[opensuse-kubic] New ARM Kubic snapshot 20200908 released!
Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=Tumbleweed&build=20200908 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=Kubic&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: cryptsetup (2.3.3 -> 2.3.4) dracut filesystem gzip kubernetes1.18 kubernetes1.19 libcap (2.42 -> 2.43) libgpg-error (1.38 -> 1.39) libxcrypt (4.4.15 -> 4.4.17) lvm2 lvm2-device-mapper npth permissions (1550_20200826 -> 1550_20200904) python38 python38-core rsync toolbox (1.0+git20200803.7ff20b6 -> 1.0+git20200831.d2d2e5d) utempter === Details === ==== cryptsetup ==== Version update (2.3.3 -> 2.3.4) Subpackages: libcryptsetup12 - Update to 2.3.4: * Fix a possible out-of-bounds memory write while validating LUKS2 data segments metadata (CVE-2020-14382, boo#1176128). * Ignore reported optimal IO size if not aligned to minimal page size. * Added support for new no_read/write_wrokqueue dm-crypt options (kernel 5.9). * Added support panic_on_corruption option for dm-verity devices (kernel 5.9). * Support --master-key-file option for online LUKS2 reencryption * Always return EEXIST error code if a device already exists. * Fix a problem in integritysetup if a hash algorithm has dash in the name. * Fix crypto backend to properly handle ECB mode. * TrueCrypt/VeraCrypt compatible mode now supports the activation of devices with a larger sector. * LUKS2: Do not create excessively large headers. * Fix unspecified sector size for BitLocker compatible mode. * Fix reading key data size in metadata for BitLocker compatible mode. ==== dracut ==== Subpackages: dracut-ima - Generate the tarball during buildtime. Tracking both the tarball and the .obscpio combines the worst of both. ==== filesystem ==== - Split /var/tmp out of fs-var.conf, new file is fs-var-tmp.conf. Allows to override config to add cleanup options of /var/tmp [bsc#1078466] - Create fs-tmp.conf to cleanup /tmp regular (required with tmpfs) [bsc#1175519] - Fix bug about missing group in tmpfiles.d files - Generic cleanup: - Remove /usr/local/games - /etc/java was moved to javapackages-filesystem long ago - Remove unused languages: en@IPA, it_CH, ja_JP.EUC, ja_JP.SJIS, ja_JP.eucJP, nds_DE - Remove %ghost entries for /tmp, /tmp is now tmpfs and the files are handled by systemd since a long time - Add /usr/etc/default. ==== gzip ==== - Enable DFLTCC compression for s390x for levels 1-6 (i. e. to make it used by default) by adding -DDFLTCC_LEVEL_MASK=0x7e to CLFAGS. [jsc#SLE-13775] ==== kubernetes1.18 ==== - kubernetes%{baseversion}-kubeadm now obsoletes kubernetes%{baseversionminus1}-kubeadm ==== kubernetes1.19 ==== Subpackages: kubernetes1.19-client kubernetes1.19-client-common kubernetes1.19-kubeadm kubernetes1.19-kubelet kubernetes1.19-kubelet-common - kubernetes%{baseversion}-kubeadm now obsoletes kubernetes%{baseversionminus1}-kubeadm ==== libcap ==== Version update (2.42 -> 2.43) - update to 2.43 * Linus' kernel tree defines CAP_CHECKPOINT_RESTORE (40) so support it. * Fix the creation of the $(FAKEROOT)$(LIBDIR) for split install targets * Clean up a binary from the distribution * Added some more release time checks for non-git tracked files. * Fix a deadlock in libpsx that surfaced with a set of compiler optimizations by removing the psx wrapping harder. ==== libgpg-error ==== Version update (1.38 -> 1.39) - Update to 1.39: * "gpg-error --lib-version" works again. * New function gpgrt_fcancel as alternative to gpgrt_close. This function avoid flushing out buffered data and also tries to delete a newly created file. * Update the gnupg project keyring * Interface changes relative to the 1.38 release: - gpgrt_fcancel: NEW. ==== libxcrypt ==== Version update (4.4.15 -> 4.4.17) - Add compatibility provides for SLE15 - Update to version 4.4.17 * Salt string compatibility with generic implementations ==== lvm2 ==== Subpackages: liblvm2cmd2_03 - lvm can't pass build with gcc option Wstringop-overflow (bsc#1175565) - remove suse speical patch - bug-1175565_lvm-cant-pass-build-with-gcc-option-Wstringop-overflow.patch - add upstream patch + bug-1175565_01-tools-move-struct-element-before-variable-lenght-lis.patch + bug-1175565_02-gcc-change-zero-sized-array-to-fexlible-array.patch + bug-1175565_03-gcc-zero-sized-array-to-fexlible-array-C99.patch ==== lvm2-device-mapper ==== Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03 - lvm can't pass build with gcc option Wstringop-overflow (bsc#1175565) - remove suse speical patch - bug-1175565_lvm-cant-pass-build-with-gcc-option-Wstringop-overflow.patch - add upstream patch + bug-1175565_01-tools-move-struct-element-before-variable-lenght-lis.patch + bug-1175565_02-gcc-change-zero-sized-array-to-fexlible-array.patch + bug-1175565_03-gcc-zero-sized-array-to-fexlible-array-C99.patch ==== npth ==== - Remove old specfile constructs and doubleshipping of docs. ==== permissions ==== Version update (1550_20200826 -> 1550_20200904) Subpackages: chkstat permissions-config - Update to version 20200904: * Add /usr/libexec for cockpit-session as new path * physlock: whitelist with tight restrictions (bsc#1175720) ==== python38 ==== - Just cleanup and reordering items to synchronize with python39 ==== python38-core ==== Subpackages: libpython3_8-1_0 python38-base - Just cleanup and reordering items to synchronize with python39 ==== rsync ==== - Security fix: [bsc#1176160, CVE-2020-14387] * rsync-ssl: Verify the hostname in the certificate when using openssl. - Add rsync-CVE-2020-14387.patch ==== toolbox ==== Version update (1.0+git20200803.7ff20b6 -> 1.0+git20200831.d2d2e5d) - Update to version 1.0+git20200831.d2d2e5d: * Allow graphical applications from inside a user toolbox to run ==== utempter ==== - fixed utempter location after libexecdir change (bsc#1175925) -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kubic+owner@opensuse.org
participants (1)
-
Guillaume Gardet