New Kubic snapshot 20210828 released!
Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=Tumbleweed&build=20210828 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=Kubic&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: libgcrypt (1.9.3 -> 1.9.4) libgpg-error libssh (0.9.5 -> 0.9.6) openssl (1.1.1k -> 1.1.1l) openssl-1_1 (1.1.1k -> 1.1.1l) pkgconf (1.7.4 -> 1.8.0) === Details === ==== libgcrypt ==== Version update (1.9.3 -> 1.9.4) - Update to 1.9.4: * Bug fixes: - Fix Elgamal encryption for other implementations. [CVE-2021-33560] - Fix alignment problem on macOS. - Check the input length of the point in ECDH. - Fix an abort in gcry_pk_get_param for "Curve25519". * Other features: - Add GCM and CCM to OID mapping table for AES. * Upstream libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch - Remove not needed patch libgcrypt-sparcv9.diff - Fix building test t-lock with pthread. [bsc#1189745] * Explicitly add -lpthread to compile the t-lock test. * Add libgcrypt-pthread-in-t-lock-test.patch ==== libgpg-error ==== - Drop --with-pic (no effect with --disable-static). ==== libssh ==== Version update (0.9.5 -> 0.9.6) Subpackages: libssh-config libssh4 - Update to version 0.9.6 (bsc#1189608, CVE-2021-3634) * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6 ==== openssl ==== Version update (1.1.1k -> 1.1.1l) - Update to 1.1.1l release ==== openssl-1_1 ==== Version update (1.1.1k -> 1.1.1l) Subpackages: libopenssl1_1 - Update to 1.1.1l: * [bsc#1189520, CVE-2021-3711] Fixed an SM2 Decryption Buffer Overflow. * [bsc#1189521, CVE-2021-3712] Fixed various read buffer overruns processing ASN.1 strings - Require the crypto-policies package from libopenssl-1_1 ==== pkgconf ==== Version update (1.7.4 -> 1.8.0) Subpackages: libpkgconf3 pkgconf-m4 pkgconf-pkg-config - Update to version 1.8.0: + Fix a minor memory leak relating to cross-personalities + Fix some edge cases with --redefine-prefix + Do not prepend sysroot_dir if the .pc file does not exist in the sysroot + Do not perform path filtering on default system include and library path lists.
participants (1)
-
Richard Brown