[opensuse-kubic] New Kubic snapshot 20200914 released!
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=Tumbleweed&build=20200914
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=Kubic&query_format=advanced&resolution=---
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
aaa_base (84.87+git20200818.b9dd70f -> 84.87+git20200909.ee4a72c)
acl
boost-base
busybox-links
c-ares
efivar
etcd (3.4.10 -> 3.4.13)
haproxy (2.2.2+git0.b8a2763d5 -> 2.2.3+git0.0e58a340d)
helm (3.3.0 -> 3.3.1)
hostname (3.21 -> 3.23)
installation-images-MicroOS (16.8 -> 16.14)
iproute2 (5.7.0 -> 5.8.0)
kuberlr (0.3.0 -> 0.3.1)
kubernetes (1.19.0 -> 1.19.1)
kubernetes1.19 (1.19.0 -> 1.19.1)
libseccomp (2.4.3 -> 2.5.0)
permissions (1550_20200904 -> 1550_20200909)
python-networkx (2.4 -> 2.5)
sudo
=== Details ===
==== aaa_base ====
Version update (84.87+git20200818.b9dd70f -> 84.87+git20200909.ee4a72c)
- Update to version 84.87+git20200909.ee4a72c:
* /etc/profile.d/xdg-environment.{sh,csh}: Added /usr/etc/xdg to $XDG_CONFIG_DIRS
* sysctl.d/50-default.conf: allow everybody to create IPPROTO_ICMP sockets (bsc#1174504)
==== acl ====
- update url
==== boost-base ====
Subpackages: boost-license1_74_0 libboost_thread1_74_0
- Enable context on s390x
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-xz
- busybox-vi: conflict with all vi variants
==== c-ares ====
- simplify conditions bit to make it tad more readable
- Implement multibuild specfile to split out tests into its own
flavor; this way we can build and run tests, which require
static lib, as well as avoid packaging the latter without issues
with the installed cmake file..
==== efivar ====
- Add efivar-bsc1175989-handle-NULL-set-variable.patch to fix
segfault in non-EFI systems (bsc#1175989)
==== etcd ====
Version update (3.4.10 -> 3.4.13)
- Update to version 3.4.13:
* version: 3.4.13
* pkg: file stat warning
* Automated cherry pick of #12243 on release 3.4
* version: 3.4.12
* etcdserver: Avoid panics logging slow v2 requests in integration tests
* version: 3.4.11
* Revert "etcdserver/api/v3rpc: "MemberList" never return non-empty ClientURLs"
* *: fix backport of PR12216
* *: add experimental flag for watch notify interval
* clientv3: remove excessive watch cancel logging
* etcdserver: add OS level FD metrics
* pkg/runtime: optimize FDUsage by removing sort
* clientv3: log warning in case of error sending request
* etcdserver/api/v3rpc: "MemberList" never return non-empty ClientURLs
==== haproxy ====
Version update (2.2.2+git0.b8a2763d5 -> 2.2.3+git0.0e58a340d)
- Update to version 2.2.3+git0.0e58a340d:
* [RELEASE] Released version 2.2.3
* BUG/MEDIUM: mux-h1: always apply the timeout on half-closed connections
* BUG/MINOR: auth: report valid crypto(3) support depending on build options
* DOC: ssl-load-extra-files only applies to certificates on bind lines
* MINOR: server: Improve log message sent when server address is updated
* BUG/MEDIUM: dns: Be sure to renew IP address for already known servers
* BUG/MEDIUM: dns: Don't store additional records in a linked-list
* CLEANUP: dns: remove 45 "return" statements from dns_validate_dns_response()
* CLEANUP: Update .gitignore
* MINOR: Commit .gitattributes
* BUILD: thread: limit the libgcc_s workaround to glibc only
* BUG/MINOR: threads: work around a libgcc_s issue with chrooting
* BUG/MEDIUM: ssl: does not look for all SNIs before chosing a certificate
* MINOR: arg: Use chunk_destroy() to release string arguments
* BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()
* REGTEST: Add a test for request path manipulations, with and without the QS
* MINOR: http-fetch: Add pathq sample fetch
* MINOR: http-rules: Add set-pathq and replace-pathq actions
* BUG/MEDIUM: doc: Fix replace-path action description
* Revert "BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action"
* BUG/MINOR: startup: haproxy -s cause 100% cpu
* BUG/MEDIUM: contrib/spoa-server: Fix ipv4_address used instead of ipv6_address
* BUG/MINOR: contrib/spoa-server: Updating references to free in case of failure
* BUG/MINOR: contrib/spoa-server: Do not free reference to NULL
* BUG/MINOR: contrib/spoa-server: Ensure ip address references are freed
* BUG/MAJOR: contrib/spoa-server: Fix unhandled python call leading to memory leak
* BUILD: task: work around a bogus warning in gcc 4.7/4.8 at -O1
* BUILD: tools: include auxv a bit later
* MINOR: cache: Reject duplicate cache names
* DOC: cache: Use '<name>' instead of '<id>' in error message
* BUG/MEDIUM: ssl: crt-list negative filters don't work
* BUG/MINOR: http-rules: Replace path and query-string in "replace-path" action
* MINOR: http-htx: Add an option to eval query-string when the path is replaced
* BUG/MEDIUM: http-ana: Don't wait to send 1xx responses received from servers
* BUG/MINOR: reload: do not fail when no socket is sent
* BUG/MEDIUM: ssl: fix ssl_bind_conf double free w/ wildcards
* BUG/MEDIUM: ssl: never generates the chain from the verify store
* BUG/MEDIUM: htx: smp_prefetch_htx() must always validate the direction
* BUG/MINOR: stats: use strncmp() instead of memcmp() on health states
* BUG/MINOR: ssl: ssl-skip-self-issued-ca requires >= 1.0.2
* BUG/MEDIUM: ssl: fix the ssl-skip-self-issued-ca option
* BUG/MINOR: snapshots: leak of snapshots on deinit()
* MEDIUM: lua: Don't filter exported fetches and converters
* BUG/MINOR: lua: Duplicate lua strings in sample fetches/converters arg array
* MINOR: hlua: Don't needlessly copy lua strings in trash during args validation
* BUG/MINOR: lua: Check argument type to convert it to IP mask in arg validation
* BUG/MINOR: lua: Check argument type to convert it to IPv4/IPv6 arg validation
* BUG/MINOR: arg: Fix leaks during arguments validation for fetches/converters
* BUG/MINOR: lua: Duplicate map name to load it when a new Map object is created
* BUG/MINOR: converters: Store the sink in an arg pointer for debug() converter
* MINOR: arg: Add an argument type to keep a reference on opaque data
* BUG/MEDIUM: map/lua: Return an error if a map is loaded during runtime
* BUG/MEDIUM: ssl: memory leak of ocsp data at SSL_CTX_free()
* BUG/MINOR: ssl: fix memory leak at OCSP loading
* DOC: spoa-server: fix false friends `actually`
* BUG/MINOR: spoa-server: fix size_t format printing
* BUG/MAJOR: dns: disabled servers through SRV records never recover
* CLEANUP: dns: typo in reported error message
* BUG/MEDIUM: mux-h1: Refresh H1 connection timeout after a synchronous send
* SCRIPTS: git-show-backports: emit the shell command to backport a commit
* SCRIPTS: git-show-backports: make -m most only show the left branch
==== helm ====
Version update (3.3.0 -> 3.3.1)
- Update to version 3.3.1:
* Fix spelling in completion.go
* Fixing linting of templates on Windows
* Bump Kubernetes to v0.18.8 + Bump jsonpatch
* Fix Quick Start Guide Link in README.md
* fix test that modifies the wrong cache data
* bufix: fix validateNumColons docs
* Fix typo
* Enhance readability by extracting bitwise operation
* Make helm ls return only current releases if providing state filter
* fix: Allow building in a path containing spaces
* Alter whitespace in "Update Complete" output
* Fixing version and spelling errors
==== hostname ====
Version update (3.21 -> 3.23)
- update to 3.23:
* Increase buffer size for all FQDNs to NI_MAXHOST as suggested by manpage.
(Closes: #942311)
* Use the same size for getdomainname().
* Bumped Standards-Version, no changes needed.
==== installation-images-MicroOS ====
Version update (16.8 -> 16.14)
- merge gh#openSUSE/installation-images#416
- fix library dependency checking
- 16.14
- BuildRequire system-role-common-criteria in SLE
- 16.13
- Include common critera system role handler (jsc#SLE-12905)
- merge gh#openSUSE/installation-images#413
- add watchdog modules (bsc#1176112)
- 16.12
- merge gh#openSUSE/installation-images#411
- make exfat support optional
- 16.11
- merge gh#openSUSE/installation-images#410
- add exfatprogs to spec file
- 16.10
- merge gh#openSUSE/installation-images#409
- support exfat filesystem (bsc#1175731)
- 16.9
==== iproute2 ====
Version update (5.7.0 -> 5.8.0)
- Update to release 5.8
* macsec: add support for MAC offload
* Add support for mptcp netlink interface
* erspan: Add type I version 0 support
==== kuberlr ====
Version update (0.3.0 -> 0.3.1)
- Update to version 0.3.1:
* Prepare for release of v0.3.1
* fix: set progress bar desc to shorter string
* Update Changelog
* Update README to mention all the platforms supported
* GitHub actions: enable test matrix
* Build kuberlr binary for windows
* windows: fix path construction for download dir
* windows: require .exe extension on windows
* windows: add filename extension utils
==== kubernetes ====
Version update (1.19.0 -> 1.19.1)
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet
- Bump kubernetes to 1.19.1, etcd to 3.4.13
==== kubernetes1.19 ====
Version update (1.19.0 -> 1.19.1)
Subpackages: kubernetes1.19-client kubernetes1.19-client-common kubernetes1.19-kubeadm kubernetes1.19-kubelet kubernetes1.19-kubelet-common
- Update to version 1.19.1:
* build/lib/release: Explicitly use '--platform' in building server images
* build/common.sh: Remove extraneous reference to debian-base image
* Update default etcd server to 3.4.13
* kubeadm: remove the CoreDNS check for supported image digests
* Update snapshot controller to use k8s.gcr.io
* kubeadm: make the scheduler and KCM connect to local endpoint
* Fixed reflector not recovering from "Too large resource version" errors with API servers 1.17.0-1.18.5
* let panics propagate up when processLoop panic
* kubeadm: Fix `upgrade plan` for air-gapped setups
* Add impersonated user to system:authenticated group
* cleanup: print warning message after timeout
* Revert "cleanup: decrease log level from warn to v3"
* cleanup: decrease log level from warn to v3
* Remove duplicate nodeSelector
* test(kubelet): add a regression test to verify kubelet would not panic
* fix(kubelet): protect `containerCleanupInfos` from concurrent map writes
* fix(azure): check error returned by scaleSet.getVMSS
* Fix issue on skipTest in storage suits
* Use NLB Subnet CIDRs instead of VPC CIDRs in updateInstanceSecurityGroupsForNLB
* Add PR #89069 Action Required
* Update CHANGELOG/CHANGELOG-1.19.md for v1.19.0
==== libseccomp ====
Version update (2.4.3 -> 2.5.0)
- Do not rely on gperf: pass GPERF=/bin/true to configure and
remove gperf BuildRequires. The syscalls.perf file it would
generate is part of the tarball already.
- testsuite-riscv64-missing-syscalls.patch: Fix testsuite failure on
riscv64
- Ignore failure of tests/52-basic-load on qemu linux-user emulation
- Update to release 2.5.0
* Add support for the seccomp user notifications, see the
seccomp_notify_alloc(3), seccomp_notify_receive(3),
seccomp_notify_respond(3) manpages for more information
* Add support for new filter optimization approaches, including a balanced
tree optimization, see the SCMP_FLTATR_CTL_OPTIMIZE filter attribute for
more information
* Add support for the 64-bit RISC-V architecture
* Performance improvements when adding new rules to a filter thanks to the
use of internal shadow transactions and improved syscall lookup tables
* Properly document the libseccomp API return values and include them in the
stable API promise
* Improvements to the s390 and s390x multiplexed syscall handling
* Multiple fixes and improvements to the libseccomp manpages
* Moved from manually maintained syscall tables to an automatically generated
syscall table in CSV format
* Update the syscall tables to Linux v5.8.0-rc5
* Python bindings and build now default to Python 3.x
* Improvements to the tests have boosted code coverage to over 93%
- libseccomp.keyring: replaced by Paul Moore
participants (1)
-
Richard Brown