blob operations work.
* Test failure.
* Compiler warning for unused argument.
* Vim9: memory leak with blob range error.
* Modula-3 config files are not recognized.
* Vim9: type of loop variable is not used.
* Vim9: assignment not recognized if declaration was skipped.
* Problems when restoring 'runtimepath' from a session file.
* PSL filetype not recognized.
* Vim9: cannot import an existing name even when using "as".
* Vim9: wrong line number used for some commands.
* :mksession uses current value of 'splitbelow' and 'splitright' even though
"options" is not in 'sessionoptions'. (Maxim Kim)
* Vim9: blob operations not tested in all ways.
* Problem restoring 'packpath' in session.
* Memory access error in remove() for blob.
* Vim9: for loop over blob doesn't work.
* Add() silently skips when adding to null list or blob.
* Vim9: blob operations not fully tested.
* Duplicate code for setting byte in blob, blob test may fail.
* Vim9: cannot use \=expr in :substitute.
* Vim9: cannot redirect to local variable.
* Vim9: memory leak when using :s with expression.
* Raku is now the only name what once was called perl6.
* Vim9: using \=expr in :substitute does not handle jumps.
* filetype test fails
* Vim9: memory leak when using \=expr in :substitute.
* Vim9: :disas shows instructions for default args but no text.
* Linux users don't know how to get ncurses.
* Coverity warns for not using return value.
* Vim9: redir to variable does not accept an index.
* Search highlight disappears in the Visual area.
* Vim9: redir to variable with append does not accept an index.
* Vim9: type casts don't fully work at the script level.
* After a timer displays text a hit-enter prompt is given.
==== virtualbox ====
Version update (6.1.18 -> 6.1.20)
Subpackages: virtualbox-guest-tools virtualbox-guest-x11
- Version bump to (released April 20 2021 by Oracle)
This is a maintenance release. The following items were fixed and/or added:
VMM: Fixed extremely poor VM performance depending on the timing of various actions (regression in 6.1.0)
VMM: Fixed guest OS hanging under certain circumstances when Hyper-V is present (bug #20141)
VMM: Fixed Guru Meditation error when using a nested hypervisor under certain circumstances (bug #20175)
VMM: Fixed a SMAP related host panic affecting Solaris 11.4 systems with Intel Haswell CPUs or later (bug #16068)
OCI: Add cloud-init support for export to OCI and for OCI instance creation
GUI: Fixed "Delete all files" leaving behind Logs/VBoxUI.log (bug #20235)
Audio: Multiple fixes and enhancements
Audio: Fixed detection of duplex audio devices on macOS (5.0 regression; bug #20171)
Network: Fixed link status reporting for "not attached" adapters
Network: Fixed connectivity issues with e1000 in OS/2 guests (6.1.18 regression; bug #20148)
Network: Fixed VxWorks e1000 driver compatibility issue (bug #20182)
Network: Fixed GUI checks for port forwarding rules rejecting IPv6 with "Nat Network" (bug #14847)
DHCP: Don't crash in the presence of fixed address assignments (bug #20128)
Serial: Fixed possible VM hang when using the a serial port in disconnected mode (bug #19854)
Webcam: Fixed interoperability with v4l2loopback and fixed a crash under certain circumstances (bug #20176)
NVMe: Fixed sporadic Windows VM hang or reboot on high CPU load
VBoxManage: Allow changing network adapter attachment of a saved VM with "modifyvm"
vboximg-mount: Fix for argument processing to honor the '--root' option (6.0 regression; bug #20073)
Linux host and guest: Support kernel versions 5.11 (bug #20198) and 5.12
Linux host: Maximum MTU size increased to 16110 for host-only adapters on Linux kernels 4.10+ (bug #19122)
Linux Guest Additions: Fix vboxvideo module compilation for kernel version 5.10.x
Linux Guest Additions: Fixed kernel module build for RHEL 8.4 beta and CentOS Stream (bug #20289)
File "fixes-for-5.11.patch" is deleted. The issue is fixed upstream.
File "vboxautostart.sh" is replaced by "vboxautostart-service.sh"
File "vboxautostart.service" is replaced by "vboxautostart-service.service"
Fixes boo#1183329 "virtualbox 6.1.18 crashes when it runs nested VM"
Fixes boo#1183125 "Leap 15.3 installation in Virtualbox without VBox integration"
Fixes CVE-2021-2264 and boo#1184542. The directory for the <user>.start files for
autostarting VMs is moved from /etc/vbox to /etc/vbox/autostart.d. In addition, the autostart
service is hardened (by Oracle).
File "virtualbox-kmp-files-leap" is deleted.
- Use distconfdir for xinitrc.d files on TW
- Version bump to (released April 20 2021 by Oracle)
This is a maintenance release. The following items were fixed and/or added:
VMM: Fixed extremely poor VM performance depending on the timing of various actions (regression in 6.1.0)
VMM: Fixed guest OS hanging under certain circumstances when Hyper-V is present (bug #20141)
VMM: Fixed Guru Meditation error when using a nested hypervisor under certain circumstances (bug #20175)
VMM: Fixed a SMAP related host panic affecting Solaris 11.4 systems with Intel Haswell CPUs or later (bug #16068)
OCI: Add cloud-init support for export to OCI and for OCI instance creation
GUI: Fixed "Delete all files" leaving behind Logs/VBoxUI.log (bug #20235)
Audio: Multiple fixes and enhancements
Audio: Fixed detection of duplex audio devices on macOS (5.0 regression; bug #20171)
Network: Fixed link status reporting for "not attached" adapters
Network: Fixed connectivity issues with e1000 in OS/2 guests (6.1.18 regression; bug #20148)
Network: Fixed VxWorks e1000 driver compatibility issue (bug #20182)
Network: Fixed GUI checks for port forwarding rules rejecting IPv6 with "Nat Network" (bug #14847)
DHCP: Don't crash in the presence of fixed address assignments (bug #20128)
Serial: Fixed possible VM hang when using the a serial port in disconnected mode (bug #19854)
Webcam: Fixed interoperability with v4l2loopback and fixed a crash under certain circumstances (bug #20176)
NVMe: Fixed sporadic Windows VM hang or reboot on high CPU load
VBoxManage: Allow changing network adapter attachment of a saved VM with "modifyvm"
vboximg-mount: Fix for argument processing to honor the '--root' option (6.0 regression; bug #20073)
Linux host and guest: Support kernel versions 5.11 (bug #20198) and 5.12
Linux host: Maximum MTU size increased to 16110 for host-only adapters on Linux kernels 4.10+ (bug #19122)
Linux Guest Additions: Fix vboxvideo module compilation for kernel version 5.10.x
Linux Guest Additions: Fixed kernel module build for RHEL 8.4 beta and CentOS Stream (bug #20289)
File "fixes-for-5.11.patch" is deleted. The issue is fixed upstream.
File "vboxautostart.sh" is replaced by "vboxautostart-service.sh"
File "vboxautostart.service" is replaced by "vboxautostart-service.service"
Fixes boo#1183329 "virtualbox 6.1.18 crashes when it runs nested VM"
Fixes boo#1183125 "Leap 15.3 installation in Virtualbox without VBox integration"
Fixes CVE-2021-2264 and boo#1184542. The directory for the <user>.start files for
autostarting VMs is moved from /etc/vbox to /etc/vbox/autostart.d. In addition, the autostart
service is hardened (by Oracle).
- Improve autostart security boo#1182918.
==== virtualbox-kmp ====
Version update (6.1.18_k5.11.16_1 -> 6.1.20_k5.12.0_1)
- Version bump to (released April 20 2021 by Oracle)
This is a maintenance release. The following items were fixed and/or added:
VMM: Fixed extremely poor VM performance depending on the timing of various actions (regression in 6.1.0)
VMM: Fixed guest OS hanging under certain circumstances when Hyper-V is present (bug #20141)
VMM: Fixed Guru Meditation error when using a nested hypervisor under certain circumstances (bug #20175)
VMM: Fixed a SMAP related host panic affecting Solaris 11.4 systems with Intel Haswell CPUs or later (bug #16068)
OCI: Add cloud-init support for export to OCI and for OCI instance creation
GUI: Fixed "Delete all files" leaving behind Logs/VBoxUI.log (bug #20235)
Audio: Multiple fixes and enhancements
Audio: Fixed detection of duplex audio devices on macOS (5.0 regression; bug #20171)
Network: Fixed link status reporting for "not attached" adapters
Network: Fixed connectivity issues with e1000 in OS/2 guests (6.1.18 regression; bug #20148)
Network: Fixed VxWorks e1000 driver compatibility issue (bug #20182)
Network: Fixed GUI checks for port forwarding rules rejecting IPv6 with "Nat Network" (bug #14847)
DHCP: Don't crash in the presence of fixed address assignments (bug #20128)
Serial: Fixed possible VM hang when using the a serial port in disconnected mode (bug #19854)
Webcam: Fixed interoperability with v4l2loopback and fixed a crash under certain circumstances (bug #20176)
NVMe: Fixed sporadic Windows VM hang or reboot on high CPU load
VBoxManage: Allow changing network adapter attachment of a saved VM with "modifyvm"
vboximg-mount: Fix for argument processing to honor the '--root' option (6.0 regression; bug #20073)
Linux host and guest: Support kernel versions 5.11 (bug #20198) and 5.12
Linux host: Maximum MTU size increased to 16110 for host-only adapters on Linux kernels 4.10+ (bug #19122)
Linux Guest Additions: Fix vboxvideo module compilation for kernel version 5.10.x
Linux Guest Additions: Fixed kernel module build for RHEL 8.4 beta and CentOS Stream (bug #20289)
File "fixes-for-5.11.patch" is deleted. The issue is fixed upstream.
File "vboxautostart.sh" is replaced by "vboxautostart-service.sh"
File "vboxautostart.service" is replaced by "vboxautostart-service.service"
Fixes boo#1183329 "virtualbox 6.1.18 crashes when it runs nested VM"
Fixes boo#1183125 "Leap 15.3 installation in Virtualbox without VBox integration"
Fixes CVE-2021-2264 and boo#1184542. The directory for the <user>.start files for
autostarting VMs is moved from /etc/vbox to /etc/vbox/autostart.d. In addition, the autostart
service is hardened (by Oracle).
File "virtualbox-kmp-files-leap" is deleted.
- Use distconfdir for xinitrc.d files on TW
- Version bump to (released April 20 2021 by Oracle)
This is a maintenance release. The following items were fixed and/or added:
VMM: Fixed extremely poor VM performance depending on the timing of various actions (regression in 6.1.0)
VMM: Fixed guest OS hanging under certain circumstances when Hyper-V is present (bug #20141)
VMM: Fixed Guru Meditation error when using a nested hypervisor under certain circumstances (bug #20175)
VMM: Fixed a SMAP related host panic affecting Solaris 11.4 systems with Intel Haswell CPUs or later (bug #16068)
OCI: Add cloud-init support for export to OCI and for OCI instance creation
GUI: Fixed "Delete all files" leaving behind Logs/VBoxUI.log (bug #20235)
Audio: Multiple fixes and enhancements
Audio: Fixed detection of duplex audio devices on macOS (5.0 regression; bug #20171)
Network: Fixed link status reporting for "not attached" adapters
Network: Fixed connectivity issues with e1000 in OS/2 guests (6.1.18 regression; bug #20148)
Network: Fixed VxWorks e1000 driver compatibility issue (bug #20182)
Network: Fixed GUI checks for port forwarding rules rejecting IPv6 with "Nat Network" (bug #14847)
DHCP: Don't crash in the presence of fixed address assignments (bug #20128)
Serial: Fixed possible VM hang when using the a serial port in disconnected mode (bug #19854)
Webcam: Fixed interoperability with v4l2loopback and fixed a crash under certain circumstances (bug #20176)
NVMe: Fixed sporadic Windows VM hang or reboot on high CPU load
VBoxManage: Allow changing network adapter attachment of a saved VM with "modifyvm"
vboximg-mount: Fix for argument processing to honor the '--root' option (6.0 regression; bug #20073)
Linux host and guest: Support kernel versions 5.11 (bug #20198) and 5.12
Linux host: Maximum MTU size increased to 16110 for host-only adapters on Linux kernels 4.10+ (bug #19122)
Linux Guest Additions: Fix vboxvideo module compilation for kernel version 5.10.x
Linux Guest Additions: Fixed kernel module build for RHEL 8.4 beta and CentOS Stream (bug #20289)
File "fixes-for-5.11.patch" is deleted. The issue is fixed upstream.
File "vboxautostart.sh" is replaced by "vboxautostart-service.sh"
File "vboxautostart.service" is replaced by "vboxautostart-service.service"
Fixes boo#1183329 "virtualbox 6.1.18 crashes when it runs nested VM"
Fixes boo#1183125 "Leap 15.3 installation in Virtualbox without VBox integration"
Fixes CVE-2021-2264 and boo#1184542. The directory for the <user>.start files for
autostarting VMs is moved from /etc/vbox to /etc/vbox/autostart.d. In addition, the autostart
service is hardened (by Oracle).
- Improve autostart security boo#1182918.
==== xdg-utils ====
- Add support-deepin-desktop.patch
1
0
4
4
29 Apr '21
Hi,
last month's status:
https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/…
Last months' reproducible builds project updates (including my work):
https://reproducible-builds.org/reports/2021-03/
I uploaded https://rb.zq1.de/compare.factory-20210428/ today
and rbstats are:
total-packages: 13955 (+87)
build-tried: 13945 (+86)
build-failed: 63 (+28)
build-n-a: 173 (+20)
build-succeeded: 13709 (+38)
build-official-failed+na: 262 (-80)
build-compare-failed: 366 (-57)
build-compare-succeeded: 13343 (+95)
verify-failed: 495 (+2)
verified-semi-reproducible: 12960 (+72)
bit-by-bit-identical: 13191 (+72)
not-bit-by-bit-identical: 535 (-17)
not-bit-by-bit-identicalcheck: 518 (-34)
https://rb.zq1.de/compare.factory-20210428/graph.png
shows the change over time
https://rb.zq1.de/compare.factory-20210428/unreproduciblerings.txt
lists very unreproducible core packages (bootstrap+DVD)
Of the badly unreproducible packages,
3 were in ring0
45 were in ring1
That makes it 48/3247 => 1.48 %
which is below the overall average of
366/13709 => 2.67 %
535/13709 => 3.90 % of packages are not perfectly reproducible
This month I only did some easy patches as I have been more busy with
reproducibility of 15.3 and sysadmin work at SUSE.
On the list of unreproducible DVD packages,
fltk is unreproducible again from doxygen ASLR - maybe a regression on
https://github.com/doxygen/doxygen/issues/7474
qemu is there again with some ordering issues in its binaries
and there are still dozens of packages suffering from xmvn
https://bugzilla.opensuse.org/show_bug.cgi?id=1162112 and mono toolchain
issues https://bugzilla.opensuse.org/show_bug.cgi?id=1141502
Would be nice if someone could help there.
In general, I still see a lot of python. Not only because .pyc files are
not designed for determinism, but also because python is one of the few
languages where glob("*") is non-deterministic. And people use
os.listdir and os.walk too.
At least there was some progress in upstream java with
https://github.com/openjdk/jfx/pull/446 though it is not merged yet.
Ciao
Bernhard M.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
alsa-utils
apache-commons-logging
b43-fwcutter
cifs-utils
crash
curl (7.76.0 -> 7.76.1)
intel-vaapi-driver
less (563 -> 581)
librdkafka (1.5.3 -> 1.6.1)
os-prober (1.77 -> 1.78)
python-cryptography
python-importlib-metadata (3.7.0 -> 3.7.2)
shim-leap (15+git47 -> 15.4)
sssd
usbmuxd
vhba-kmp (20200106_k5.11.16_1 -> 20210418_k5.11.16_1)
=== Details ===
==== alsa-utils ====
- Suppress automatic update of alsa-info.sh (bsc#1185280):
alsa-info-no-update-for-distro-script.patch
==== apache-commons-logging ====
- Added patch
* no-tests.patch
+ ignore failing tests for arm6
==== b43-fwcutter ====
- Fixed SPEC file: Replace broken URL with current upstream
==== cifs-utils ====
- cifs.upcall: fix regression in kerberos mount; (bsc#1184815).
* add 0001-cifs.upcall-fix-regression-in-kerberos-mount.patch
- CVE-2021-20208: cifs-utils: cifs.upcall kerberos auth leak in
container; (bsc#1183239); CVE-2021-20208.
* add 0001-cifs.upcall-try-to-use-container-ipc-uts-net-pid-mnt.patch
==== crash ====
- Fix bt command with SEV-ES (bsc#1185209)
+ crash-x86_64-VC-exception-stack-support.patch
==== curl ====
Version update (7.76.0 -> 7.76.1)
Subpackages: libcurl4
- update to 7.76.1:
- ngtcp2: Use ALPN h3-29 for now
- TODO: remove 18.22 --fail-with-body
==== intel-vaapi-driver ====
- replaced tarball with official release tarball so it matches
the updated official sha1sum checksum file
- fixed wrong source lines in specfile
- fixed sha1sum checksum file
==== less ====
Version update (563 -> 581)
- less 581:
* Change ESC-u command to toggle, not disable, highlighting per
man page
* Add ESC-U command
* Add ctrl-W search modifier for wrapping search
* F command can be interrupted by ^X
* Support OSC 8 hyperlinks when -R is in effect
* g command with no number will ignore -j and put first line at
top of screen
* Multiple + or -p command line options are handled better
* Add the --incsearch option
* Add the --line-num-width option
* Add the --status-col-width option
* Add the --use-color and --color options
* Display -w highlight even if highlighted line is empty
* If search result is in a long line, scroll to ensure it is
visible
* Editing the same file under different names now creates only
one entry in the file list.
* Make visual bell more visible on some terminals
* Ring end-of-file bell no more than once per second
* Build can use either Python or Perl for Makefile.aut operations
* Fix crash when using the @ search modifier.
* Fix crash in the 's' command due to duplicate free
- drop less-429-save_line_position.patch which was never accepted
upstream due to solving one problem and creating others
==== librdkafka ====
Version update (1.5.3 -> 1.6.1)
- update to 1.6.1:
* Fatal idempotent producer errors are now also fatal to the transactional
producer. This is a necessary step to maintain data integrity prior to
librdkafka supporting KIP-360. Applications should check any transactional
API errors for the is_fatal flag and decommission the transactional producer
if the flag is set.
* The consumer error raised by `auto.offset.reset=error` now has error-code
set to `ERR__AUTO_OFFSET_RESET` to allow an application to differentiate
between auto offset resets and other consumer errors.
* Admin API and transactional `send_offsets_to_transaction()` coordinator
requests, such as TxnOffsetCommitRequest, could in rare cases be sent
multiple times which could cause a crash.
* `ssl.ca.location=probe` is now enabled by default on Mac OSX since the
librdkafka-bundled OpenSSL might not have the same default CA search paths
as the system or brew installed OpenSSL. Probing scans all known locations.
* Fatal idempotent producer errors are now also fatal to the transactional
producer.
* The transactional producer could crash if the transaction failed while
`send_offsets_to_transaction()` was called.
* Group coordinator requests for transactional
`send_offsets_to_transaction()` calls would leak memory if the
underlying request was attempted to be sent after the transaction had
failed.
* When gradually producing to multiple partitions (resulting in multiple
underlying AddPartitionsToTxnRequests) sub-sequent partitions could get
stuck in pending state under certain conditions. These pending partitions
would not send queued messages to the broker and eventually trigger
message timeouts, failing the current transaction. This is now fixed.
* Committing an empty transaction (no messages were produced and no
offsets were sent) would previously raise a fatal error due to invalid state
on the transaction coordinator. We now allow empty/no-op transactions to
be committed.
* The consumer will now retry indefinitely (or until the assignment is changed)
to retrieve committed offsets. This fixes the issue where only two retries
were attempted when outstanding transactions were blocking OffsetFetch
requests with `ERR_UNSTABLE_OFFSET_COMMIT`. #3265
* [KIP-429 Incremental rebalancing](https://cwiki.apache.org/confluence/display/KAFKA/KIP-429%3A+K… with sticky
consumer group partition assignor (KIP-54) (by @mhowlett).
* [KIP-480 Sticky producer partitioning](https://cwiki.apache.org/confluence/display/KAFKA/KIP-480%3A+… (`sticky.partitioning.linger.ms`) -
achieves higher throughput and lower latency through sticky selection
of random partition (by @abbycriswell).
* AdminAPI: Add support for `DeleteRecords()`, `DeleteGroups()` and
`DeleteConsumerGroupOffsets()` (by @gridaphobe)
* [KIP-447 Producer scalability for exactly once semantics](https://cwiki.apache.org/confluence/display/KAFKA/KIP-447%3A+Pro… -
allows a single transactional producer to be used for multiple input
partitions. Requires Apache Kafka 2.5 or later.
* Transactional producer fixes and improvements, see **Transactional Producer fixes** below.
* The [librdkafka.redist](https://www.nuget.org/packages/librdkafka.redist/)
NuGet package now supports Linux ARM64/Aarch64.
* Sticky producer partitioning (`sticky.partitioning.linger.ms`) is
enabled by default (10 milliseconds) which affects the distribution of
randomly partitioned messages, where previously these messages would be
evenly distributed over the available partitions they are now partitioned
to a single partition for the duration of the sticky time
(10 milliseconds by default) before a new random sticky partition
is selected.
* The new KIP-447 transactional producer scalability guarantees are only
supported on Apache Kafka 2.5 or later, on earlier releases you will
need to use one producer per input partition for EOS. This limitation
is not enforced by the producer or broker.
* Error handling for the transactional producer has been improved, see
the **Transactional Producer fixes** below for more information.
* KIP-107, KIP-204: AdminAPI: Added `DeleteRecords()` (by @gridaphobe).
* KIP-229: AdminAPI: Added `DeleteGroups()` (by @gridaphobe).
* KIP-496: AdminAPI: Added `DeleteConsumerGroupOffsets()`.
* KIP-464: AdminAPI: Added support for broker-side default partition count
and replication factor for `CreateTopics()`.
* Windows: Added `ssl.ca.certificate.stores` to specify a list of
Windows Certificate Stores to read CA certificates from, e.g.,
`CA,Root`. `Root` remains the default store.
* Use reentrant `rand_r()` on supporting platforms which decreases lock
contention (@azat).
* Added `assignor` debug context for troubleshooting consumer partition
assignments.
* Updated to OpenSSL v1.1.1i when building dependencies.
* Update bundled lz4 (used when `./configure --disable-lz4-ext`) to v1.9.3
which has vast performance improvements.
* Added `rd_kafka_conf_get_default_topic_conf()` to retrieve the
default topic configuration object from a global configuration object.
* Added `conf` debugging context to `debug` - shows set configuration
properties on client and topic instantiation. Sensitive properties
are redacted.
* Added `rd_kafka_queue_yield()` to cancel a blocking queue call.
* Will now log a warning when multiple ClusterIds are seen, which is an
indication that the client might be erroneously configured to connect to
multiple clusters which is not supported.
* Added `rd_kafka_seek_partitions()` to seek multiple partitions to
per-partition specific offsets.
* Fix a use-after-free crash when certain coordinator requests were retried.
* The C++ `oauthbearer_set_token()` function would call `free()` on
a `new`-created pointer, possibly leading to crashes or heap corruption (#3194)
* The consumer assignment and consumer group implementations have been
decoupled, simplified and made more strict and robust. This will sort out
a number of edge cases for the consumer where the behaviour was previously
undefined.
* Partition fetch state was not set to STOPPED if OffsetCommit failed.
* The session timeout is now enforced locally also when the coordinator
connection is down, which was not previously the case.
* Transaction commit or abort failures on the broker, such as when the
producer was fenced by a newer instance, were not propagated to the
application resulting in failed commits seeming successful.
This was a critical race condition for applications that had a delay after
producing messages (or sendings offsets) before committing or
aborting the transaction. This issue has now been fixed and test coverage
improved.
* The transactional producer API would return `RD_KAFKA_RESP_ERR__STATE`
when API calls were attempted after the transaction had failed, we now
try to return the error that caused the transaction to fail in the first
place, such as `RD_KAFKA_RESP_ERR__FENCED` when the producer has
been fenced, or `RD_KAFKA_RESP_ERR__TIMED_OUT` when the transaction
has timed out.
* Transactional producer retry count for transactional control protocol
requests has been increased from 3 to infinite, retriable errors
are now automatically retried by the producer until success or the
transaction timeout is exceeded. This fixes the case where
`rd_kafka_send_offsets_to_transaction()` would fail the current
transaction into an abortable state when `CONCURRENT_TRANSACTIONS` was
returned by the broker (which is a transient error) and the 3 retries
were exhausted.
* Calling `rd_kafka_topic_new()` with a topic config object with
`message.timeout.ms` set could sometimes adjust the global `linger.ms`
property (if not explicitly configured) which was not desired, this is now
fixed and the auto adjustment is only done based on the
`default_topic_conf` at producer creation.
* `rd_kafka_flush()` could previously return `RD_KAFKA_RESP_ERR__TIMED_OUT`
just as the timeout was reached if the messages had been flushed but
there were now no more messages. This has been fixed.
==== os-prober ====
Version update (1.77 -> 1.78)
- update to 1.78:
* Remove Christian Perrier from Uploaders, with many thanks for all
his contributions over the years! (Closes: #927552)
* Probe microsoft OS on arm64.
==== python-cryptography ====
- Remove unnecessary %ifpython3 construct
==== python-importlib-metadata ====
Version update (3.7.0 -> 3.7.2)
- update to 3.7.2:
* Cleaned up cruft in entry_points docstring.
* Internal refactoring to facilitate ``entry_points() -> dict``
deprecation.
==== shim-leap ====
Version update (15+git47 -> 15.4)
- Update to shim to 15.4-lp152.4.8.1 from openSUSE Leap 15.2 for
SBAT support (bsc#1182057)
+ Version: 15.4, "Wed Apr 21 05:46:19 UTC 2021"
+ Include the fixes for bsc#1177789, CVE-2019-14584, bsc#1177315,
bsc#1175509, bsc#1173411, bsc#1177404, bsc#1174512, bsc#1184454
- Add README to note why we need shim-leap for Tumbleweed
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-32bit sssd-krb5-common sssd-ldap
- Move sssctl command from sssd to sssd-tools package; (bsc#1184289);
- Add missing /var/lib/sss/pubconf/krb5.include.d directory (bsc#1184285).
- Make cifs-idmap plugin (cifs_idmap_sss.so) use update-alternatives
mechanism to be able to switch between cifs-utils and sssd;
(bsc#1182682).
==== usbmuxd ====
- Add usbmuxd-add-socket-option.patch: allow socket to be
specified via the command line. Backported from upstream.
- Add usbmuxd-add-pid-option.patch: allow the pid file to be
specified via the command line. Taken from upstream.
- Add usbmuxd-run-dir.patch: use /run, rather than /var/run, for
the socket and pid file (bsc#1185186).
==== vhba-kmp ====
Version update (20200106_k5.11.16_1 -> 20210418_k5.11.16_1)
- Update to release 20210418
* vhba: Change how command matching and tagging is performed.
* vhba: Use dynamic debugging for everything.
* vhba: Handle command queue locking ourselves.
1
0
28 Apr '21
Hello there,
For you information, I will retire from work this summer and so will
stop also my work for PowerPC on openSUSE.
IBM decided to not allocate a new resource as my replacement, so you
will be on your own to continue PowerPC support on openSUSE.
--
Michel Normand
2
2
Mesa has removed swrast
https://www.phoronix.com/scan.php?page=news_item&px=Mesa-Kills-SWRAST
Confused as how to update .spec to remove swrast with "if statements"
2
2
Hello openSUSE!
we're already past the deadline for openSUSE Leap 15.3 RC and SLE 15
SP3 RC submissions. We will accept only important bug fixes from now
on.
Approved maintenance requests for the SLE-15 maintenance stream might
still end on the media though due to the project inheritance (with
exception of SLE-15-SP3:Update).
Thank you very much for your contributions. This release surely was a
challenge for all of us due to the new way of building the openSUSE
Leap distribution.
Best regards
openSUSE Release team
3
3
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
container-selinux (2.158.0 -> 2.160.1)
dtc
grub2
java-11-openjdk (11.0.10.0 -> 11.0.11.0)
kernel-source (5.11.15 -> 5.11.16)
kexec-tools (2.0.20 -> 2.0.21)
kyotocabinet
libgcrypt (1.9.2 -> 1.9.3)
libupnp (1.14.5 -> 1.14.6)
lvm2
lvm2-device-mapper
ncompress (4.2.4.6 -> 5.0)
openvpn
perl-XML-LibXML (2.0206 -> 2.0207)
pipewire (0.3.25 -> 0.3.26)
python-M2Crypto
python-MarkupSafe
python-dulwich (0.20.15 -> 0.20.20)
python-pydot (1.4.1 -> 1.4.2)
python-pymongo (3.11.2 -> 3.11.3)
rubygem-nokogiri (1.11.2 -> 1.11.3)
suse-module-tools (15.4.0 -> 15.4.1)
tk
xf86-input-joystick
xf86-video-fbdev
xinit
yast2-trans (84.87.20210418.dfe53bf215 -> 84.87.20210425.616915ed60)
=== Details ===
==== container-selinux ====
Version update (2.158.0 -> 2.160.1)
- Fix container runtime binary labels (bsc#1185030). You need to
relable at least /usr/sbin if you're affected
==== dtc ====
- explicitly pass -pie in CFLAGS, since the build system explicitly passes
- fPIC, which breaks our gcc-PIE profile. This makes all packaged binaries
PIE-executables (bsc#1184122).
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen
- Fix obsolete syslog in systemd unit file and updating to use journal as
StandardOutput (bsc#1185149)
* grub2-once.service
==== java-11-openjdk ====
Version update (11.0.10.0 -> 11.0.11.0)
Subpackages: java-11-openjdk-headless
- Update to upstream tag jdk-11.0.11+9 (April 2021, CPU)
* Security fixes
+ JDK-8244473: Contextualize registration for JNDI
+ JDK-8244543: Enhanced handling of abstract classes
+ JDK-8249906, CVE-2021-2163, bsc#1185055: Enhance opening JARs
+ JDK-8250568, CVE-2021-2161, bsc#1185056: Less ambiguous
processing
+ JDK-8253799: Make lists of normal filenames
+ JDK-8257001: Improve Http Client Support
* Other changes
+ JDK-7107012: sun.jvm.hotspot.code.CompressedReadStream
readDouble() conversion to long mishandled
+ JDK-7146776: deadlock between URLStreamHandler.getHostAddress
and file.Handler.openconnection
+ JDK-8086003: Test fails on OSX with java.lang.RuntimeException
'Narrow klass base: 0x0000000000000000, Narrow klass shift: 3'
missing
+ JDK-8168869: jdeps: localized messages don't use proper line
breaks
+ JDK-8180837: SunPKCS11-NSS tests failing with
CKR_ATTRIBUTE_READ_ONLY and CKR_MECHANISM_PARAM_INVALID
+ JDK-8202343: Disable TLS 1.0 and 1.1
+ JDK-8205992: jhsdb cannot attach to Java processes running in
Docker containers
+ JDK-8209193: Fix aarch64-linux compilation after -Wreorder
changes
+ JDK-8210413: AArch64: Optimize div/rem by constant in C1
+ JDK-8210578: AArch64: Invalid encoding for fmlsvs instruction
+ JDK-8211051: jdeps usage of --dot-output doesn't provide
valid output for modular jar
+ JDK-8211057: Gensrc step CompileProperties generates unstable
CompilerProperties output
+ JDK-8211150: G1 Full GC not purging code root memory and
hence causing memory leak
+ JDK-8211825: ModuleLayer.defineModulesWithXXX does not setup
delegation when module reads automatic module
+ JDK-8212043: Add floating-point Math.min/max intrinsics
+ JDK-8212218: [TESTBUG] runtime/ErrorHandling/
/TestHeapDumpOnOutOfMemoryErrorInMetaspace.java timed out
+ JDK-8213116: javax/swing/JComboBox/WindowsComboBoxSize/
/WindowsComboBoxSizeTest.java fails in Windows
+ JDK-8213909: jdeps --print-module-deps should report missing
dependences
+ JDK-8214180: Need better granularity for sleeping
+ JDK-8214223: tools/jdeps/listdeps/ListModuleDeps.java failed
due to missing Lib2 file
+ JDK-8214230: Classes generated by SystemModulesPlugin.java
are not reproducable
+ JDK-8214741: docs/index.html has no title or copyright
+ JDK-8215687: [Graal] unit test CheckGraalIntrinsics failed
after 8212043
+ JDK-8217848: [Graal] vmTestbase/nsk/jvmti/ResourceExhausted/
/resexhausted003/TestDescription.java fails
+ JDK-8218482: sun/security/krb5/auto/ReplayCachePrecise.java
failed - no KrbException thrown
+ JDK-8218550: Add test omitted from JDK-8212043
+ JDK-8221584: SIGSEGV in os::PlatformEvent::unpark() in
JvmtiRawMonitor::raw_exit while posting method exit event
+ JDK-8221995: AARCH64: problems with CAS instructions encoding
+ JDK-8222518: Remove unnecessary caching of Parker object in
java.lang.Thread
+ JDK-8222785: aarch64: add necessary masking for immediate
shift counts
+ JDK-8223186: HotSpot compile warnings from GCC 9
+ JDK-8225773: jdeps --check produces NPE if there are missing
module dependences
+ JDK-8225805: Java Access Bridge does not close the logger
+ JDK-8226810: Failed to launch JVM because of
NullPointerException occured on System.props
+ JDK-8229396: jdeps ignores multi-release when
generate-module-info used on command line
+ JDK-8229474: Shenandoah: Cleanup CM::update_roots()
+ JDK-8232225: Rework the fix for JDK-8071483
+ JDK-8232905: JFR fails with assertion:
assert(t->unflushed_size() == 0) failed: invariant
+ JDK-8233164: C2 fails with assert(phase->C->get_alias_index(t)
== phase->C->get_alias_index(t_adr)) failed: correct memory
chain
+ JDK-8233910: java/awt/ColorClass/AlphaColorTest.java is
failing intermittently in nightly lnux-x64 system
+ JDK-8233912: aarch64: minor improvements of atomic operations
+ JDK-8234508: VM_HeapWalkOperation::iterate_over_object reads
non-strong fields with an on-strong load barrier
+ JDK-8234742: Improve handshake logging
+ JDK-8234796: Refactor Handshake::execute to take a more
complex type than ThreadClosure
+ JDK-8235324: Dying objects are published from users of
CollectedHeap::object_iterate
+ JDK-8235351: Lookup::unreflect should bind with the original
caller independent of Method's accessible flag
+ JDK-8237369: Shenandoah: failed vmTestbase/nsk/jvmti/
/AttachOnDemand/attach021/TestDescription.java test
+ JDK-8237392: Shenandoah: Remove unreliable assertion
+ JDK-8237483: AArch64 C1 OopMap inserted twice fatal error
+ JDK-8237495: Java MIDI fails with a dereferenced memory error
when asked to send a raw 0xF7
+ JDK-8239355: (dc) Initial value of SO_SNDBUF should allow
sending large datagrams (macOS)
+ JDK-8240353: AArch64: missing support for
- XX:+ExtendedDTraceProbes in C1
+ JDK-8240704: CheckHandles.java failed "AssertionError: Handle
use increased by more than 10 percent."
+ JDK-8240751: Shenandoah: fold ShenandoahTracer definition
+ JDK-8240795: [REDO] 8238384 CTW: C2 compilation fails with
"assert(store != load->find_exact_control(load->in(0)))
failed: dependence cycle found"
+ JDK-8241598: Upgrade JLine to 3.14.0
+ JDK-8241649: Optimize Character.toString
+ JDK-8241770: Module xxxAnnotation() methods throw NCDFE if
module-info.class found as resource in unnamed module
+ JDK-8241911: AArch64: Fix a potential register clash issue in
reduce_add2I
+ JDK-8242030: Wrong package declarations in jline classes after
JDK-8241598
+ JDK-8242565: Policy initialization issues when the denyAfter
constraint is enabled
+ JDK-8243618: compiler/rtm/cli tests can be run w/o WhiteBox
+ JDK-8243670: Unexpected test result caused by C2
MergeMemNode::Ideal
+ JDK-8244088: [Regression] Switch of Gnome theme ends up in
deadlocked UI
+ JDK-8244154: Update SunPKCS11 provider with PKCS11 v3.0 header
files
+ JDK-8244340: Handshake processing thread lacks yielding
+ JDK-8244573: java.lang.ArrayIndexOutOfBoundsException thrown
for malformed class file
+ JDK-8244683: A TSA server used by tests
+ JDK-8245005: javax/net/ssl/compatibility/BasicConnectTest.java
failed with No enum constant
+ JDK-8245026: PsAdaptiveSizePolicy::_old_gen_policy_is_ready is
unused
+ JDK-8245283: JFR: Can't handle constant dynamic used by Jacoco
agent
+ JDK-8245512: CRC32 optimization using AVX512 instructions
+ JDK-8245527: LDAP Channel Binding support for Java
GSS/Kerberos
+ JDK-8246707: (sc) SocketChannel.read/write throws
AsynchronousCloseException on closed channel
+ JDK-8246709: sun/security/tools/jarsigner/
/TsacertOptionTest.java compilation failed after JDK-8244683
+ JDK-8247200: assert((unsigned)fpargs < 32)
+ JDK-8247766: [aarch64] guarantee(val < (1U << nbits))
failed: Field too big for insn.
+ JDK-8248336: AArch64: C2: offset overflow in
BoxLockNode::emit
+ JDK-8248865: Document JNDI/LDAP timeout properties
+ JDK-8248901: Signed immediate support in
.../share/assembler.hpp is broken.
+ JDK-8249543: Force DirectBufferAllocTest to run with
- ExplicitGCInvokesConcurrent
+ JDK-8249588: libwindowsaccessbridge issues on 64bit Windows
+ JDK-8249749: modify a primitive array through a stream and a
for cycle causes jre crash
+ JDK-8249787: Make TestGCLocker more resilient with concurrent
GCs
+ JDK-8249867: xml declaration is not followed by a newline
+ JDK-8250911: [windows] os::pd_map_memory() error detection
broken
+ JDK-8251255: [linux] Add process-memory information to hs-err
and VM.info
+ JDK-8251359: Shenandoah: filter null oops before calling
enqueue/SATB barrier
+ JDK-8251925: C2: RenaissanceStressTest fails with
assert(!had_error): bad dominance
+ JDK-8251944: Add Shenandoah test config to
compiler/gcbarriers/UnsafeIntrinsicsTest.java
+ JDK-8251992: VM crashed running TestComplexAddrExpr.java test
with -XX:UseAVX=X
+ JDK-8253220: Epsilon: clean up unused code/declarations
+ JDK-8253274: The CycleDMImagetest brokes the system
+ JDK-8253353: Crash in C2: guarantee(n != NULL) failed: No Node
+ JDK-8253368: TLS connection always receives close_notify
exception
+ JDK-8253404: C2: assert(C->live_nodes() <=
C->max_node_limit()) failed: Live Node limit exceeded limit
+ JDK-8253409: Double-rounding possibility in float fma
+ JDK-8253476: TestUseContainerSupport.java fails on some Linux
kernels w/o swap limit capabilities
+ JDK-8253524: C2: Refactor code that clones predicates during
loop unswitching
+ JDK-8253644: C2: assert(skeleton_predicate_has_opaque(iff))
failed: unexpected
+ JDK-8253681: closed java/awt/dnd/MouseEventAfterStartDragTest/
/MouseEventAfterStartDragTest.html test failed
+ JDK-8253702: BigSur version number reported as 10.16, should
be 11.nn
+ JDK-8253756: C2 CompilerThread0 crash in Node::add_req(Node*)
+ JDK-8254104: MethodCounters must exist before nmethod is
installed
+ JDK-8254734: "dead loop detected" assert failure with patch
from 8223051
+ JDK-8254748: Bad Copyright header format after JDK-8212218
+ JDK-8254799: runtime/ErrorHandling/
/TestHeapDumpOnOutOfMemoryError.java fails with release VMs
+ JDK-8255058: C1: assert(is_virtual()) failed: type check
+ JDK-8255351: Add detection for Graviton 2 CPUs
+ JDK-8255368: Math.exp() gives wrong result for large values on
x86 32-bit platforms
+ JDK-8255387: Japanese characters were printed upside down on
AIX
+ JDK-8255401: Shenandoah: Allow oldval and newval registers to
overlap in cmpxchg_oop()
+ JDK-8255479: [aarch64] assert(src->section_index_of(target) ==
CodeBuffer::SECT_NONE) failed: sanity
+ JDK-8255544: Create a checked cast
+ JDK-8255559: Leak File Descriptors Because of
ResolverLocalFilesystem#engineResolveURI()
+ JDK-8255681: print callstack in error case in
runAWTLoopWithApp
+ JDK-8255734: VM should ignore SIGXFSZ on ppc64, s390 too
+ JDK-8255742: PrintInlining as compiler directive doesn't print
virtual calls
+ JDK-8255845: Memory leak in imageFile.cpp
+ JDK-8255880: UI of Swing components is not redrawn after their
internal state changed
+ JDK-8255908: ExceptionInInitializerError due to
UncheckedIOException while initializing cgroupv1 subsystem
+ JDK-8256025: AArch64: MachCallRuntimeNode::ret_addr_offset()
is incorrect for stub calls
+ JDK-8256056: Deoptimization stub doesn't save vector registers
on x86
+ JDK-8256061: RegisterSaver::save_live_registers() omits upper
halves of ZMM0-15 registers
+ JDK-8256187: [TEST_BUG] Automate bug4275046.java test
+ JDK-8256220: C1: x86_32 fails with -XX:UseSSE=1 after
JDK-8210764 due to mishandled lir_neg
+ JDK-8256258: some missing NULL checks or asserts after
CodeCache::find_blob_unsafe
+ JDK-8256264: Printed GlyphVector outline with low DPI has bad
quality on Windows
+ JDK-8256290: javac/lambda/T8031967.java fails with
StackOverflowError on x86_32
+ JDK-8256359: AArch64: runtime/ReservedStack/
/ReservedStackTestCompiler.java fails
+ JDK-8256387: Unexpected result if patching an entire
instruction on AArch64
+ JDK-8256421: Add 2 HARICA roots to cacerts truststore
+ JDK-8256488: [aarch64] Use ldpq/stpq instead of ld4/st4 for
small copies in StubGenerator::copy_memory
+ JDK-8256489: Make gtest for long path names on Windows more
resilient in the presence of virus scanners
+ JDK-8256501: libTestMainKeyWindow fails to build with Xcode
12.2
+ JDK-8256633: Fix product build on Windows+Arm64
+ JDK-8256682: JDK-8202343 is incomplete
+ JDK-8256751: Incremental rebuild with precompiled header fails
when touching a header file
+ JDK-8256757: Incorrect MachCallRuntimeNode::ret_addr_offset()
for CallLeafNoFP on x86_32
+ JDK-8256806: Shenandoah: optimize shenandoah/jni/
/TestPinnedGarbage.java test
+ JDK-8256807: C2: Not marking stores correctly as mismatched
in string opts
+ JDK-8256810: Incremental rebuild broken on Macosx
+ JDK-8256818: SSLSocket that is never bound or connected leaks
socket resources
+ JDK-8256888: Client manual test problem list update
+ JDK-8257083: Security infra test failures caused by
JDK-8202343
+ JDK-8257408: Bump update version for OpenJDK: jdk-11.0.11
+ JDK-8257423: [PPC64] Support -XX:-UseInlineCaches
+ JDK-8257436: [aarch64] Regressions in ArrayCopyUnalignedDst
.testByte/testChar for 65-78 bytes when UseSIMDForMemoryOps
is on
+ JDK-8257513: C2: assert((constant_addr -
_masm.code()->consts()->start()) == con.offset())
+ JDK-8257547: Handle multiple prereqs on the same line in deps
files
+ JDK-8257561: Some code is not vectorized after 8251925 and
8250607
+ JDK-8257565: epsilonBarrierSet.hpp should not include
barrierSetAssembler
+ JDK-8257575: C2: "failed: only phis" assert failure in loop
strip mining verification
+ JDK-8257594: C2 compiled checkcast of non-null object triggers
endless deoptimization/recompilation cycle
+ JDK-8257633: Missing -mmacosx-version-min=X flag when linking
libjvm
+ JDK-8257670: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java
reports leaks
+ JDK-8257707: Fix incorrect format string in Http1HeaderParser
+ JDK-8257746: Regression introduced with JDK-8250984 - memory
might be null in some machines
+ JDK-8257798: [PPC64] undefined reference to
Klass::vtable_start_offset()
+ JDK-8257884: Re-enable sun/security/ssl/SSLSocketImpl/
/SSLSocketLeak.java as automatic test
+ JDK-8257910: [JVMCI] Set exception_seen accordingly in the
runtime.
+ JDK-8257997: sun/security/ssl/SSLSocketImpl/SSLSocketLeak.java
again reports leaks after JDK-8257884
+ JDK-8257999: Parallel GC crash in gc/parallel/
/TestDynShrinkHeap.java: new region is not in covered_region
+ JDK-8258077: Using -Xcheck:jni can lead to a double-free after
JDK-8193234
+ JDK-8258247: Couple of issues in fix for JDK-8249906
+ JDK-8258373: Update the text handling in the JPasswordField
+ JDK-8258396: SIGILL in jdk.jfr.internal.PlatformRecorder
.rotateDisk()
+ JDK-8258419: RSA cipher buffer cleanup
+ JDK-8258471: "search codecache" clhsdb command does not work
+ JDK-8258534: Epsilon: clean up unused includes
+ JDK-8258805: Japanese characters not entered by mouse click
on Windows 10
+ JDK-8258833: Cancel multi-part cipher operations in SunPKCS11
after failures
+ JDK-8258836: JNI local refs exceed capacity
getDiagnosticCommandInfo
+ JDK-8258884: [TEST_BUG] Convert applet-based test
open/test/jdk/javax/swing/JMenuItem/8031573/bug8031573.java
to a regular java test
+ JDK-8259007: This test printed a blank page
+ JDK-8259048: (tz) Upgrade time-zone data to tzdata2020f
+ JDK-8259049: Uninitialized variable after JDK-8257513
+ JDK-8259231: Epsilon: improve performance under contention
during virtual space expansion
+ JDK-8259271: gc/parallel/TestDynShrinkHeap.java still fails
"assert(covered_region.contains(new_memregion)) failed: new
region is not in covered_region"
+ JDK-8259312: VerifyCACerts.java fails as soneraclass2ca cert
will expire in 90 days
+ JDK-8259319: Illegal package access when SunPKCS11 requires
SunJCE's classes
+ JDK-8259339: AllocateUninitializedArray C2 intrinsic fails
with void.class input
+ JDK-8259428: AlgorithmId.getEncodedParams() should return copy
+ JDK-8259446: runtime/jni/checked/
/TestCheckedReleaseArrayElements.java fails with stderr not
empty
+ JDK-8259451: Zero: skip serviceability/sa tests, set vm.hasSA
to false
+ JDK-8259580: Shenandoah: uninitialized label in
VerifyThreadGCState
+ JDK-8259619: C1: 3-arg StubAssembler::call_RT stack-use
condition is incorrect
+ JDK-8259633: compiler/graalunit/CoreTest.java fails with NPE
after JDK-8244543
+ JDK-8259706: C2 compilation fails with assert(vtable_index ==
Method::invalid_vtable_index) failed: correct sentinel value
+ JDK-8259707: LDAP channel binding does not work with StartTLS
extension
+ JDK-8259773: Incorrect encoding of AVX-512 kmovq instruction
+ JDK-8259849: Shenandoah: Rename store-val to IU-barrier
+ JDK-8259949: x86 32-bit build fails when -fcf-protection is
passed in the compiler flags
+ JDK-8259954: gc/shenandoah/mxbeans tests fail with -Xcomp
+ JDK-8260029: aarch64: fix typo in verify_oop_array
+ JDK-8260308: Update LogCompilation junit to 4.13.1
+ JDK-8260338: Some fields in HaltNode is not cloned
+ JDK-8260349: Cannot programmatically retrieve Metaspace max
set via JAVA_TOOL_OPTIONS
+ JDK-8260356: (tz) Upgrade time-zone data to tzdata2021a
+ JDK-8260378: [TESTBUG] DcmdMBeanTestCheckJni.java reports
false positive
+ JDK-8260497: Shenandoah: Improve SATB flushing
+ JDK-8260502: [s390] NativeMovRegMem::verify() fails because
it's too strict
+ JDK-8260632: Build failures after JDK-8253353
+ JDK-8260704: ParallelGC: oldgen expansion needs release-store
for _end
+ JDK-8261022: Fix incorrect result of Math.abs() with char type
+ JDK-8261089: [TESTBUG] native library of test
TestCheckedReleaseCriticalArray.java fails to compile with
gcc 4.x
+ JDK-8261183: Follow on to Make lists of normal filenames
+ JDK-8261209: isStandalone property: remove dependency on
pretty-print
+ JDK-8261231: Windows IME was disabled after DnD operation
+ JDK-8261251: Shenandoah: Use object size for full GC
humongous compaction
+ JDK-8261310: PPC64 Zero build fails with
'VMError::controlled_crash(int)::FunctionDescriptor
functionDescriptor' has incomplete type and cannot be defined
+ JDK-8261334: NMT: tuning statistic shows incorrect hash
distribution
+ JDK-8261413: Shenandoah: Disable class-unloading in I-U mode
+ JDK-8261522: [PPC64] AES intrinsics write beyond the
destination array
+ JDK-8261534: Test sun/security/pkcs11/KeyAgreement/
/IllegalPackageAccess.java fails on platforms where no nsslib
artifacts are defined
+ JDK-8261585: Restore HandleArea used in
Deoptimization::uncommon_trap
+ JDK-8261753: Test java/lang/System/OsVersionTest.java still
failing on BigSur patch versions after JDK-8253702
+ JDK-8261829: Exclude tools/jlink/JLinkReproducibleTest.java
in 11u
+ JDK-8261912: Code IfNode::fold_compares_helper more
defensively
+ JDK-8261920: [AIX] jshell command throws java.io.IOError on
non English locales
+ JDK-8262018: Wrong format in SAP copyright header of
OsVersionTest
+ JDK-8263069: Exclude some failing tests from
security/infra/java/security/cert/CertPathValidator
- moved mozilla-nss dependency to java-11-openjdk-headless package
This is necessary to be able to do crypto with just
java-11-openjdk-headless installed. Fixes boo#1184606
==== kernel-source ====
Version update (5.11.15 -> 5.11.16)
Subpackages: kernel-default kernel-docs
- Revert "rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514)"
This turned out to be a bad idea: the kernel-$flavor-devel package
must be usable without kernel-$flavor, e.g. at the build of a KMP.
And this change brought superfluous installation of kernel-preempt
when a system had kernel-syms (bsc#1185113).
- commit d771304
- rpm/check-for-config-changes: add AS_HAS_* to ignores
arch/arm64/Kconfig defines a lot of these. So far our current compilers
seem to support them all. But it can quickly change with SLE later.
- commit a4d8194
- Linux 5.11.16 (bsc#1012628).
- bpf: Move sanitize_val_alu out of op switch (bsc#1012628).
- bpf: Improve verifier error messages for users (bsc#1012628).
- bpf: Rework ptr_limit into alu_limit and add common error path
(bsc#1012628).
- ARM: 9071/1: uprobes: Don't hook on thumb instructions
(bsc#1012628).
- bpf: Move off_reg into sanitize_ptr_alu (bsc#1012628).
- bpf: Ensure off_reg has no mixed signed bounds for all types
(bsc#1012628).
- r8169: don't advertise pause in jumbo mode (bsc#1012628).
- r8169: tweak max read request size for newer chips also in
jumbo mtu mode (bsc#1012628).
- kasan: remove redundant config option (bsc#1012628).
- kasan: fix hwasan build for gcc (bsc#1012628).
- KVM: VMX: Don't use vcpu->run->internal.ndata as an array index
(bsc#1012628).
- KVM: VMX: Convert vcpu_vmx.exit_reason to a union (bsc#1012628).
- bpf: Use correct permission flag for mixed signed bounds
arithmetic (bsc#1012628).
- arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz
osc reference (bsc#1012628).
- arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
(bsc#1012628).
- ARM: OMAP2+: Fix uninitialized sr_inst (bsc#1012628).
- ARM: footbridge: fix PCI interrupt mapping (bsc#1012628).
- ARM: 9069/1: NOMMU: Fix conversion for_each_membock() to
for_each_mem_range() (bsc#1012628).
- ARM: 9063/1: mm: reduce maximum number of CPUs if
DEBUG_KMAP_LOCAL is enabled (bsc#1012628).
- ARM: OMAP2+: Fix warning for omap_init_time_of() (bsc#1012628).
- gro: ensure frag0 meets IP header alignment (bsc#1012628).
- ch_ktls: do not send snd_una update to TCB in middle
(bsc#1012628).
- ch_ktls: tcb close causes tls connection failure (bsc#1012628).
- ch_ktls: fix device connection close (bsc#1012628).
- ch_ktls: Fix kernel panic (bsc#1012628).
- ibmvnic: remove duplicate napi_schedule call in open function
(bsc#1012628).
- ibmvnic: remove duplicate napi_schedule call in do_reset
function (bsc#1012628).
- ibmvnic: avoid calling napi_disable() twice (bsc#1012628).
- ia64: tools: remove inclusion of ia64-specific version of
errno.h header (bsc#1012628).
- ia64: remove duplicate entries in generic_defconfig
(bsc#1012628).
- ethtool: pause: make sure we init driver stats (bsc#1012628).
- i40e: fix the panic when running bpf in xdpdrv mode
(bsc#1012628).
- ibmvnic: correctly use dev_consume/free_skb_irq (bsc#1012628).
- net: Make tcp_allowed_congestion_control readonly in non-init
netns (bsc#1012628).
- mm: ptdump: fix build failure (bsc#1012628).
- net: ip6_tunnel: Unregister catch-all devices (bsc#1012628).
- net: sit: Unregister catch-all devices (bsc#1012628).
- net: phy: marvell: fix detection of PHY on Topaz switches
(bsc#1012628).
- net: davicom: Fix regulator not turned off on failed probe
(bsc#1012628).
- net/mlx5e: Fix setting of RS FEC mode (bsc#1012628).
- netfilter: nftables: clone set element expression template
(bsc#1012628).
- netfilter: nft_limit: avoid possible divide error in
nft_limit_init (bsc#1012628).
- net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
(bsc#1012628).
- net: macb: fix the restore of cmp registers (bsc#1012628).
- drm/i915/display/vlv_dsi: Do not skip panel_pwr_cycle_delay
when disabling the panel (bsc#1012628).
- libbpf: Fix potential NULL pointer dereference (bsc#1012628).
- netfilter: arp_tables: add pre_exit hook for table unregister
(bsc#1012628).
- netfilter: bridge: add pre_exit hooks for ebtable unregistration
(bsc#1012628).
- libnvdimm/region: Fix nvdimm_has_flush() to handle
ND_REGION_ASYNC (bsc#1012628).
- ice: Fix potential infinite loop when using u8 loop counter
(bsc#1012628).
- netfilter: conntrack: do not print icmpv6 as unknown via /proc
(bsc#1012628).
- netfilter: flowtable: fix NAT IPv6 offload mangling
(bsc#1012628).
- ixgbe: fix unbalanced device enable/disable in suspend/resume
(bsc#1012628).
- ixgbe: Fix NULL pointer dereference in ethtool loopback test
(bsc#1012628).
- drm/vmwgfx: Make sure we unpin no longer needed buffers
(bsc#1012628).
- scsi: libsas: Reset num_scatter if libata marks qc as NODATA
(bsc#1012628).
- riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
(bsc#1012628).
- vfio/pci: Add missing range check in vfio_pci_mmap
(bsc#1012628).
- arm64: alternatives: Move length validation in
alternative_{insn, endif} (bsc#1012628).
- arm64: mte: Ensure TIF_MTE_ASYNC_FAULT is set atomically
(bsc#1012628).
- Update config files.
- arm64: fix inline asm in load_unaligned_zeropad() (bsc#1012628).
- drm/i915: Don't zero out the Y plane's watermarks (bsc#1012628).
- readdir: make sure to verify directory entry for legacy
interfaces too (bsc#1012628).
- dm verity fec: fix misaligned RS roots IO (bsc#1012628).
- HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC
type of devices (bsc#1012628).
- Input: i8042 - fix Pegatron C15B ID entry (bsc#1012628).
- Input: s6sy761 - fix coordinate read bit shift (bsc#1012628).
- net/sctp: fix race condition in sctp_destroy_sock (bsc#1012628).
- lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
(bsc#1012628).
- virt_wifi: Return micros for BSS TSF values (bsc#1012628).
- mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
(bsc#1012628).
- drm/amd/display: Add missing mask for DCN3 (bsc#1012628).
- pcnet32: Use pci_resource_len to validate PCI resource
(bsc#1012628).
- net: ieee802154: forbid monitor for add llsec seclevel
(bsc#1012628).
- net: ieee802154: stop dump llsec seclevels for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec devkey
(bsc#1012628).
- net: ieee802154: forbid monitor for add llsec devkey
(bsc#1012628).
- net: ieee802154: stop dump llsec devkeys for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec dev (bsc#1012628).
- net: ieee802154: forbid monitor for add llsec dev (bsc#1012628).
- net: ieee802154: stop dump llsec devs for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec key (bsc#1012628).
- net: ieee802154: forbid monitor for add llsec key (bsc#1012628).
- net: ieee802154: stop dump llsec keys for monitors
(bsc#1012628).
- iwlwifi: add support for Qu with AX201 device (bsc#1012628).
- scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST
state (bsc#1012628).
- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (bsc#1012628).
- drm/msm: Fix a5xx/a6xx timestamps (bsc#1012628).
- ARM: omap1: fix building with clang IAS (bsc#1012628).
- ARM: keystone: fix integer overflow warning (bsc#1012628).
- powerpc/signal32: Fix Oops on sigreturn with unmapped VDSO
(bsc#1012628).
- neighbour: Disregard DEAD dst in neigh_update (bsc#1012628).
- bpf: Take module reference for trampoline in module
(bsc#1012628).
- gpu/xen: Fix a use after free in xen_drm_drv_init (bsc#1012628).
- net: axienet: allow setups without MDIO (bsc#1012628).
- ASoC: max98373: Added 30ms turn on/off time delay (bsc#1012628).
- ASoC: max98373: Changed amp shutdown register as volatile
(bsc#1012628).
- xfrm: BEET mode doesn't support fragments for inner packets
(bsc#1012628).
- iwlwifi: Fix softirq/hardirq disabling in
iwl_pcie_enqueue_hcmd() (bsc#1012628).
- arc: kernel: Return -EFAULT if copy_to_user() fails
(bsc#1012628).
- lockdep: Add a missing initialization hint to the "INFO:
Trying to register non-static key" message (bsc#1012628).
- remoteproc: pru: Fix loading of GNU Binutils ELF (bsc#1012628).
- ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
(bsc#1012628).
- ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
(bsc#1012628).
- ACPI: x86: Call acpi_boot_table_init() after
acpi_table_upgrade() (bsc#1012628).
- dmaengine: idxd: fix wq cleanup of WQCFG registers
(bsc#1012628).
- dmaengine: idxd: clear MSIX permission entry on shutdown
(bsc#1012628).
- dmaengine: plx_dma: add a missing put_device() on error path
(bsc#1012628).
- dmaengine: Fix a double free in dma_async_device_register
(bsc#1012628).
- dmaengine: dw: Make it dependent to HAS_IOMEM (bsc#1012628).
- dmaengine: idxd: fix wq size store permission state
(bsc#1012628).
- dmaengine: idxd: fix opcap sysfs attribute output (bsc#1012628).
- dmaengine: idxd: fix delta_rec and crc size field for completion
record (bsc#1012628).
- dmaengine: idxd: Fix clobbering of SWERR overflow bit on
writeback (bsc#1012628).
- gpio: sysfs: Obey valid_mask (bsc#1012628).
- Input: nspire-keypad - enable interrupts only when opened
(bsc#1012628).
- mtd: rawnand: mtk: Fix WAITRDY break condition and timeout
(bsc#1012628).
- AMD_SFH: Add DMI quirk table for BIOS-es which don't set the
activestatus bits (bsc#1012628).
- AMD_SFH: Add sensor_mask module parameter (bsc#1012628).
- AMD_SFH: Removed unused activecontrolstatus member from the
amd_mp2_dev struct (bsc#1012628).
- commit d57ad55
==== kexec-tools ====
Version update (2.0.20 -> 2.0.21)
- kexec-tools-remove-duplicate-ramdisk-definition.patch:
Remove duplicate definition of ramdisk (fix ppc build).
- Bump version to 2.0.21
- Drop patches from upstream git:
* kexec-tools-add-variant-helper-functions.patch
* kexec-tools-arm64-kexec-allocate-memory-space-avoiding-reserved-regions.patch
* kexec-tools-arm64-kdump-deal-with-resource-entries-in-proc-iomem.patch
* kexec-tools-build-multiboot2-for-i386.patch
* kexec-tools-fix-kexec_file_load-error-handling.patch
* kexec-tools-reset-getopt-before-falling-back-to-legacy.patch
* kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch
* kexec-tools-Remove-duplicated-variable-declarations.patch
- Hardening: Link as PIE (bsc#1185020).
==== kyotocabinet ====
- Add yet an other patch kyotocabinet-pie.patch
* link all executables as pie (bsc#1185033)
==== libgcrypt ====
Version update (1.9.2 -> 1.9.3)
Subpackages: libgcrypt20 libgcrypt20-32bit libgcrypt20-hmac
- libgcrypt 1.9.3:
* Bug fixes:
- Fix build problems on i386 using gcc-4.7.
- Fix checksum calculation in OCB decryption for AES on s390.
- Fix a regression in gcry_mpi_ec_add related to certain usages
of curve 25519.
- Fix a symbol not found problem on Apple M1.
- Fix for Apple iOS getentropy peculiarity.
- Make keygrip computation work for compressed points.
* Performance:
- Add x86_64 VAES/AVX2 accelerated implementation of Camellia.
- Add x86_64 VAES/AVX2 accelerated implementation of AES.
- Add VPMSUMD acceleration for GCM mode on PPC.
* Internal changes.
- Harden MPI conditional code against EM leakage.
- Harden Elgamal by introducing exponent blinding.
==== libupnp ====
Version update (1.14.5 -> 1.14.6)
Subpackages: libixml11 libupnp17
- Update to release 1.14.6
* Fix for a DNS Rebind exploit. [CVE-2021-29462]
==== lvm2 ====
Subpackages: liblvm2cmd2_03
- Honor lvm.conf event_activation=0 on "pvscan --cache -aay" (bsc#1185190)
+ bug-1185190_01-pvscan-support-disabled-event_activation.patch
+ bug-1185190_02-config-improve-description-for-event_activation.patch
- LVM cannot be disabled on boot (bsc#1184687)
+ bug-1184687_Add-nolvm-for-kernel-cmdline.patch
- Update patch for avoiding apply warning message
+ bug-1012973_simplify-special-case-for-md-in-69-dm-lvm-metadata.patch
- Add metadata-based autoactivation property for VG and LV (bsc#1178680)
+ bug-1178680_add-metadata-based-autoactivation-property-for-VG-an.patch
==== lvm2-device-mapper ====
Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 libdevmapper1_03-32bit
- Honor lvm.conf event_activation=0 on "pvscan --cache -aay" (bsc#1185190)
+ bug-1185190_01-pvscan-support-disabled-event_activation.patch
+ bug-1185190_02-config-improve-description-for-event_activation.patch
- LVM cannot be disabled on boot (bsc#1184687)
+ bug-1184687_Add-nolvm-for-kernel-cmdline.patch
- Update patch for avoiding apply warning message
+ bug-1012973_simplify-special-case-for-md-in-69-dm-lvm-metadata.patch
- Add metadata-based autoactivation property for VG and LV (bsc#1178680)
+ bug-1178680_add-metadata-based-autoactivation-property-for-VG-an.patch
==== ncompress ====
Version update (4.2.4.6 -> 5.0)
- Update to version 5.0:
* New stream for cleanups
* Drop support for 2.0 output & -C option
* Improve & fix recursive mode
* Drop old DEF_ERRNO support
* Drop DIRENT/SYSDIR config knobs
* Drop support for REGISTER build knob
* Drop support for explicit unaligned memory accesses
* Drop support for dead operating systems
* Fix Windows access fallback logic
* Include io.h on Windows
* Disable "deprecated" API warnings on Windows
* Add setmode binary for stdin and stdout on Windows
* Clean up help text a bit
* Add a standard -k (keep) option
* Use io.h fallbacks on mingw too
==== openvpn ====
- update 'rcopenvpn' to work without /etc/rc.status (boo#1185273)
==== perl-XML-LibXML ====
Version update (2.0206 -> 2.0207)
- updated to 2.0207
see /usr/share/doc/packages/perl-XML-LibXML/Changes
2.0207 2021-04-17
- Small cleanups:
- https://github.com/shlomif/perl-XML-LibXML/pull/63
- Thanks to @Grinnz , @Kritzefitz and @atoomic .
==== pipewire ====
Version update (0.3.25 -> 0.3.26)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to 0.3.26:
+ Highlights:
- I18n support, with translations merged from PulseAudio.
- New pw-link tool.
- Many Bluetooth improvements, support for hardware volumes.
- Support for 64 channel devices.
- Stability fixes and improvements.
+ PipeWire improvements:
- The link factory can now also make links between nodes and
ports by name so that it can be used in scripts.
- Add module-protocol-simple that can stream raw audio on a
socket.
- Added i18n support. Merge PulseAudio translations for the ACP
library so that we don't cause regressions.
- Support more than 19 channels in the channel mixer. This
makes all channels usable on 32 and 64 channel cards.
- Detect if we're running in a VM and allow for tweaking some
settings such as the max-quantum to make things work better
in VMs.
- Fix a potential crash when connecting a client and updating
permissions.
- Fix a potential crash when trying to link incompatible ports.
- Lingering links in error will now be destroyed automatically.
+ Tools:
- Added new pw-link tool to list and monitor ports and to list,
monitor, create and destroy links between them.
- pw-cli can now also list params by name.
- pw-dump now outputs Spa:String:JSON types in metadata as
properly parsed and formatted JSON so that tools can parse
the metadata values using a JSON parser.
+ Session-manager:
- Add logind support. The bluetooth monitor can only be started
for one user at the time, so use logind detect active seats.
- ALSA icon names were improved to match what PulseAudio does.
- Improve the bluetooth icon name. Also use the device alias as
the device description, like PulseAudio.
+ Device support:
- When devices become inaccessible, they are now removed from
the PipeWire graph.
- Fix datatype selection for buffers in v4l2 and libcamera.
+ Bluetooth:
- Various memory leaks and crashes are fixed.
- Added support for AVRCP hardware volume.
- Added support for HSP/HFP hardware volume.
+ PulseAudio server:
- Fix module-loopback connections to monitor ports.
- Implement module-native-protocol-tcp.
- Handle nodes and streams with > 32 channels. The PulseAudio
API only supports up to 32 channels so only make those 32
first channels available with the PA API.
- Implement module-simple-protocol-tcp.
- Improve events emitted by the server.
- Improvements to channels and channel_map properties on
modules. One can imply the other and they should match when
both given.
- null-sink will now have their volume work correctly by
default.
+ JACK: JACK developement files can now optionally be installed.
==== python-M2Crypto ====
- Add no-need-parameterized.patch ... we don't need run-time requirement
of parameterized package (bsc#1185150).
==== python-MarkupSafe ====
- allow tests to be disabled (still on by default)
==== python-dulwich ====
Version update (0.20.15 -> 0.20.20)
- update to 0.20.20:
* Support untracked symlinks to paths outside the
repository.
* Fix handling of negative matches in nested gitignores.
* Fix formatting in setup.py. (Jelmer Vernoo?)
* Add release configuration. (Jelmer Vernoo?)
* credentials: ignore end-of-line character. (Georges Racinet)
* Fix failure in get_untracked_paths when the repository contains symlinks.
* docs: Clarify that Git objects are created on `git add`.
* Add flag to only attempt to fetch ignored untracked files when specifically requested.
==== python-pydot ====
Version update (1.4.1 -> 1.4.2)
- update to 1.4.2:
- Documentation: Basic usage examples in `README.md`. (#141)
Changed:
- More detailed error message in case of Graphviz errors. (#239)
- More detailed warning message in case of failure to import the DOT
parser module. (#241)
Deprecated:
- A future pydot 2.0.0 will drop support for Python 2, 3.4 and
possibly other Python versions that are end-of-life at that time.
Pydot does not emit any deprecation warnings about this. Further
pydot 1.x.x releases are currently not foreseen, but if there are
any, should still support the mentioned Python versions. (#229)
Fixed:
- On Python 2, non-equality comparison (`!=`) between two separate, but
equal `Edge` instances will now correctly return `False`, as it
already did on Python 3. (#248)
- Prevent `TypeError` in handling of DOT parser error. (#176)
- Prevent `TypeError` in `graph_from_adjacency_matrix()` and
`graph_from_incidence_matrix()`. (#98)
- Prevent `TypeError` when creating an edge with a `Subgraph` or
`Cluster` object (as opposed to name string) as an edge point. (#89)
- Windows only: Fixed most failures to find Graphviz when a conda or
Anaconda installation exists, but Graphviz was installed manually or
through pip (`.bat`/`.exe` suffix problem). (#205)
- Windows only: Fixed failure to run Graphviz related to side-by-side
assembly (SxS) by now propagating the `SYSTEMROOT` environment
variable. (#208)
==== python-pymongo ====
Version update (3.11.2 -> 3.11.3)
- update to 3.11.3:
- Version 3.11.3 fixes a bug that prevented PyMongo from retrying writes
after a writeConcernError on MongoDB 4.4+ (PYTHON-2452)
==== rubygem-nokogiri ====
Version update (1.11.2 -> 1.11.3)
- updated to version 1.11.3
[#]## Fixed
* [CRuby] Passing non-`Node` objects to `Document#root=` now raises an `ArgumentError` exception.
Previously this likely segfaulted. [[#1900](https://github.com/sparklemotion/nokogiri/issues/1900)]
* [JRuby] Passing non-`Node` objects to `Document#root=` now raises an `ArgumentError` exception.
Previously this raised a `TypeError` exception.
* [CRuby] arm64/aarch64 systems (like Apple's M1) can now compile libxml2 and libxslt from source
(though we continue to strongly advise users to install the native gems for the best possible experience)
==== suse-module-tools ====
Version update (15.4.0 -> 15.4.1)
- Update to version 15.4.1:
* dm-crypt requires essiv in SLE15 SP3 (boo#1183063 bsc#1184134 ltc#192244).
==== tk ====
- Update to version 8.6.11.1 (still presenting itself as 8.6.11)
* Fixed issue in bindMouseWheel
==== xf86-input-joystick ====
- modernize spec file:
* use https urls
* move license to licensedir
* remove unnecessary attributes and add curly braces where spec-cleaner
likes them
==== xf86-video-fbdev ====
- modernize spec file:
* move license to license dir
* use spec-cleaner induced cleanups
==== xinit ====
- modernize spec file (move license to licensedir, use https)
==== yast2-trans ====
Version update (84.87.20210418.dfe53bf215 -> 84.87.20210425.616915ed60)
Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu
- Update to version 84.87.20210425.616915ed60:
* Translated using Weblate (Portuguese)
* Translated using Weblate (Hindi)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Hindi)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Translated using Weblate (Portuguese)
* Added translation using Weblate (Portuguese)
* Added translation using Weblate (Portuguese)
* Translated using Weblate (Slovak)
* Translated using Weblate (Slovak)
* Translated using Weblate (Slovak)
* Translated using Weblate (Slovak)
* Translated using Weblate (Slovak)
* Translated using Weblate (Japanese)
* Translated using Weblate (Japanese)
* Translated using Weblate (Japanese)
* Translated using Weblate (Japanese)
* New POT for text domain 'packager'.
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* New POT for text domain 'ldap'.
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Hindi)
* Translated using Weblate (Slovak)
* New POT for text domain 'bootloader'.
* Translated using Weblate (Japanese)
* Translated using Weblate (Dutch)
* Translated using Weblate (Catalan)
* New POT for text domain 'base'.
* Translated using Weblate (Portuguese)
1
0