January 2021 - openSUSE Factory - openSUSE Mailing Lists

openSUSE vs. Fedora - package installation speed
by Martin Liška 08 Feb '21

08 Feb '21

Maybe it's a known issue, but I think speed of package installation is much slower on openSUSE (takes 2x longer). The following example installs packages needed for rpmlint and should be 1:1 in between the 2 mentioned distros: https://github.com/marxin/opensuse-vs-fedora https://github.com/marxin/opensuse-vs-fedora/actions/runs/480371322 Thanks, Martin

18 44

unsafe systemd services in openSUSE Tumbleweed
by Dirk Müller 03 Feb '21

03 Feb '21

Hi, today I stumbled over "systemd-analyze security" which gives an overview of installed systemd services and their configured sandboxing capabilities. It appears that from the ones that I have installed, most of them have no sandboxing features enabled at all, so pretty much everything is at score 9.5 and above (10 seems to be the absolutely worst). Would It be useful to take a pass at configuring this more sandboxy? in my opinion, security should be default. It appears this is a lot simpler to contain the services than with functionality like apparmor or selinux, although those of course provide further protection. Here's an example on smartd.service: # systemd-analyze security smartd.service NAME DESCRIPTION EXPOSURE ✗ PrivateNetwork= Service has access to the host's network 0.5 ✗ User=/DynamicUser= Service runs as root user 0.4 ✗ CapabilityBoundingSet=~CAP_SET(UID|GID|PCAP) Service may change UID/GID identities/capabilities 0.3 ✗ CapabilityBoundingSet=~CAP_SYS_ADMIN Service has administrator privileges 0.3 ✗ CapabilityBoundingSet=~CAP_SYS_PTRACE Service has ptrace() debugging abilities 0.3 ✗ RestrictAddressFamilies=~AF_(INET|INET6) Service may allocate Internet sockets 0.3 ✗ RestrictNamespaces=~CLONE_NEWUSER Service may create user namespaces 0.3 ✗ RestrictAddressFamilies=~… Service may allocate exotic sockets 0.3 ✗ CapabilityBoundingSet=~CAP_(CHOWN|FSETID|SETFCAP) Service may change file ownership/access mode/capabilities unrestricted 0.2 ✗ CapabilityBoundingSet=~CAP_(DAC_*|FOWNER|IPC_OWNER) Service may override UNIX file/IPC permission checks 0.2 ✗ CapabilityBoundingSet=~CAP_NET_ADMIN Service has network configuration privileges 0.2 ✗ CapabilityBoundingSet=~CAP_SYS_MODULE Service may load kernel modules 0.2 ✗ CapabilityBoundingSet=~CAP_SYS_RAWIO Service has raw I/O access 0.2 ✗ CapabilityBoundingSet=~CAP_SYS_TIME Service processes may change the system clock 0.2 ✗ DeviceAllow= Service has no device ACL 0.2 ✗ IPAddressDeny= Service does not define an IP address allow list 0.2 ✓ KeyringMode= Service doesn't share key material with other services ✗ NoNewPrivileges= Service processes may acquire new privileges 0.2 ✓ NotifyAccess= Service child processes cannot alter service state ✗ PrivateDevices= Service potentially has access to hardware devices 0.2 ✗ PrivateMounts= Service may install system mounts 0.2 ✗ PrivateTmp= Service has access to other software's temporary files 0.2 ✗ PrivateUsers= Service has access to other users 0.2 ✗ ProtectClock= Service may write to the hardware clock or system clock 0.2 ✗ ProtectControlGroups= Service may modify the control group file system 0.2 ✗ ProtectHome= Service has full access to home directories 0.2 ✗ ProtectKernelLogs= Service may read from or write to the kernel log ring buffer 0.2 ✗ ProtectKernelModules= Service may load or read kernel modules 0.2 ✗ ProtectKernelTunables= Service may alter kernel tunables 0.2 ✗ ProtectSystem= Service has full access to the OS file hierarchy 0.2 ✗ RestrictAddressFamilies=~AF_PACKET Service may allocate packet sockets 0.2 ✗ RestrictSUIDSGID= Service may create SUID/SGID files 0.2 ✗ SystemCallArchitectures= Service may execute system calls with all ABIs 0.2 ✗ SystemCallFilter=~@clock Service does not filter system calls 0.2 ✗ SystemCallFilter=~@debug Service does not filter system calls 0.2 ✗ SystemCallFilter=~@module Service does not filter system calls 0.2 ✗ SystemCallFilter=~@mount Service does not filter system calls 0.2 ✗ SystemCallFilter=~@raw-io Service does not filter system calls 0.2 ✗ SystemCallFilter=~@reboot Service does not filter system calls 0.2 ✗ SystemCallFilter=~@swap Service does not filter system calls 0.2 ✗ SystemCallFilter=~@privileged Service does not filter system calls 0.2 ✗ SystemCallFilter=~@resources Service does not filter system calls 0.2 ✓ AmbientCapabilities= Service process does not receive ambient capabilities ✗ CapabilityBoundingSet=~CAP_AUDIT_* Service has audit subsystem access 0.1 ✗ CapabilityBoundingSet=~CAP_KILL Service may send UNIX signals to arbitrary processes 0.1 ✗ CapabilityBoundingSet=~CAP_MKNOD Service may create device nodes 0.1 ✗ CapabilityBoundingSet=~CAP_NET_(BIND_SERVICE|BROADCAST|RAW) Service has elevated networking privileges 0.1 ✗ CapabilityBoundingSet=~CAP_SYSLOG Service has access to kernel logging 0.1 ✗ CapabilityBoundingSet=~CAP_SYS_(NICE|RESOURCE) Service has privileges to change resource use parameters 0.1 ✗ RestrictNamespaces=~CLONE_NEWCGROUP Service may create cgroup namespaces 0.1 ✗ RestrictNamespaces=~CLONE_NEWIPC Service may create IPC namespaces 0.1 ✗ RestrictNamespaces=~CLONE_NEWNET Service may create network namespaces 0.1 ✗ RestrictNamespaces=~CLONE_NEWNS Service may create file system namespaces 0.1 ✗ RestrictNamespaces=~CLONE_NEWPID Service may create process namespaces 0.1 ✗ RestrictRealtime= Service may acquire realtime scheduling 0.1 ✗ SystemCallFilter=~@cpu-emulation Service does not filter system calls 0.1 ✗ SystemCallFilter=~@obsolete Service does not filter system calls 0.1 ✗ RestrictAddressFamilies=~AF_NETLINK Service may allocate netlink sockets 0.1 ✗ RootDirectory=/RootImage= Service runs within the host's root directory 0.1 SupplementaryGroups= Service runs as root, option does not matter ✗ CapabilityBoundingSet=~CAP_MAC_* Service may adjust SMACK MAC 0.1 ✗ CapabilityBoundingSet=~CAP_SYS_BOOT Service may issue reboot() 0.1 ✓ Delegate= Service does not maintain its own delegated control group subtree ✗ LockPersonality= Service may change ABI personality 0.1 ✗ MemoryDenyWriteExecute= Service may create writable executable memory mappings 0.1 RemoveIPC= Service runs as root, option does not apply ✗ RestrictNamespaces=~CLONE_NEWUTS Service may create hostname namespaces 0.1 ✗ UMask= Files created by service are world-readable by default 0.1 ✗ CapabilityBoundingSet=~CAP_LINUX_IMMUTABLE Service may mark files immutable 0.1 ✗ CapabilityBoundingSet=~CAP_IPC_LOCK Service may lock memory into RAM 0.1 ✗ CapabilityBoundingSet=~CAP_SYS_CHROOT Service may issue chroot() 0.1 ✗ ProtectHostname= Service may change system host/domainname 0.1 ✗ CapabilityBoundingSet=~CAP_BLOCK_SUSPEND Service may establish wake locks 0.1 ✗ CapabilityBoundingSet=~CAP_LEASE Service may create file leases 0.1 ✗ CapabilityBoundingSet=~CAP_SYS_PACCT Service may use acct() 0.1 ✗ CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG Service may issue vhangup() 0.1 ✗ CapabilityBoundingSet=~CAP_WAKE_ALARM Service may program timers that wake up the system 0.1 ✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1 → Overall exposure level for smartd.service: 9.6 UNSAFE 

14 26

Big update: openSUSE Leap 15.3 testing images are finally available and detail about Leap 15.3 submissions
by Lubos Kocman 03 Feb '21

03 Feb '21

Ahoy openSUSE! I'd like to inform you that you can already find openSUSE Leap 15.3 testing images on https://software.opensuse.org/distributions/testing . We're really sorry for the delay that was caused mostly by waiting on SLE 15 SP3 Beta1 NDA liftoff and rebuild of openSUSE Backports. I've already requested process changes, so this does not happen next release. Just a reminder that openSUSE Leap 15.3 is based on the Jump concept that we've developed for the past several months. https://en.opensuse.org/Portal:Jump Any update request to existing packages should be simply submitted against openSUSE:Leap:15.3 and OBS will determine where to redirect the request either to SLE or openSUSE Backports. The top-level Leap project servers more like a wrapper for building images and to override SLE branding. On new package submissions: Please note that new packages need to be currently submitted against openSUSE:Backports:SLE-15-SP3.opensuse-factory@ We know it's inconvenient and we'll work with the Autobuild team to make it a default destination place for any new package submission for openSUSE Leap 15.3. Note: on SLE submissions: Yes you can finally do them. Please make sure that you reference JIRA (e.g. openSUSE partner id request) or bugzilla number while sending request against package comming from SUSE Linux Enterprise. The feature requests will not be approved by suse-sle- review team https://en.opensuse.org/openSUSE:Suse_sle_review_team More about open SLE/Leap Features and their progress can be found here https://etherpad.opensuse.org/p/FeatureReview-meeting We're already looking forward to your Leap 15.3 submissions. **Just a reminder that our checking deadline for Leap 15.3 Beta is scheduled for the 12th of February.** Note about software.opensuse.org: You may notice that Installation images for all arches can be now found in the Installation tabs, and the tab Ports no longer exist. This new structure corresponds with the way how we build images in 15.3. We will have to decide where to track ARMv7 once we have images, either the same tab or "Additional architectures". Happy Hacking! -- Lubos Kocman, Release Manager openSUSE Leap SUSE Software Solutions Germany GmbH Maxfeldstr. 5, 90409 Nürnberg - Germany (HRB 36809, AG Nürnberg) Geschäftsführer: Felix Imendörffer

10 15

openSUSE Release Engineering Meeting 27.01.2021
by Lubos Kocman 01 Feb '21

01 Feb '21

All meeting minutes can be found here: https://etherpad.opensuse.org/p/ReleaseEngineering-meeting ## Participants dleuenberger,guillaumeg, adrians, lkocman, rbrown, ddemaio, bigironman, maxlin, dirk !!! Please be aware that this meeting is hosted on https://meet.opensuse.org/ReleaseEngineeringMeeting ## Leap Open Source @ SUSE Internal and External marketing. We've received an bit undefined task to increase adoption and visibility of openSUSE. Mili would like. Still need to look into missing maintainers on SUSE side situation. Still some ongoing discussion about migration testing, we need to have migrations passing by Leap 15.3 Beta / 15 SP3 Public Beta (End of February). * Discussion with new packaging team lead about future python refreshes (previously done by Tomas Ch.) Dominique: ftp-tree of Leap 15.3 is not up2date. This blocks beta testing Lubos will check with Adrian. ## openSUSE Tumbleweed * Bash 5.1 available in Tumbleweed since 0120 * Few snapshots in the last week: 0122 blocked due to sysuser-tools switch to systemd-sysuser, but boo#1181328 (reverted) 0123 was 'too slow in openQA' - 0125 was ready with build way too fast, replaced snapshot 0125 was blocked due to postfix boo#1180473 (postfix reverted) 0126 en route to QA * Did some cleanup of obsolete Prefer: in openSUSE:Factory prjconf * Planned switch from LUA 5.3 to LUA 5.4 * Autoconf 2.70: some backwards incompatible changes, and implicitly starts gtkdocize in case configure.ac contains GTK_DOC_CHECK; Especially for ring0 packages, this is painful, as we cannot add gtk- doc dependenices there. Those packages need to GTKDOCIZE=true before running autoreconf (most don't need to run autoreconf, unless they patch configure - upstream your patches!) lkocman: gstreamer-plugins-bad some functionality might be dropped as part of CtLG (SLE-13843) ## Richard (Kubic/TW MicroOS) devel-project Housekeeping ongoing, significant pile of updates checked in Kubernetes 1.20.2 and 1.19.7 released (Thanks Dirk!) MicroOS for Rock64 Image is now in testing Team is looking into adding NVIDIA Jetson Nano support, investigating purchase/sponsorship options SELinux-by-default tests reviewed, changes required, WIP MicroOS talk discussing the wide scope of the Project will be at FOSDEM (Distro DevRoom) and SUSE Engineering Summit Investigating possibility of adapting/creating a new variant of Kubic focused on being a base OS for Rancher k8s AdrianS: I'll be happy to help there if needed. ## Max * Fails to verify signature of Backports RPM while installing, asked YaST team and zypp team https://bugzilla.suse.com/show_bug.cgi?id=1181344 * My experiment for zypper dup kind of works https://openqa.opensuse.org/tests/1603691 , we need https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/11696 for openQA, in reality we need to update opensuse-release package to add vendor conf change and release updated opensuse-release to supported Leap version * Have a look at migration problem reported by QA and asked Hernan give his thought about credential issue, bsc#1180851 Some maintenance updates were not picked up by Maintenance team because of missing maintainer. All packages blocking audacity update now have maintainers (lv2 lilv, serd - slees, python-Markup - mcepl) ## Guillaume - Arm Tumbleweed: * MicroOS images for Rock64 are still failing because we need to build u-boot against arm-trusted-firmware package which requires to have arm-trusted-firmware and edk2 packages in Tumbleweed first, but is blocked in legal queue (Staging:adi:75). Leap 15.3 ARM: * WIP: add JeOS package to build images for non-UEFI Arm systems. * Armv7: Project setup: See Dirk's section below. openQA: * M6g worker is currently down. Working to get it back asap. WSL: WIP to have WSL on aarch64 on https://build.opensuse.org/project/show/home:Guillaume_G:WSL The goal is to haveWSL-DistroLauncher package built for aarch64. Help welcomed. lkocman: Apple M1 chips are now "fully" supporting Linux. ## Michel ppc64le not present, nothing special to report. ## Sarah - s390x Did not attend, apologized in advance. ## Doug * EOY Results Meetups * Planned for Jan. 30. - http://bit.ly/2YiizUK * Editing video for youtube * List of items and improvements we identified - http://bit.ly/3olI8Pn * Quarterly sprints for improving websites (o.o. and get.o.o, plus more) lkocman: Is anybody aware of any reason why software-o-o couldn't be replaced by get-o-o Doug: Stasiek mentioned that this was discussed and there was a lot of ideas but the effort died based on available resources. * Looking at codes and wiki improvements * software.o.o explanation of images * may look at new survey for pain points to extract hardware info * GSOC 2021 application due by Feb. 19 * 101.o.o. updated * metrics.o.o is fixed (thx Witek) - Mili wants to see some more telemetry details, he's willing to dedicate two persons working on the telemetry solutions in installer or in general. Lubos will open a feature tracker. OPENSUSE-16 Richard: there is a whole page about it. metrics-o-o are displaying also data from mirrors. /var/lib/zypp/AnonymousUniqueID Richard - community might not like it Adrian: we could have an icon to click on to provide a feedback. Dirk: analyzing sentiment could be better. lkocman: I got recently reached out by somebody from SUSE Technical Alliance about CentOS, about the effort. Meeting will be possibly on Thursday. suseportal.cz / opensuse.cz - ongoing discussion https://etherpad.opensuse.org/p/suseportalcz_discussion Waiting for feedback from Martin Zikmund (should be this week). ## Dirk Looking at initial "Leap 15.3 for Ports" bootstrap together with Adrian. First step is to recreate the SLE packages from SLE source in OBS. Identified a > 150 packages blacklist that seems to cause fallout. Unclear how to lubos: https://en.opensuse.org/Portal:Leap:Jump/OBS/Blacklist defined/expected way less than 150 blacklisted packages. Still waiting for builds being scheduled, progress is very slow. Only managed to reach Adrian this week. No further discussion with openSUSE Backports for ports, no conclusion so far * Various package updates and build fixes for openSUSE:Factory:ARM and in general Dirk: bootstrapping is currently stalled as he approach Adrian only recently. Dirk: It doesn't make sense Leap 15.3 which only contains 1k packages. If we'd skip backports the whole project would not make any sense. Dirk: Backports people are concerned about enabling ARMv7 ## Gerald or any Board representative Not present ## Wolfgang (Package Hub) Still: Submit requests for package updates are still on hold since dependency updates on SLE side is waiting for package maintainers. Add fix for rpmlint-mini (character encoding bug) Thanks to Dirk Runtime dependency for KDE Plasma 5 (libpoppler-qt5) release thru supackages repo (Antonio is currently testing) Pattern kde was missing and couldn't build since patterns from SLE wheren't mirrored to from IBS to OBS. Mirroring patterns to OBS should be done now. lkocman: pattern* blacklist was removed yesterday by Rudi ## Adrian - CtLG Marco is still working on the submit request mirroring and transferring information. lkocman: Is there currently any todo list for the Maintenance setup? It would be great to have something testable by maintenance team after Beta. Max's pull request for osc-plugin-jump needs to be rebased, otherwise I do not have any issues with his githash. Max: rebased and merged. lkocman: how to currently handle transition of state change? We're currently having open requests after the change was accepted. And rejecting "accepted" change would not look good. Adrian: we will discuss this internally. lkocman: I'll keep internally accepted - SRs open for now Note by Adrian: SLE maintenance updates are merged to a single channel by a script by Adrian which is merging updates and keeps amount of repos/channels low. SLE Updates are published as soon as possible it's definitely within few hours, not days. Dimstar: we're enabling non-free repos for Ports. For s390x it is already enabled and published (to my surprise no changes were needed on the publisher side); question is basically if we can expect the publish to 'just happen' on ARM/PowerPC as well or if publisher adjustments would have to be expected TTM: does not have enabled pubshing since 1st of January. ## Marcus - Maintenance Adrian: patchinfo is still TBD. Dependecies should be resolvable. The setup from Jump 15.2.1 has been implemented to Leap:15.3:Updates Adrian: 15.3 SLE and 15.3 OSS is there, and I have to hardlink openSUSE:Backports:15-SP3:Update Lubos to update Maintenance team by end of the day.

3 5

New Tumbleweed snapshot 20210126 released!
by Dominique Leuenberger 31 Jan '21

31 Jan '21

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: alsa alsa-ucm-conf alsa-utils automake (1.16.2 -> 1.16.3) bluedevil5 desktop-data-openSUSE dmidecode elfutils-debuginfod epson-inkjet-printer-escpr (1.7.7 -> 1.7.8) findutils (4.7.0 -> 4.8.0) gettext-runtime gnome-packagekit gnome-tweaks java-11-openjdk (11.0.9.1 -> 11.0.10.0) kaccounts-providers kernel-source (5.10.7 -> 5.10.9) kinfocenter5 kscreen5 kwin5 libblockdev (2.24 -> 2.25) libcap (2.44 -> 2.46) libfido2 (1.5.0 -> 1.6.0) libmbim (1.24.4 -> 1.24.6) libmwaw (0.3.16 -> 0.3.17) libodfgen (0.1.7 -> 0.1.8) libqt5-qtconnectivity libqt5-qtmultimedia libqt5-qtquickcontrols libqt5-qtquickcontrols2 libqt5-qtsensors libqt5-qtwayland libstorage-ng (4.3.82 -> 4.3.85) libvirt (6.10.0 -> 7.0.0) libxkbcommon lzip (1.21 -> 1.22) milou5 mutt (2.0.4 -> 2.0.5) ncurses (6.2.20210109 -> 6.2.20210116) oath-toolkit (2.6.5 -> 2.6.6) open-vm-tools (11.2.0 -> 11.2.5) openssh pango (1.48.0 -> 1.48.1) plasma5-desktop purple-rocketchat (0.0+git20201219 -> 0.0+git20210119) python-M2Crypto python-SQLAlchemy python-libvirt-python (6.10.0 -> 7.0.0) python-pyserial (3.4 -> 3.5) python-setuptools python-sortedcontainers qemu rng-tools (6.10 -> 6.11) rubygem-asciidoctor (2.0.10 -> 2.0.12) rubygem-parallel (1.19.2 -> 1.20.1) rubygem-parallel_tests (3.3.0 -> 3.4.0) rubygem-parser (2.7.1.5 -> 3.0.0.0) rubygem-rspec (3.9.0 -> 3.10.0) rubygem-rspec-core (3.9.2 -> 3.10.1) rubygem-rspec-expectations (3.9.2 -> 3.10.1) rubygem-rspec-mocks (3.9.1 -> 3.10.1) rubygem-rspec-rails (4.0.1 -> 4.0.2) rubygem-rspec-support (3.9.3 -> 3.10.1) rubygem-rubocop (1.7.0 -> 1.8.1) rubygem-simpleidn (0.1.1 -> 0.2.1) shared-mime-info (2.0 -> 2.1) skopeo (1.1.1 -> 1.2.1) sord (0.16.6 -> 0.16.8) systemsettings5 tar (1.32 -> 1.33) texlive-specs-n (2020.176.2.004svn48145 -> 2020.177.2.004svn48145) vorbis-tools (1.4.0 -> 1.4.2) webkit2gtk3 wireshark xdg-desktop-portal-kde xdg-utils xen (4.14.1_05 -> 4.14.1_08) xfce4-genmon-plugin (4.1.0 -> 4.1.1) xfce4-whiskermenu-plugin (2.5.2 -> 2.5.3) xfsprogs (5.9.0 -> 5.10.0) yast2-bootloader (4.3.17 -> 4.3.18) yast2-storage-ng (4.3.37 -> 4.3.40) === Details === ==== alsa ==== Subpackages: libasound2 libasound2-32bit libatopology2 - Yet more fixes for the crash with dmix plugin (bsc#1181194): 0045-pcm-direct-Fix-the-missing-appl_ptr-update.patch 0046-pcm-ioplug-Pass-appl_ptr-and-hw_ptr-in-snd_pcm_statu.patch 0047-pcm-null-Pass-appl_ptr-and-hw_ptr-in-snd_pcm_status.patch 0048-pcm-share-Pass-appl_ptr-and-hw_ptr-in-snd_pcm_status.patch - Backport upstream fixes: yet more PCM plugin fixes, topology fixes/cleanups, UAF fix in UCM (bsc#1181194): 0004-topology-use-inclusive-language-for-bclk.patch 0005-topology-use-inclusive-language-for-fsync.patch 0006-topology-use-inclusive-language-in-documentation.patch 0034-ucm-fix-possible-memory-leak-in-parse_verb_file.patch 0035-topology-tplg_pprint_integer-fix-coverity-uninitaliz.patch 0036-topology-tplg_add_widget_object-do-not-use-invalid-e.patch 0037-topology-tplg_decode_pcm-add-missing-log-argument-co.patch 0038-topology-parse_tuple_set-remove-dead-condition-code.patch 0039-ucm-uc_mgr_substitute_tree-fix-use-after-free.patch 0040-topology-sort_config-cleanups-use-goto-for-the-error.patch 0041-conf-USB-add-Xonar-U7-MKII-to-USB-Audio.pcm.iec958_d.patch 0042-pcm_plugin-set-the-initial-hw_ptr-appl_ptr-from-the-.patch 0043-pcm-dmix-dshare-delay-calculation-fixes-and-cleanups.patch 0044-topology-fix-parse_tuple_set-remove-dead-condition-c.patch ==== alsa-ucm-conf ==== - Backport upstream fixes: more Baytrail/Cherrytrail profiles, TRX40 / ALC1220-VLC profiles: 0013-bytcr-rt5640-Add-support-for-devices-without-speaker.patch 0014-rt5640-Move-standard-DAC-setup-to-EnableSeq.conf.patch 0015-bytcr-rt5640-fix-the-execution-order.patch 0016-ucm2-add-initial-configuration-for-TRX40-Gigabyte-Ao.patch 0017-USB-Audio-ALC1220-Bump-analog-Speaker-priority-over-.patch 0018-USB-Audio-ALC1220-fix-indentation-for-Speaker-device.patch 0019-USB-Audio-fix-indentation-in-Gigabyte-Aorus-Master-M.patch 0020-chtnau8824-Add-a-SST-define-variable.patch 0021-kblrt5660-Fix-file-permissions.patch - Run fdupes to reduce the duplicated files ==== alsa-utils ==== - Backport upstream fixes: various fixes in aplay, alsamixer, alsactl and alsaloop, updated translations, etc: 0001-aplay-try-to-use-16-bit-format-to-increase-capture-q.patch 0002-alsamixer-Fix-the-mixer-views-description-in-man-pag.patch 0003-Add-Slovak-translation.patch 0004-Add-Basque-translation.patch 0006-aplay-cosmetic-code-fix-in-xrun.patch 0007-aplay-fix-the-CPU-busy-loop-in-the-pause-handler.patch 0008-alsa-info-Add-lsusb-and-stream-outputs.patch 0013-aplay-add-test-code-for-snd_pcm_status-to-test-posit.patch 0014-ucm-fix-typo-in-docs.patch 0015-aplay-add-avail-delay-checks-to-test-position.patch 0016-alsactl-daemon-read_pid_file-fix-the-returned-code-o.patch 0017-alsactl-init-set_ctl_value-fix-bytes-parsing.patch 0018-alsactl-init-parse-fix-possible-double-free.patch 0019-alsaloop-fix-possible-memory-leak-in-create_loopback.patch 0020-alsaloop-get_queued_playback_samples-simplify-code.patch 0021-topology-fix-possible-double-free-in-load.patch 0022-alsamixer-remove-dead-fcn-widget_handle_key-in-widge.patch 0023-alsamixer-remove-unused-variable-y-in-display_scroll.patch 0024-alsamixer-fix-shift-in-parse_words.patch 0025-aplay-fix-the-test-position-test-for-playback-avail-.patch ==== automake ==== Version update (1.16.2 -> 1.16.3) - add fix-testsuite-failures-with-autoconf270.patch to fix compatibility with autoconf 2.70 - update to 1.16.3: - In the testsuite summary, the "for $(PACKAGE_STRING)" suffix can be overridden with the AM_TESTSUITE_SUMMARY_HEADER variable. - Python 3.10 version number no longer considered to be 3.1. - Broken links in manual fixed or removed, and new script contrib/checklinkx (a small modification of W3C checklink) added, with accompany target checklinkx to recheck urls. - install-exec target depends on $(BUILT_SOURCES). - valac argument matching more precise, to avoid garbage in DIST_COMMON. - Support for Vala in VPATH builds fixed so that both freshly-generated and distributed C files work, and operation is more reliable with or without an installed valac. - Dejagnu doesn't break on directories containing spaces. - new variable AM_DISTCHECK_DVI_TARGET, to allow overriding the "make dvi" that is done as part of distcheck. - install-sh tweaks: . new option -p to preserve mtime, i.e., invoke cp -p. . new option -S SUFFIX to attempt backup files using SUFFIX. . no longer unconditionally uses -f when rm is overridden by RMPROG. . does not chown existing directories. - Removed function up_to_date_p in lib/Automake/FileUtils.pm. We believe this function is completely unused. - Support for in-tree Vala libraries improved. - rename automake-SuSE.patch to automake-suse-vendor.patch and refresh - remove automake-testsuite-vala-gcc10.patch (upstream) ==== bluedevil5 ==== Subpackages: bluedevil5-lang - Add compatibility with qml-autoreqprov ==== desktop-data-openSUSE ==== - Move call-browser and desktop-launch symlink to xdg-utils. ==== dmidecode ==== 2 recommended fixes from upstream: - dmidecode-fix-the-condition-error-in-ascii_filter.patch: dmidecode: Fix the condition error in ascii_filter. - dmidecode-fix-crash-with-u-option.patch: dmidecode: Fix crash with -u option. ==== elfutils-debuginfod ==== - Add upstream config-do-not-define-DEBUGINFOD_URLS-environment-var.patch in order to fix boo#1180306. ==== epson-inkjet-printer-escpr ==== Version update (1.7.7 -> 1.7.8) - Update to 1.7.8: * Supported new model: + Epson-EP-713A_Series + Epson-EP-813A_Series * Fixed an issue of filter crash when FIFO I/O was closed. - Rebased bug_x86_64.patch. ==== findutils ==== Version update (4.7.0 -> 4.8.0) Subpackages: findutils-lang - update upstream signing key - remove deprecated texinfo packaging macros - run spec-cleaner - Update to 4.8.0. Announcement: https://savannah.gnu.org/forum/forum.php?forum_id=9914 - findutils.spec: - Source0: Fix download URL: remove "pub/". - %check: Output the content of all test-suite files in case of errors. - Remove now-upstream patches: - disable-null-ptr-test.patch - findutils-gnulib-disable-test-float.patch - findutils-gnulib-test-avoid-FP-perror-strerror.patch ==== gettext-runtime ==== Subpackages: gettext-tools libtextstyle0 - fixup libtextstyle autofoo with adding use-acinit-for-libtextstyle.patch ==== gnome-packagekit ==== Subpackages: gnome-packagekit-lang - Add gnome-packagekit-define-HAVE_SYSTEMD.patch: define HAVE_SYSTEMD macro if systemd if found (glgo#GNOME/gnome-packagekit!3, bsc#1134544). ==== gnome-tweaks ==== Subpackages: gnome-tweaks-lang - Add 77dde7477922f645946bfc64b1b25aeed2b01919.patch -- Update Norwegian bokmål translation. ==== java-11-openjdk ==== Version update (11.0.9.1 -> 11.0.10.0) Subpackages: java-11-openjdk-headless - Update to upstream tag jdk-11.0.10-9 (January 2021 CPU, bsc#1181239) * Security fixes + JDK-8247619: Improve Direct Buffering of Characters * Other changes + JDK-6722928: Support SSPI as a native GSS-API provider + JDK-7185258: [macosx] Deadlock in SunToolKit.realSync() + JDK-8152332: [macosx] JFileChooser cannot be serialized on Mac OS X + JDK-8161684: [testconf] Add VerifyOops' testing into compiler tiers + JDK-8171279: Support X25519 and X448 in TLS + JDK-8173361: various crashes in JvmtiExport::post_compiled_method_load + JDK-8173658: JvmtiExport::post_class_unload() is broken for non-JavaThread initiators + JDK-8191006: hsdis disassembler plugin does not compile with binutils 2.29+ + JDK-8197981: Missing return statement in __sync_val_compare_and_swap_8 + JDK-8198334: java/awt/FileDialog/8003399/bug8003399.java fails in headless mode + JDK-8200151: Add 8 JNDI tests to com/sun/jndi/dns/ConfigTests/ + JDK-8208279: Add 8 JNDI tests to com/sun/jndi/dns/EnvTests/ + JDK-8208483: Add 5 JNDI tests to com/sun/jndi/dns/FactoryTests/ + JDK-8208542: Add 4 JNDI tests to com/sun/jndi/dns/ListTests/ + JDK-8208665: Amend cross-compilation docs with qemu-debootstrap recipe + JDK-8210088: ProblemList gc/epsilon/TestMemoryMXBeans.java + JDK-8210339: Add 10 JNDI tests to com/sun/jndi/dns/FedTests/ + JDK-8211450: UndetVar::dup is not copying the kind field to the duplicated instance + JDK-8212160: JVMTI agent crashes with "assert(_value != 0LL) failed: resolving NULL _value" + JDK-8212226: SurfaceManager throws "Invalid Image variant" for MultiResolutionImage (Windows) + JDK-8213400: Support choosing group name in keytool keypair generation + JDK-8213535: Windows HiDPI html lightweight tooltips are truncated + JDK-8213698: Improve devkit creation and add support for linux/ppc64/ppc64le/s390x + JDK-8214025: assert(t->singleton()) failed: must be a constant when ScavengeRootsInCode < 2 + JDK-8214242: compiler/arguments/TestScavengeRootsInCode.java fails because of missing UnlockDiagnosticVMOptions + JDK-8214787: Zero builds fail with "undefined JavaThread::thread_state()" + JDK-8215583: Exclude runtime/handshake/HandshakeWalkSuspendExitTest.java + JDK-8216012: Infinite loop in RSA KeyPairGenerator + JDK-8216324: GetClassMethods is confused by the presence of default methods in super interfaces + JDK-8217429: WebSocket over authenticating proxy fails to send Upgrade headers + JDK-8217976: test/jdk/java/net/httpclient/websocket/ /WebSocketProxyTest.java fails intermittently + JDK-8218021: Have jarsigner preserve posix permission attributes + JDK-8218287: jshell tool: input behavior unstable after 12-ea+24 on Windows + JDK-8218851: JVM crash in custom classloader stress test, JDK 12 & 13 + JDK-8220420: Cleanup c1_LinearScan + JDK-8222072: JVMTI GenerateEvents() sends CompiledMethodLoad events to wrong jvmtiEnv + JDK-8222286: Fix for JDK-8213419 is broken on s390 + JDK-8222527: HttpClient doesn't send HOST header when tunelling HTTP/1.1 through http proxy + JDK-8222533: jtreg test jdk/internal/platform/cgroup/ /TestCgroupMetrics.java fails on SLES12.3 linux ppc64le machine + JDK-8224506: [TESTBUG] TestDockerMemoryMetrics.java fails with exitValue = 137 + JDK-8224555: vmTestbase/nsk/jvmti/scenarios/contention/TC02/ /tc02t001/TestDescription.java failed + JDK-8224650: Add tests to support X25519 and X448 in TLS + JDK-8225072: Add LuxTrust certificate that is expiring in March 2021 to list of allowed but expired certs + JDK-8225329: -XX:+PrintBiasedLockingStatistics causes crash during initialization on Windows platforms + JDK-8225687: Newly added sspi.cpp in JDK-6722928 still contains some small errors + JDK-8227006: [linux] Runtime.availableProcessors execution time increased by factor of 100 + JDK-8227275: Within native OOM error handling, assertions may hang the process + JDK-8227647: [Graal] Test8009761.java fails due to "RuntimeException: static java.lang.Object compiler.uncommontrap.Test8009761.m3(boolean,boolean) not compiled" + JDK-8229495: SIGILL in C2 generated OSR compilation + JDK-8230910: libsspi_bridge does not build on Windows 32bit + JDK-8232114: JVM crashed at imjpapi.dll in native code + JDK-8234147: Avoid looking up standard charsets in core libraries + JDK-8234393: [macos] printing ignores printer tray + JDK-8234863: Increase default value of MaxInlineLevel + JDK-8235218: Minimal VM is broken after JDK-8173361 + JDK-8235456: Minimal VM is broken after JDK-8212160 + JDK-8235829: graal crashes with Zombie.java test + JDK-8236124: Minimal VM slowdebug build failed after JDK-8212160 + JDK-8236512: PKCS11 Connection closed after Cipher.doFinal and NoPadding + JDK-8236944: The legVecZ operand should be limited to zmm0-zmm15 registers + JDK-8237186: Fix typo in copyright header of java/io/Reader/TransferTo.java + JDK-8237499: JFR: Include stack trace in the ThreadStart event + JDK-8237512: AArch64: aarch64TestHook leaks a BufferBlob + JDK-8237524: AArch64: String.compareTo() may return incorrect result + JDK-8237950: C2 compilation fails with "Live Node limit exceeded limit" during ConvI2L::Ideal optimization + JDK-8238579: HttpsURLConnection drops the timeout and hangs forever in read + JDK-8239105: Add exception for expiring Digicert root certificates to VerifyCACerts test + JDK-8239477: jdk/jfr/jcmd/TestJcmdStartStopDefault.java fails - XX:+VerifyOops with "verify_oop: rsi: broken oop" + JDK-8239497: SEGV in EdgeUtils::field_name_symbol(Edge const&) + JDK-8239886: Minimal VM build fails after JDK-8237499 + JDK-8240633: Memory leaks in the implementations of FileChooserUI + JDK-8240690: Race condition between EDT and BasicDirectoryModel.FilesLoader.run0() + JDK-8241234: Unify monitor enter/exit runtime entries. + JDK-8241311: Move some charset mapping tests from closed to open + JDK-8241797: Add some tests to the problem list + JDK-8242029: AArch64: skip G1 array copy pre-barrier if marking not active + JDK-8242335: Additional Tests for RSASSA-PSS + JDK-8242480: Negative value may be returned by getFreeSwapSpaceSize() in the docker + JDK-8242614: cleanup duplicated test ldap server in some com/sun/jndi/ldap/ tests + JDK-8242846: Bring back test/jdk/tools/jlink/plugins/ /OrderResourcesPluginTest.java + JDK-8243114: Implement montgomery{Multiply,Square}intrinsics on Windows + JDK-8243290: Improve diagnostic messages for class verification and redefinition failures + JDK-8243488: Add tests for set/get SendBufferSize and getReceiveBufferSize in DatagramSocket + JDK-8243549: sun/security/ssl/CipherSuite/ /NamedGroupsWithCipherSuite.java failed with Unsupported signature algorithm: DSA + JDK-8243617: compiler/onSpinWait/TestOnSpinWaitC1.java test uses wrong class + JDK-8243619: compiler/codecache/CheckSegmentedCodeCache.java test misses -version + JDK-8244142: some hotspot/runtime tests don't check exit code of forked JVM + JDK-8244278: Excessive code cache flushes and sweeps + JDK-8244282: test/hotspot/jtreg/compiler/intrinsics/ /Test8237524.java fails with --illegal-access=deny + JDK-8244621: [macos10.15] Garbled FX printing plus CoreText warnings on Catalina when building with Xcode 11 + JDK-8244819: hsdis does not compile with binutils 2.34+ + JDK-8245051: c1 is broken if it is compiled by gcc without - fno-lifetime-dse + JDK-8245168: jlink should not be treated as a "small" tool + JDK-8245400: Upgrade to LittleCMS 2.11 + JDK-8246381: VM crashes with "Current BasicObjectLock* below than low_mark" + JDK-8246434: Threads::print_on_error assumes that the heap has been set up + JDK-8246648: issue with OperatingSystemImpl getFreeSwapSpaceSize in docker after 8242480 + JDK-8247201: Print potential pointer value of readable stack memory in hs_err file + JDK-8247763: assert(outer->outcnt() == 2) failed: 'only phis' failure in LoopNode::verify_strip_mined() + JDK-8247867: Upgrade to freetype 2.10.2 + JDK-8248190: Enable Power10 system and implement new byte-reverse instructions + JDK-8248226: TestCloneAccessStressGCM fails with - XX:-ReduceBulkZeroing + JDK-8248347: windows build broken by JDK-8243114 + JDK-8248532: Every time I change keyboard language at my MacBook, Java crashes + JDK-8248552: C2 crashes with SIGFPE due to division by zero + JDK-8248596: [TESTBUG] compiler/loopopts/ /PartialPeelingUnswitch.java times out with Graal enabled + JDK-8248745: Add jarsigner and keytool tests for restricted algorithms + JDK-8248791: sun/util/resources/cldr/TimeZoneNamesTest.java fails with -XX:-ReduceInitialCardMarks -XX:-ReduceBulkZeroing + JDK-8248845: AArch64: stack corruption after spilling vector register + JDK-8249176: Update GlobalSignR6CA test certificates + JDK-8249183: JVM crash in "AwtFrame::WmSize" method + JDK-8249192: MonitorInfo stores raw oops across safepoints + JDK-8249602: C2: assert(cnt == _outcnt) failed: no insertions allowed + JDK-8249603: C1: assert(has_error == false) failed: register allocation invalid + JDK-8249605: C2: assert(no_dead_loop) failed: dead loop detected + JDK-8249607: C2: assert(!had_error) failed: bad dominance + JDK-8249608: Vector register used by C2 compiled method corrupted at safepoint + JDK-8249672: Include microcode revision in features_string on x86 + JDK-8249748: gtest silently ignores bad jvm arguments + JDK-8249821: Separate libharfbuzz from libfontmanager + JDK-8250598: Hyper-V is detected in spite of running on host OS + JDK-8250605: Linux x86_32 builds fail after JDK-8249821 + JDK-8250636: iso8601_time returns incorrect offset part on MacOS + JDK-8250665: Wrong translation for the month name of May in ar_JO,LB,SY + JDK-8250772: Test com/sun/jndi/ldap/ /NamingExceptionMessageTest.java fails intermittently with javax.naming.ServiceUnavailableException + JDK-8250825: C2 crashes with assert(field != __null) failed: missing field + JDK-8250894: Provide a configure option to build and run against the platform libharfbuzz + JDK-8250928: JFR: Improve hash algorithm for stack traces + JDK-8250968: Symlinks attributes not preserved when using jarsigner on zip files + JDK-8250984: Memory Docker tests fail on some Linux kernels w/o cgroupv1 swap limit capabilities + JDK-8251118: BiasedLocking::preserve_marks should not have a HandleMark + JDK-8251189: com/sun/jndi/ldap/LdapDnsProviderTest.java failed due to timeout + JDK-8251257: NMT: jcmd VM.native_memory scale=1 crashes target VM + JDK-8251365: Build failure on AIX after 8250636 + JDK-8251397: NPE on ClassValue.ClassValueMap.cacheArray + JDK-8251456: [TESTBUG] compiler/vectorization/ /TestVectorsNotSavedAtSafepoint.java failed OutOfMemoryError + JDK-8251458: Parse::do_lookupswitch fails with "assert(_cnt >= 0) failed" + JDK-8251535: Partial peeling at unsigned test adds incorrect loop exit check + JDK-8251949: ZGC: Set explicit heap size for compiler/gcbarriers tests + JDK-8252090: JFR: StreamWriterHost::write_unbuffered() stucks in an infinite loop OpenJDK (build 13.0.1+9) + JDK-8252415: Bump update version for OpenJDK: jdk-11.0.10 + JDK-8252470: java/awt/dnd/DisposeFrameOnDragCrash/ /DisposeFrameOnDragTest.java fails on Windows + JDK-8252497: Incorrect numeric currency code for ROL + JDK-8252660: Shenandoah: support manageable SoftMaxHeapSize option + JDK-8252679: Two windows specific FileDIalog tests may fail on some Windows_Server_2016_Standard + JDK-8252696: Loop unswitching may cause out of bound array load to be executed + JDK-8252754: Hash code calculation of JfrStackTrace is inconsistent + JDK-8253219: Epsilon: clean up unnecessary includes + JDK-8253224: Shenandoah: ShenandoahStrDedupQueue destructor calls virtual num_queues() + JDK-8253226: Shenandoah: remove unimplemented ShenandoahStrDedupQueue::verify + JDK-8253269: The CheckCommonColors test should provide more info on failure + JDK-8253284: Zero OrderAccess barrier mappings are incorrect + JDK-8253375: OSX build fails with Xcode 12.0 (12A7209) + JDK-8253778: ShenandoahSafepoint::is_at_shenandoah_safepoint should not access VMThread state from other threads + JDK-8253791: Issue with useAppleColor check in CSystemColors.m + JDK-8254016: Test8237524 fails with -XX:-CompactStrings option + JDK-8254081: java/security/cert/PolicyNode/ /GetPolicyQualifiers.java fails due to an expired certificate + JDK-8254144: Non-x86 Zero builds fail with return-type warning in os_linux_zero.cpp + JDK-8254166: Zero: return-type warning in zeroInterpreter_zero.cpp + JDK-8254177: (tz) Upgrade time-zone data to tzdata2020b + JDK-8254185: Fix Code cache sweeper heuristics for JDK 11 + JDK-8254190: [s390] interpreter misses exception check after calling monitorenter + JDK-8254790: SIGSEGV in string_indexof_char and stringL_indexof_char intrinsics + JDK-8254854: [cgroups v1] Metric limits not properly detected on some join controller combinations + JDK-8254982: (tz) Upgrade time-zone data to tzdata2020c + JDK-8255050: Add pkcs11/KeyStore/ClientAuth.sh to Problem list + JDK-8255065: Zero: accessor_entry misses the IRIW case + JDK-8255226: (tz) Upgrade time-zone data to tzdata2020d + JDK-8255269: Unsigned overflow in g1Policy.cpp + JDK-8255365: Problem list failing client manual tests + JDK-8255457: Shenandoah: cleanup ShenandoahMarkTask + JDK-8255466: C2 crashes at ciObject::get_oop() const+0x0 + JDK-8255550: x86: Assembler::cmpq(Address dst, Register src) encoding is incorrect + JDK-8255603: Memory/Performance regression after JDK-8210985 + JDK-8255760: Shenandoah: match constants style in ShenandoahMarkTask fallback + JDK-8255781: Bump patch update version for OpenJDK: jdk-11.0.9.1 + JDK-8255937: Better cleanup for test/jdk/javax/imageio/stream/StreamFlush.java + JDK-8256427: Test com/sun/jndi/dns/ConfigTests/ /PortUnreachable.java does not work on AIX + JDK-8256452: Integrate missing part of JDK-8232370 to 11u + JDK-8256483: [TESTBUG] serviceability/jvmti/GetClassMethods/ /libOverpassMethods.c fails to compile on gcc 4.4.x + JDK-8256557: libharfbuzz fails to link on gcc 4.4.x due to - Wl,-z,defs + JDK-8256618: Zero: Linux x86_32 build still fails + JDK-8256736: Zero: GTest tests fail with "unsuppported vm variant" + JDK-8256809: Annotation processing causes NPE during flow analysis + JDK-8257181: s390x builds are very noisy with gc-sections messages + JDK-8257242: [macOS] Java app crashes while switching input methods + JDK-8257545: SunJSSE FIPS regression in key exchange after JDK-8171279 11u backport + JDK-8257641: Shenandoah: Query is_at_shenandoah_safepoint() from control thread should return false + JDK-8257701: Shenandoah: objArrayKlass metadata is not marked with chunked arrays + JDK-8258630: Add expiry exception for QuoVadis root certificate - New upstream dependency on libharfbuzz - Regenerated patches: missing-return.patch system-pcsclite.patch ==== kaccounts-providers ==== Subpackages: kaccounts-providers-lang - Add compatibility with qml-autoreqprov ==== kernel-source ==== Version update (5.10.7 -> 5.10.9) Subpackages: kernel-default kernel-docs - Linux 5.10.9 (bsc#1012628). - btrfs: reloc: fix wrong file extent type check to avoid false ENOENT (bsc#1012628). - btrfs: prevent NULL pointer dereference in extent_io_tree_panic (bsc#1012628). - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machines (bsc#1012628). - ALSA: doc: Fix reference to mixart.rst (bsc#1012628). - ASoC: AMD Renoir - add DMI entry for Lenovo ThinkPad X395 (bsc#1012628). - ASoC: dapm: remove widget from dirty list on free (bsc#1012628). - x86/hyperv: check cpu mask after interrupt has been disabled (bsc#1012628). - drm/amdgpu: add green_sardine device id (v2) (bsc#1012628). - drm/amdgpu: fix DRM_INFO flood if display core is not supported (bug 210921) (bsc#1012628). - drm/amdgpu: add new device id for Renior (bsc#1012628). - drm/i915: Allow the sysadmin to override security mitigations (bsc#1012628). - drm/i915/gt: Limit VFE threads based on GT (bsc#1012628). - drm/i915/backlight: fix CPU mode backlight takeover on LPT (bsc#1012628). - drm/bridge: sii902x: Refactor init code into separate function (bsc#1012628). - dt-bindings: display: sii902x: Add supply bindings (bsc#1012628). - drm/bridge: sii902x: Enable I/O and core VCC supplies if present (bsc#1012628). - tracing/kprobes: Do the notrace functions check without kprobes on ftrace (bsc#1012628). - tools/bootconfig: Add tracing_on support to helper scripts (bsc#1012628). - ext4: use IS_ERR instead of IS_ERR_OR_NULL and set inode null when IS_ERR (bsc#1012628). - ext4: fix wrong list_splice in ext4_fc_cleanup (bsc#1012628). - ext4: fix bug for rename with RENAME_WHITEOUT (bsc#1012628). - cifs: check pointer before freeing (bsc#1012628). - cifs: fix interrupted close commands (bsc#1012628). - riscv: Drop a duplicated PAGE_KERNEL_EXEC (bsc#1012628). - riscv: return -ENOSYS for syscall -1 (bsc#1012628). - riscv: Fixup CONFIG_GENERIC_TIME_VSYSCALL (bsc#1012628). - riscv: Fix KASAN memory mapping (bsc#1012628). - mips: fix Section mismatch in reference (bsc#1012628). - mips: lib: uncached: fix non-standard usage of variable 'sp' (bsc#1012628). - MIPS: boot: Fix unaligned access with CONFIG_MIPS_RAW_APPENDED_DTB (bsc#1012628). - MIPS: Fix malformed NT_FILE and NT_SIGINFO in 32bit coredumps (bsc#1012628). - MIPS: relocatable: fix possible boot hangup with KASLR enabled (bsc#1012628). - RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd() (bsc#1012628). - ACPI: scan: Harden acpi_device_add() against device ID overflows (bsc#1012628). - xen/privcmd: allow fetching resource sizes (bsc#1012628). - compiler.h: Raise minimum version of GCC to 5.1 for arm64 (bsc#1012628). - mm/vmalloc.c: fix potential memory leak (bsc#1012628). - mm/hugetlb: fix potential missing huge page size info (bsc#1012628). - mm/process_vm_access.c: include compat.h (bsc#1012628). - dm raid: fix discard limits for raid1 (bsc#1012628). - dm snapshot: flush merged data before committing metadata (bsc#1012628). - dm integrity: fix flush with external metadata device (bsc#1012628). - dm integrity: fix the maximum number of arguments (bsc#1012628). - dm crypt: use GFP_ATOMIC when allocating crypto requests from softirq (bsc#1012628). - dm crypt: do not wait for backlogged crypto request completion in softirq (bsc#1012628). - dm crypt: do not call bio_endio() from the dm-crypt tasklet (bsc#1012628). - dm crypt: defer decryption to a tasklet if interrupts disabled (bsc#1012628). - stmmac: intel: change all EHL/TGL to auto detect phy addr (bsc#1012628). - r8152: Add Lenovo Powered USB-C Travel Hub (bsc#1012628). - btrfs: tree-checker: check if chunk item end overflows (bsc#1012628). - ext4: don't leak old mountpoint samples (bsc#1012628). - io_uring: don't take files/mm for a dead task (bsc#1012628). - io_uring: drop mm and files after task_work_run (bsc#1012628). - ARC: build: remove non-existing bootpImage from KBUILD_IMAGE (bsc#1012628). - ARC: build: add uImage.lzma to the top-level target (bsc#1012628). - ARC: build: add boot_targets to PHONY (bsc#1012628). - ARC: build: move symlink creation to arch/arc/Makefile to avoid race (bsc#1012628). - ARM: omap2: pmic-cpcap: fix maximum voltage to be consistent with defaults on xt875 (bsc#1012628). - ath11k: fix crash caused by NULL rx_channel (bsc#1012628). - netfilter: ipset: fixes possible oops in mtype_resize (bsc#1012628). - ath11k: qmi: try to allocate a big block of DMA memory first (bsc#1012628). - btrfs: fix async discard stall (bsc#1012628). - btrfs: merge critical sections of discard lock in workfn (bsc#1012628). - btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan (bsc#1012628). - regulator: bd718x7: Add enable times (bsc#1012628). - ethernet: ucc_geth: fix definition and size of ucc_geth_tx_global_pram (bsc#1012628). - ARM: dts: ux500/golden: Set display max brightness (bsc#1012628). - habanalabs: adjust pci controller init to new firmware (bsc#1012628). - habanalabs/gaudi: retry loading TPC f/w on -EINTR (bsc#1012628). - habanalabs: register to pci shutdown callback (bsc#1012628). - staging: spmi: hisi-spmi-controller: Fix some error handling paths (bsc#1012628). - spi: altera: fix return value for altera_spi_txrx() (bsc#1012628). - habanalabs: Fix memleak in hl_device_reset (bsc#1012628). - hwmon: (pwm-fan) Ensure that calculation doesn't discard big period values (bsc#1012628). - lib/raid6: Let $(UNROLL) rules work with macOS userland (bsc#1012628). - kconfig: remove 'kvmconfig' and 'xenconfig' shorthands (bsc#1012628). - spi: fix the divide by 0 error when calculating xfer waiting time (bsc#1012628). - io_uring: drop file refs after task cancel (bsc#1012628). - bfq: Fix computation of shallow depth (bsc#1012628). - arch/arc: add copy_user_page() to <asm/page.h> to fix build error on ARC (bsc#1012628). - misdn: dsp: select CONFIG_BITREVERSE (bsc#1012628). - net: ethernet: fs_enet: Add missing MODULE_LICENSE (bsc#1012628). - selftests: fix the return value for UDP GRO test (bsc#1012628). - nvme-pci: mark Samsung PM1725a as IGNORE_DEV_SUBNQN (bsc#1012628). - nvme: avoid possible double fetch in handling CQE (bsc#1012628). - nvmet-rdma: Fix list_del corruption on queue establishment failure (bsc#1012628). - drm/amd/display: fix sysfs amdgpu_current_backlight_pwm NULL pointer issue (bsc#1012628). - drm/amdgpu: fix a GPU hang issue when remove device (bsc#1012628). - drm/amd/pm: fix the failure when change power profile for renoir (bsc#1012628). - drm/amdgpu: fix potential memory leak during navi12 deinitialization (bsc#1012628). - usb: typec: Fix copy paste error for NVIDIA alt-mode description (bsc#1012628). - iommu/vt-d: Fix lockdep splat in sva bind()/unbind() (bsc#1012628). - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI (bsc#1012628). - drm/msm: Call msm_init_vram before binding the gpu (bsc#1012628). - ARM: picoxcell: fix missing interrupt-parent properties (bsc#1012628). - poll: fix performance regression due to out-of-line __put_user() (bsc#1012628). - rcu-tasks: Move RCU-tasks initialization to before early_initcall() (bsc#1012628). - bpf: Simplify task_file_seq_get_next() (bsc#1012628). - bpf: Save correct stopping point in file seq iteration (bsc#1012628). - x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (bsc#1012628). - cfg80211: select CONFIG_CRC32 (bsc#1012628). - nvme-fc: avoid calling _nvme_fc_abort_outstanding_ios from interrupt context (bsc#1012628). - iommu/vt-d: Update domain geometry in iommu_ops.at(de)tach_dev (bsc#1012628). - net/mlx5e: CT: Use per flow counter when CT flow accounting is enabled (bsc#1012628). - net/mlx5: Fix passing zero to 'PTR_ERR' (bsc#1012628). - net/mlx5: E-Switch, fix changing vf VLANID (bsc#1012628). - blk-mq-debugfs: Add decode for BLK_MQ_F_TAG_HCTX_SHARED (bsc#1012628). - mm: fix clear_refs_write locking (bsc#1012628). - mm: don't play games with pinned pages in clear_page_refs (bsc#1012628). - mm: don't put pinned pages into the swap cache (bsc#1012628). - perf intel-pt: Fix 'CPU too large' error (bsc#1012628). - dump_common_audit_data(): fix racy accesses to ->d_name (bsc#1012628). - ASoC: meson: axg-tdm-interface: fix loopback (bsc#1012628). - ASoC: meson: axg-tdmin: fix axg skew offset (bsc#1012628). - ASoC: Intel: fix error code cnl_set_dsp_D0() (bsc#1012628). - nvmet-rdma: Fix NULL deref when setting pi_enable and traddr INADDR_ANY (bsc#1012628). - nvme: don't intialize hwmon for discovery controllers (bsc#1012628). - nvme-tcp: fix possible data corruption with bio merges (bsc#1012628). - nvme-tcp: Fix warning with CONFIG_DEBUG_PREEMPT (bsc#1012628). - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock (bsc#1012628). - pNFS: We want return-on-close to complete when evicting the inode (bsc#1012628). - pNFS: Mark layout for return if return-on-close was not sent (bsc#1012628). - pNFS: Stricter ordering of layoutget and layoutreturn (bsc#1012628). - NFS: Adjust fs_context error logging (bsc#1012628). - NFS/pNFS: Don't call pnfs_free_bucket_lseg() before removing the request (bsc#1012628). - NFS/pNFS: Don't leak DS commits in pnfs_generic_retry_commit() (bsc#1012628). - NFS/pNFS: Fix a leak of the layout 'plh_outstanding' counter (bsc#1012628). - NFS: nfs_delegation_find_inode_server must first reference the superblock (bsc#1012628). - NFS: nfs_igrab_and_active must first reference the superblock (bsc#1012628). - scsi: ufs: Fix possible power drain during system suspend (bsc#1012628). - ext4: fix superblock checksum failure when setting password salt (bsc#1012628). - RDMA/restrack: Don't treat as an error allocation ID wrapping (bsc#1012628). - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp (bsc#1012628). - bnxt_en: Improve stats context resource accounting with RDMA driver loaded (bsc#1012628). - RDMA/mlx5: Fix wrong free of blue flame register on error (bsc#1012628). - IB/mlx5: Fix error unwinding when set_has_smi_cap fails (bsc#1012628). - umount(2): move the flag validity checks first (bsc#1012628). - dm zoned: select CONFIG_CRC32 (bsc#1012628). - drm/i915/dsi: Use unconditional msleep for the panel_on_delay when there is no reset-deassert MIPI-sequence (bsc#1012628). - drm/i915/icl: Fix initing the DSI DSC power refcount during HW readout (bsc#1012628). - drm/i915/gt: Restore clear-residual mitigations for Ivybridge, Baytrail (bsc#1012628). - mm, slub: consider rest of partial list if acquire_slab() fails (bsc#1012628). - riscv: Trace irq on only interrupt is enabled (bsc#1012628). - iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev() (bsc#1012628). - net: sunrpc: interpret the return value of kstrtou32 correctly (bsc#1012628). - selftests: netfilter: Pass family parameter "-f" to conntrack tool (bsc#1012628). - dm: eliminate potential source of excessive kernel log noise (bsc#1012628). - ALSA: fireface: Fix integer overflow in transmit_midi_msg() (bsc#1012628). - ALSA: firewire-tascam: Fix integer overflow in midi_port_work() (bsc#1012628). - netfilter: conntrack: fix reading nf_conntrack_buckets (bsc#1012628). - netfilter: nf_nat: Fix memleak in nf_nat_init (bsc#1012628). - Update config files. - commit b7732a5 - Linux 5.10.8 (bsc#1012628). - powerpc/32s: Fix RTAS machine check with VMAP stack (bsc#1012628). - io_uring: synchronise IOPOLL on task_submit fail (bsc#1012628). - io_uring: limit {io|sq}poll submit locking scope (bsc#1012628). - io_uring: patch up IOPOLL overflow_flush sync (bsc#1012628). - iommu/arm-smmu-qcom: Initialize SCTLR of the bypass context (bsc#1012628). - io_uring: Fix return value from alloc_fixed_file_ref_node (bsc#1012628). - btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1012628). - btrfs: fix deadlock when cloning inline extent and low on free metadata space (bsc#1012628). - btrfs: shrink delalloc pages instead of full inodes (bsc#1012628). - net: cdc_ncm: correct overhead in delayed_ndp_size (bsc#1012628). - net: hns3: fix incorrect handling of sctp6 rss tuple (bsc#1012628). - net: hns3: fix the number of queues actually used by ARQ (bsc#1012628). - net: hns3: fix a phy loopback fail issue (bsc#1012628). - net: stmmac: dwmac-sun8i: Fix probe error handling (bsc#1012628). - net: stmmac: dwmac-sun8i: Balance internal PHY resource references (bsc#1012628). - net: stmmac: dwmac-sun8i: Balance internal PHY power (bsc#1012628). - net: stmmac: dwmac-sun8i: Balance syscon (de)initialization (bsc#1012628). - net: vlan: avoid leaks on register_vlan_dev() failures (bsc#1012628). - net/sonic: Fix some resource leaks in error handling paths (bsc#1012628). - net: bareudp: add missing error handling for bareudp_link_config() (bsc#1012628). - ptp: ptp_ines: prevent build when HAS_IOMEM is not set (bsc#1012628). - net: ipv6: fib: flush exceptions when purging route (bsc#1012628). - tools: selftests: add test for changing routes with PTMU exceptions (bsc#1012628). - net: fix pmtu check in nopmtudisc mode (bsc#1012628). - net: ip: always refragment ip defragmented packets (bsc#1012628). - chtls: Fix hardware tid leak (bsc#1012628). - chtls: Remove invalid set_tcb call (bsc#1012628). - chtls: Fix panic when route to peer not configured (bsc#1012628). - chtls: Avoid unnecessary freeing of oreq pointer (bsc#1012628). - chtls: Replace skb_dequeue with skb_peek (bsc#1012628). - chtls: Added a check to avoid NULL pointer dereference (bsc#1012628). - chtls: Fix chtls resources release sequence (bsc#1012628). - octeontx2-af: fix memory leak of lmac and lmac->name (bsc#1012628). - nexthop: Fix off-by-one error in error path (bsc#1012628). - nexthop: Unlink nexthop group entry in error path (bsc#1012628). - nexthop: Bounce NHA_GATEWAY in FDB nexthop groups (bsc#1012628). - s390/qeth: fix deadlock during recovery (bsc#1012628). - s390/qeth: fix locking for discipline setup / removal (bsc#1012628). - s390/qeth: fix L2 header access in qeth_l3_osa_features_check() (bsc#1012628). - net: dsa: lantiq_gswip: Exclude RMII from modes that report 1 GbE (bsc#1012628). - net/mlx5: Use port_num 1 instead of 0 when delete a RoCE address (bsc#1012628). - net/mlx5e: ethtool, Fix restriction of autoneg with 56G (bsc#1012628). - net/mlx5e: In skb build skip setting mark in switchdev mode (bsc#1012628). - net/mlx5: Check if lag is supported before creating one (bsc#1012628). - ionic: start queues before announcing link up (bsc#1012628). - HID: wacom: Fix memory leakage caused by kfifo_alloc (bsc#1012628). - fanotify: Fix sys_fanotify_mark() on native x86-32 (bsc#1012628). - ARM: OMAP2+: omap_device: fix idling of devices during probe (bsc#1012628). - i2c: sprd: use a specific timeout to avoid system hang up issue (bsc#1012628). - dmaengine: dw-edma: Fix use after free in dw_edma_alloc_chunk() (bsc#1012628). - selftests/bpf: Clarify build error if no vmlinux (bsc#1012628). - can: tcan4x5x: fix bittiming const, use common bittiming from m_can driver (bsc#1012628). - can: m_can: m_can_class_unregister(): remove erroneous m_can_clk_stop() (bsc#1012628). - can: kvaser_pciefd: select CONFIG_CRC32 (bsc#1012628). - spi: spi-geni-qcom: Fail new xfers if xfer/cancel/abort pending (bsc#1012628). - cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get() (bsc#1012628). - spi: spi-geni-qcom: Fix geni_spi_isr() NULL dereference in timeout case (bsc#1012628). - spi: stm32: FIFO threshold level - fix align packet size (bsc#1012628). - i2c: i801: Fix the i2c-mux gpiod_lookup_table not being properly terminated (bsc#1012628). - i2c: mediatek: Fix apdma and i2c hand-shake timeout (bsc#1012628). - bcache: set bcache device into read-only mode for BCH_FEATURE_INCOMPAT_OBSO_LARGE_BUCKET (bsc#1012628). - interconnect: imx: Add a missing of_node_put after of_device_is_available (bsc#1012628). - interconnect: qcom: fix rpmh link failures (bsc#1012628). - dmaengine: mediatek: mtk-hsdma: Fix a resource leak in the error handling path of the probe function (bsc#1012628). - dmaengine: milbeaut-xdmac: Fix a resource leak in the error handling path of the probe function (bsc#1012628). - dmaengine: xilinx_dma: check dma_async_device_register return value (bsc#1012628). - dmaengine: xilinx_dma: fix incompatible param warning in _child_probe() (bsc#1012628). - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (bsc#1012628). - arm64: mm: Fix ARCH_LOW_ADDRESS_LIMIT when !CONFIG_ZONE_DMA (bsc#1012628). - qed: select CONFIG_CRC32 (bsc#1012628). - phy: dp83640: select CONFIG_CRC32 (bsc#1012628). - wil6210: select CONFIG_CRC32 (bsc#1012628). - block: rsxx: select CONFIG_CRC32 (bsc#1012628). - lightnvm: select CONFIG_CRC32 (bsc#1012628). - zonefs: select CONFIG_CRC32 (bsc#1012628). - iommu/vt-d: Fix misuse of ALIGN in qi_flush_piotlb() (bsc#1012628). - iommu/intel: Fix memleak in intel_irq_remapping_alloc (bsc#1012628). - bpftool: Fix compilation failure for net.o with older glibc (bsc#1012628). - nvme-tcp: Fix possible race of io_work and direct send (bsc#1012628). - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups (bsc#1012628). - net/mlx5e: Fix two double free cases (bsc#1012628). - regmap: debugfs: Fix a memory leak when calling regmap_attach_dev (bsc#1012628). - wan: ds26522: select CONFIG_BITREVERSE (bsc#1012628). - arm64: cpufeature: remove non-exist CONFIG_KVM_ARM_HOST (bsc#1012628). - regulator: qcom-rpmh-regulator: correct hfsmps515 definition (bsc#1012628). - net: mvpp2: disable force link UP during port init procedure (bsc#1012628). - drm/i915/dp: Track pm_qos per connector (bsc#1012628). - net: mvneta: fix error message when MTU too large for XDP (bsc#1012628). - selftests: fib_nexthops: Fix wrong mausezahn invocation (bsc#1012628). - KVM: arm64: Don't access PMCR_EL0 when no PMU is available (bsc#1012628). - xsk: Fix race in SKB mode transmit with shared cq (bsc#1012628). - xsk: Rollback reservation at NETDEV_TX_BUSY (bsc#1012628). - block/rnbd-clt: avoid module unload race with close confirmation (bsc#1012628). - can: isotp: isotp_getname(): fix kernel information leak (bsc#1012628). - block: fix use-after-free in disk_part_iter_next (bsc#1012628). - net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet (bsc#1012628). - regmap: debugfs: Fix a reversed if statement in regmap_debugfs_init() (bsc#1012628). - tools headers UAPI: Sync linux/fscrypt.h with the kernel sources (bsc#1012628). - Update config files. - commit 8611168 ==== kinfocenter5 ==== Subpackages: kinfocenter5-lang - Add support for qml-autoreqprov ==== kscreen5 ==== Subpackages: kscreen5-lang kscreen5-plasmoid - Compatibility with qml-autoreqprov ==== kwin5 ==== Subpackages: kwin5-lang - Add compatibility with qml-autoreqprov ==== libblockdev ==== Version update (2.24 -> 2.25) Subpackages: libbd_btrfs2 libbd_crypto2 libbd_fs2 libbd_loop2 libbd_mdraid2 libbd_part2 libbd_swap2 libbd_utils2 libblockdev2 - update to 2.25: * exec: Fix polling for stdout and stderr * exec: Use non-blocking read and process the buffer manually * exec: Clarify the BDUtilsProgExtract callback documentation * tests: Add bufferbloat exec tests * tests: Add null-byte exec tests * lvm: Fix bd_lvm_vdopooldata_* symbols * exec: Fix setting locale for util calls * fs: Do not report error when errors were fixed by e2fsck * README: Use CI status image for 2.x-branch on 2.x * fs: Fix compile error in ext_repair caused by cherry pick from master * Mark all GIR file constants as guint64 * lvm: Set thin metadata limits to match limits LVM uses in lvcreate * lvm: Do not use thin_metadata_size to recommend thin metadata size * lvm: Use the UNUSED macro instead of __attribute__((unused)) * Fix max size limit for LVM thinpool metadata * loop: Retry LOOP_SET_STATUS64 on EAGAIN ==== libcap ==== Version update (2.44 -> 2.46) - update to 2.46: * The bulk of this release concerns fixes and improvements to libpsx * Fix the capsh == argument handling and add a test case * Added build support for systems that do not support libpthread * Added build support for not building shared libraries ==== libfido2 ==== Version update (1.5.0 -> 1.6.0) Subpackages: libfido2-1 libfido2-udev - Update to version 1.6.0: * Fix OpenSSL 1.0 and Cygwin builds. * hid_linux: fix build on 32-bit systems. * hid_osx: allow reads from spawned threads. * Documentation and reliability fixes. * New API calls: + fido_cred_authdata_raw_len; + fido_cred_authdata_raw_ptr; + fido_cred_sigcount; + fido_dev_get_uv_retry_count; + fido_dev_supports_credman. * Hardened Windows build. * Native FreeBSD and NetBSD support. * Use CTAP2 canonical CBOR when combining hmac-secret and credProtect. - Drop 7a17a4e9127fb6df6278f19396760e7d60a5862c.patch - Do not build examples as their build fails ==== libmbim ==== Version update (1.24.4 -> 1.24.6) Subpackages: libmbim-glib4 mbimcli-bash-completion - Update to version 1.24.6: * libmbim-glib,device: + Fixed a GSource use after free. + Avoid g_file_test() on NULL path. + Don't warn if descriptors file cannot be read. * Several other minor improvements and fixes. ==== libmwaw ==== Version update (0.3.16 -> 0.3.17) - update to 0.3.17: - add a parser for Jazz(Lotus) writer and spreasheet files + the writer parser can only be called if the file still contains its resource fork - add a parser for Canvas 3 and 3.5 files - AppleWorks parser: try to retrieve more Windows presentation - add a parser for Drawing Table files - add a parser for Canvas 2 files - configure.ac: add an enable-asan option - API: add new reserved enums in MWAWDocument.hxx MWAW_T_RESERVED10..MWAW_T_RESERVED29 and add a new define in libmwaw.hxx MWAW_INTERFACE_VERSION to check if these enums are defined ==== libodfgen ==== Version update (0.1.7 -> 0.1.8) - update to 0.1.8: + use libxml2 to parse xml's equations... + code modernization: use range-based for loop, use nullptr, fix too small loop variables, don't access static members through instance, + retrieve more border's attributes in tables, + retrieve draw:auto-grow-width,draw:fit-to-size,draw:z-index, style:print-content, style:shrink-to-fit attributes in graphics + output numbers with more precision, - Other improvements and fixes. ==== libqt5-qtconnectivity ==== Subpackages: libQt5Bluetooth5 libQt5Bluetooth5-imports libQt5Nfc5 libQt5Nfc5-imports libqt5-qtconnectivity-tools - Add compatibility with qml-autoreqprov ==== libqt5-qtmultimedia ==== - Add compatibility with qml-autoreqprov ==== libqt5-qtquickcontrols ==== - Add compatibility with qml-autoreqprov - Add patch to fix unfullfillable import: * fix-handle-deps.patch ==== libqt5-qtquickcontrols2 ==== Subpackages: libQt5QuickControls2-5 libQt5QuickTemplates2-5 - Add compatibility with qml-autoreqprov ==== libqt5-qtsensors ==== Subpackages: libQt5Sensors5 libQt5Sensors5-imports - Add compatibility with qml-autoreqprov ==== libqt5-qtwayland ==== Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5 - Add compatibility with qml-autoreqprov ==== libstorage-ng ==== Version update (4.3.82 -> 4.3.85) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#795 - per default join all action messages for compound actions - 4.3.85 - merge gh#openSUSE/libstorage-ng#794 - updated pot and po files - 4.3.84 - merge gh#openSUSE/libstorage-ng#793 - make the btrfs subvolume the target device for qgroup compound actions - 4.3.83 ==== libvirt ==== Version update (6.10.0 -> 7.0.0) Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - Update to libvirt 7.0.0 - jsc#SLE-15860 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html - Dropped patches: 0d05d51b-apparmor-lxc-fix.patch, cf4e7e62-lxc-def-secmodel.patch, 0ddebdb4-qemu-snapshot-deletion.patch ==== libxkbcommon ==== Subpackages: libxkbcommon-x11-0 libxkbcommon0 - Fix dependency of libxkbregistry-devel: the devel package must require the library libxkbregistry0. ==== lzip ==== Version update (1.21 -> 1.22) - update to 1.22: * Lzip now reports an error if a file name is empty (lzip -t ""). * Option '-o, --output' now behaves like '-c, --stdout', but sending the output unconditionally to a file instead of to standard output. * Lzip now does not even open the output file if the input file is a terminal. * Lzip can now be built, tested, and installed on systems lacking a 'make' program. (Feature suggested by Mohammad Akhlaghi). * The words 'decompressed' and 'compressed' have been replaced with the shorter 'out' and 'in' in the verbose output when decompressing or testing. * Option '--list' now reports corruption or truncation of the last header in a multimenber file specifically instead of showing the generic message "Last member in input file is truncated or corrupt." * The commands needed to extract files from a tar.lz archive have been documented in the manual, in the output of '--help', and in the man page. * Plzip and tarlz are mentioned in the manual as alternatives for multiprocessors. * Several fixes and improvements have been made to the manual. ==== milou5 ==== Subpackages: milou5-lang - Backport upstream MR to avoid unfullfillable qmlimport requires ==== mutt ==== Version update (2.0.4 -> 2.0.5) Subpackages: mutt-doc mutt-lang - mutt 2.0.5: * CVE-2021-3181: recipient parsing memory leak (boo#1181221) * fix other memory leak in IMAP code * Fix color overlay when HAVE_COLOR is unset ==== ncurses ==== Version update (6.2.20210109 -> 6.2.20210116) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Don't skip test for qemu builds - Add ncurses patch 20210116 + add comment for linux2.6 regarding CONFIG_CONSOLE_TRANSLATIONS (report by Patrick McDermott) -TD + make opts extension for getcchar work as documented for ncurses 6.1, adding "-g" flag to test/demo_new_pair to illustrate. ==== oath-toolkit ==== Version update (2.6.5 -> 2.6.6) - Update to version 2.6.6 * oathtool: Support for reading KEY and OTP from standard input or filename. KEY and OTP may now be given as '-' to mean stdin, or @FILE to read from a particular file. This is recommended on multi-user systems, since secrets as command line parameters leak. * pam_oath: Fix unlikely logic fail on out of memory conditions. ==== open-vm-tools ==== Version update (11.2.0 -> 11.2.5) Subpackages: libvmtools0 open-vm-tools-desktop - Update to 11.2.5 (build 17337674) (boo#1180997) + Resolved issues: - The SUSE specific vmtoolsd PAM configuration file incorrectly referenced pam_securetty.so. - The following issues and pull requests reported on https://github.com/vmware/open-vm-tools have been addressed: https://github.com/vmware/open-vm-tools/issues/467 https://github.com/vmware/open-vm-tools/issues/468 https://github.com/vmware/open-vm-tools/pull/469 - A number of Coverity reported errors and false positives have been addressed. - A complete list of the granular changes that are in the open-vm-tools 11.2.5 release is available at: https://github.com/vmware/open-vm-tools/blob/stable-11.2.5/open-vm-tools/Ch… - Update pam-vmtoolsd.patch: With the pam_securetty.so entry fixed, only need the modified Makefile.am portion of the patch which copies the suse file to the /etc/pam.d/vmtoolsd file rather than the default generic file. ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Add openssh-fix-ssh-copy-id.patch, which fixes breakage introduced in 8.4p1 (bsc#1181311). - Improve robustness of sshd init detection when upgrading from a pre-systemd distribution. - Add openssh-reenable-dh-group14-sha1-default.patch, which adds diffie-hellman-group14-sha1 key exchange back to the default list (bsc#1180958). This is needed for backwards compatibility with older platforms. - Make sure sshd is enabled correctly when upgrading from a pre-systemd distribution (bsc#1180083). ==== pango ==== Version update (1.48.0 -> 1.48.1) Subpackages: libpango-1_0-0 libpango-1_0-0-32bit typelib-1_0-Pango-1_0 - Update to version 1.48.1: + Fix itemization of multi-paragraph layouts. + Fix a few memory leaks. + Fix glyph origins in vertical layout. ==== plasma5-desktop ==== Subpackages: plasma5-desktop-emojier plasma5-desktop-lang - Add support for qml-autoreqprov ==== purple-rocketchat ==== Version update (0.0+git20201219 -> 0.0+git20210119) Subpackages: libpurple-plugin-rocketchat pidgin-plugin-rocketchat - Update to version 0.0+git20210219 (changes since 0.0+git20201219 * Fix an occasional crash when empty messages are sent by the server (boo#1180806) again ==== python-M2Crypto ==== - Dr. Strangelove or: How I Learned to Stop Worrying and Love pytest ==== python-SQLAlchemy ==== - Skip one failing test on Python 3.6 ==== python-libvirt-python ==== Version update (6.10.0 -> 7.0.0) - Update to 7.0.0 - Add all new APIs and constants in libvirt 7.0.0 - jsc#SLE-15860 ==== python-pyserial ==== Version update (3.4 -> 3.5) - update to version 3.5: New Features: [#411] Add a backend for Silicon Labs CP2110/4 HID-to-UART bridge. (depends on hid module) Improvements: [#315] Use absolute import everywhere [#354] Make ListPortInfo hashable [#372] threaded: "write" returns byte count [#400] Add bytesize and stopbits argument parser to tcp_serial_redirect [#408] loop: add out_waiting [#495] list_ports_linux: Correct "interface" property on Linux hosts [#500] Remove Python 3.2 and 3.3 from test [#261, #285, #296, #320, #333, #342, #356, #358, #389, #397, #510] doc updates miniterm: add CTRL+T Q as alternative to exit miniterm: suspend function key changed to CTRL-T Z add command line tool entries pyserial-miniterm (replaces miniterm.py) and pyserial-ports (runs serial.tools.list_ports). python -m serial opens miniterm (use w/o args and it will print port list too) [experimental] Bugfixes: [#371] Don't open port if self.port is not set while entering context manager [#437, #502] refactor: raise new instances for PortNotOpenError and SerialTimeoutException [#261, #263] list_ports: set default name attribute [#286] fix: compare only of the same type in list_ports_common.ListPortInfo rfc2217/close(): fix race-condition [#305] return b'' when connection closes on rfc2217 connection [#386] rfc2217/close(): fix race condition Fixed flush_input_buffer() for situations where the remote end has closed the socket. [#441] reset_input_buffer() can hang on sockets examples: port_publisher python 3 fixes [#324] miniterm: Fix miniterm constructor exit_character and menu_character [#326] miniterm: use exclusive access for native serial ports by default [#497] miniterm: fix double use of CTRL-T + s use z for suspend instead [#443, #444] examples: refactor wx example, use Bind to avoid deprecated warnings, IsChecked, unichr [#265] posix: fix PosixPollSerial with timeout=None and add cancel support [#290] option for low latency mode on linux [#335] Add support to xr-usb-serial ports [#494] posix: Don't catch the SerialException we just raised [#519] posix: Fix custom baud rate to not temporarily set 38400 baud rates on linux [#509 #518] list_ports: use hardcoded path to library on osx [#542] list_ports_osx: kIOMasterPortDefault no longer exported on Big Sur [#545, #545] list_ports_osx: getting USB info on BigSur/AppleSilicon ==== python-setuptools ==== - We cannot remove vendored packages when generating setuptools wheel (bsc#1177127). ==== python-sortedcontainers ==== - Remove NumPy, SciPy, and Matplotlib requirement. They are not used in the regular test suite. - no multibuild needed anymore ==== qemu ==== Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-ppc qemu-s390x qemu-seabios qemu-sgabios qemu-skiboot qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-vhost-user-gpu qemu-x86 - Fix issue of qemu crashing (abort called) when virtio-gpu device is asked for and the qemu-hw-display-virtio-gpu package isn't installed. (bsc#1181103) module-for-virtio-gpu-pre-load-module-to.patch - Add additional inter-module package dependencies, to reflect the current module dependencies (see qemu source file: util/module.c) - As of v3.1.0 virt-manager, new VM's are created by default with audio/sound enabled, so it's time to reflect the need, at least in the spice case, by having spice-audio available when spice in general is used (boo#1180210 boo#1181132) - Further refine package Recommends/Suggests based on architecture - Remove no longer needed dependency on pwdutils (boo#1181235) ==== rng-tools ==== Version update (6.10 -> 6.11) - update to 6.11: * Some CI/CD fixes in travis pipeline * Fix detection of duplicate pulses in nist source * Fix --with-rtlsdr option in configure * Clean up some debug statements that were erroneously left in place * Fix error in systemd unit file * Fix buffer overflow in rtlsdr entropy source * Fixed darn source rekeying * Fix various pipe read issues in jitter source * Fix listing of rtlsdr options * Misc Documentation fixes * Fix a broken FIPS 140-2 corner case test * Misc cleanups * Addd aes mangling to nist source * Improve nist performance with opportunistic use of CLOCK_MONOTONIC_COARSE * Add forced reseeding of kernel entropy pool ==== rubygem-asciidoctor ==== Version update (2.0.10 -> 2.0.12) updated to version 2.0.12 see installed CHANGELOG.adoc ==== rubygem-parallel ==== Version update (1.19.2 -> 1.20.1) updated to version 1.20.1 no changelog found ==== rubygem-parallel_tests ==== Version update (3.3.0 -> 3.4.0) updated to version 3.4.0 no changelog found ==== rubygem-parser ==== Version update (2.7.1.5 -> 3.0.0.0) updated to version 3.0.0.0 v3.0.0.0 (2020-12-25) - -------------------- API modifications: * current.rb: bump default branch to parser/ruby30. (#782) (Ilya Bylich) * do not emit truncated parts of squiggly heredoc (#774) (Ilya Bylich) * Optimize `SourceBuffer` line and column handling (#755) (Marc-André Lafortune) Features implemented: * ruby30.y: reintroduce `expr in pat` (#777) (Ilya Bylich) * builder: emit implicit hash passed to a method call as kwargs (#769) (Ilya Bylich) * lexer.rl: use more specific warning for ambiguous slash. (#768) (Ilya Bylich) * ruby30.y: allow endless method without arglist. (#765) (Ilya Bylich) * ruby30.y: use `=>` for one-line pattern matching. (#760) (Ilya Bylich) * ruby30.y: reject setters in all endless method defs. (#758) (Ilya Bylich) Bugs fixed: * lexer.rl: don't perform lookahead after tASSOC. (#764) (Ilya Bylich) v2.7.2.0 (2020-10-06) API modifications: * Bump 2.7 branch to 2.7.2 (#748) (Koichi ITO) ==== rubygem-rspec ==== Version update (3.9.0 -> 3.10.0) updated to version 3.10.0 no changelog found ==== rubygem-rspec-core ==== Version update (3.9.2 -> 3.10.1) - updated to version 3.10.1 [Full Changelog](http://github.com/rspec/rspec-core/compare/v3.10.0...v3.10.1) Bug fixes: * RSpec warning output was missing deprecations from Ruby, these are now included. (Jon Rowe, #2811) - updated to version 3.10.0 [Full Changelog](http://github.com/rspec/rspec-core/compare/v3.9.3...v3.10.0) Enhancements: * Memoize `RSpec::Core::Formatters::ExceptionPresenter#exception_lines` to improve performance with slow exception messages. (Maxime Lapointe, #2743) * Add configuration for an error exit code (to disambiguate errored builds from failed builds by exit status). (Dana Sherson, #2749) ==== rubygem-rspec-expectations ==== Version update (3.9.2 -> 3.10.1) - updated to version 3.10.1 [Full Changelog](http://github.com/rspec/rspec-expectations/compare/v3.10.0...v3.… Bug Fixes: * Allow JRuby 9.2.x.x to generate backtraces normally rather than via our backfill workaround. (#1230, Jon Rowe) - updated to version 3.10.0 [Full Changelog](http://github.com/rspec/rspec-expectations/compare/v3.9.3...v3.1… Enhancements: * Allow `include` matcher to be chained with `once`, `at_least`, etc. for simple cases. (Marc-André Lafortune, #1168) * Add an explicit warning when `nil` is passed to `raise_error`. (Phil Pirozhkov, #1143) * Improve `include` matcher's composability. (Phil Pirozhkov, #1155) * Mocks expectations can now set a custom failure message. (Benoit Tigeot and Nicolas Zermati, #1156) * `aggregate_failures` now shows the backtrace line for each failure. (Fabricio Bedin, #1163) * Support multiple combinations of `yield_control` modifiers like `at_least`, `at_most`. (Jon Rowe, #1169) * Dynamic `have_<n>` matchers now have output consistent with other dynamic matchers. (Marc-André Lafortune, #1195) * New config option `strict_predicate_matchers` allows predicate matcher to be strict (i.e. match for `true` or `false`) instead of the default (match truthy vs `false` or `nil`). (Marc-André Lafortune, #1196) ==== rubygem-rspec-mocks ==== Version update (3.9.1 -> 3.10.1) - updated to version 3.10.1 [Full Changelog](http://github.com/rspec/rspec-mocks/compare/v3.10.0...v3.10.1) Bug Fixes: * Issue `ArgumentError` rather than `TypeError` when unsupported methods on unsupported objects are attempted to be stubbed. (@zhisme, #1357) - updated to version 3.10.0 [Full Changelog](http://github.com/rspec/rspec-mocks/compare/v3.9.1...v3.10.0) Enhancements: * Add the ability to set a custom error generator in `MessageExpectation`. This will allow rspec-expectations to inject a custom failure message. (Benoit Tigeot and Nicolas Zermati, #1312) * Return the result of the block passed to `RSpec::Mocks.with_temporary_scope` when block run. (@expeehaa, #1329) ==== rubygem-rspec-rails ==== Version update (4.0.1 -> 4.0.2) - updated to version 4.0.2 * no changelog for this version found ==== rubygem-rspec-support ==== Version update (3.9.3 -> 3.10.1) - updated to version 3.10.1 [Full Changelog](http://github.com/rspec/rspec-support/compare/v3.10.0...v3.10.1) Bug Fixes: * Fix deprecation expectations to fail correctly when asserting on messages. (Phil Pirozhkov, #453) - updated to version 3.10.0 No changes. Released to support other RSpec releases. ==== rubygem-rubocop ==== Version update (1.7.0 -> 1.8.1) updated to version 1.8.1 no changelog found - New upstream release 1.8.0 [#]## New features * [#9324](https://github.com/rubocop-hq/rubocop/pull/9324): Add new `Lint/DeprecatedConstants` cop. ([@koic][]) * [#9319](https://github.com/rubocop-hq/rubocop/pull/9319): Support asdf's .tool-versions file. ([@noon-ng][]) * [#9301](https://github.com/rubocop-hq/rubocop/pull/9301): Add new `Lint/RedundantDirGlobSort` cop. ([@koic][]) * [#9281](https://github.com/rubocop-hq/rubocop/pull/9281): Add new cop `Style/EndlessMethod`. ([@dvandersluis][]) [#]## Bug fixes * [#9298](https://github.com/rubocop-hq/rubocop/issues/9298): Fix an incorrect auto-correct for `Lint/RedundantCopDisableDirective` when there is a blank line before inline comment. ([@koic][]) * [#9233](https://github.com/rubocop-hq/rubocop/issues/9233): Fix `Style/SoleNestedConditional` copying non-relevant comments during auto-correction. ([@Darhazer][]) * [#9312](https://github.com/rubocop-hq/rubocop/issues/9312): Fix `Layout/FirstHashElementLineBreak` to apply to multi-line hashes with only a single element. ([@muirdm][]) * [#9316](https://github.com/rubocop-hq/rubocop/issues/9316): Fix `Style/EmptyLiteral` registering wrong offense when using a numbered block for Hash.new, i.e. `Hash.new { _1[_2] = [] }`. ([@agargiulo][]) * [#9308](https://github.com/rubocop-hq/rubocop/issues/9308): Fix an error for `Layout/EmptyLineBetweenDefs` when using endless class method. ([@koic][]) * [#9314](https://github.com/rubocop-hq/rubocop/issues/9314): Fix an incorrect auto-correct for `Style/RedundantReturn` when multiple return values have a parenthesized return value. ([@koic][]) * [#9335](https://github.com/rubocop-hq/rubocop/issues/9335): Fix an incorrect auto-correct for `EnforcedStyle: require_parentheses` of `Style/MethodCallWithArgsParentheses` with `Style/NestedParenthesizedCalls`. ([@koic][]) * [#9290](https://github.com/rubocop-hq/rubocop/issues/9290): Fix a false positive for `Layout/SpaceBeforeBrackets` when using array literal method argument. ([@koic][]) * [#9333](https://github.com/rubocop-hq/rubocop/issues/9333): Fix an error for `Style/IfInsideElse` when using a modifier `if` nested inside an `else` after `elsif`. ([@koic][]) * [#9303](https://github.com/rubocop-hq/rubocop/issues/9303): Fix an incorrect auto-correct for `Style/RaiseArgs` with `EnforcedStyle: compact` when using exception instantiation argument. ([@koic][]) [#]## Changes * [#9300](https://github.com/rubocop-hq/rubocop/pull/9300): Make `Lint/NonDeterministicRequireOrder` not to register offense when using Ruby 3.0 or higher. ([@koic][]) * [#9320](https://github.com/rubocop-hq/rubocop/pull/9320): Support unicode-display_width v2. ([@dduugg][]) * [#9288](https://github.com/rubocop-hq/rubocop/pull/9288): Require Parser 3.0.0.0 or higher. ([@koic][]) * [#9337](https://github.com/rubocop-hq/rubocop/issues/9337): Add `AllowedIdentifiers` to `Naming/VariableName`. ([@dvandersluis][]) * [#9295](https://github.com/rubocop-hq/rubocop/pull/9295): Update `Style/SingleLineMethods` to correct to an endless method definition if they are allowed. ([@dvandersluis][]) * [#9331](https://github.com/rubocop-hq/rubocop/pull/9331): Mark `Style/MutableConstant` as unsafe. ([@koic][]) [@koic]: https://github.com/koic [@noon-ng]: https://github.com/noon-ng [@dvandersluis]: https://github.com/dvandersluis [@Darhazer]: https://github.com/Darhazer [@muirdm]: https://github.com/muirdm [@agargiulo]: https://github.com/agargiulo [@dduugg]: https://github.com/dduugg ==== rubygem-simpleidn ==== Version update (0.1.1 -> 0.2.1) updated to version 0.2.1 no changelog found ==== shared-mime-info ==== Version update (2.0 -> 2.1) Subpackages: shared-mime-info-lang - update to 2.1: * New maintainers: David Faure and Ville Skyttä * Adapt to xdgmime behaviour change: in case of multiple glob matches, and the magic match is unrelated to all of them, ignore the magic and pick one of the glob matches. xdgmime was actually deviating from the spec on this. (#138) * Improve text/vnd.trolltech.linguist magic to reduce false positives for MPEG TS files (#10) * audio/mpeg: add layer 2, 2.5, and 1 protected magics (#46) * Add many aliases for image/x-tga * audio/x-mod: improve magic for 669 Composer files (#144) * Add mime-type image/ktx2 (Khronos image texture format version 2) * application/oxps: differentiate from /vnd.ms-xpsdocument * Make image/g3fax the canonical name for image/fax-g3 * Make text/vnd.trolltech.linguist the canonical name for text/vnd.qt.linguist * Make application/vnd.smaf the canonical name for application/x-smaf * Make application/vnd.apple.keynote the canonical name for application/x-iwork-keynote-sffkey * Add mime-type image/astc (Adaptive Scalable Texture Compression files) * Add mime-type for SageMath script files (*.sage) * Add mime-type for Kaitai Struct * Remove application/x-dc-rom * Add mime-type for MAME compressed hard disk image (application/x-mame-chd) * Add mime-types application/nintendo-3ds-executable, application/x-nintendo-3ds-rom * Add mime-types application/x-dreamcast-rom, application/x-gd-rom-cue, application/x-discjuggler-cd-image * Add mime-type application/x-compressed-iso (*.cso) * Remove image/avif-sequence * Fix application/x-sharedlib vs application/x-executable confusion for PIE executables (#11) - drop smi-Fix-pkg-config-installation-path.patch (obsolete) ==== skopeo ==== Version update (1.1.1 -> 1.2.1) - Update to version 1.2.1: * Bump to v1.2.1 * Update nix pin with `make nixpkgs` * Add a smoke test for signedIdentity:remapIdentity * Split copyWithSignedIdentity from TestCopyVerifyingMirroredSignatures * integration test: sync k8s.gcr.io/pause instead of docker.io/alpine * integration test: use fedora-minimal for most manifest list tests * Update vendor of containers/common and containers/storage * Fix reading the after-sync list of tags in SyncSuite.TestYamlUntagged * Bump github.com/containers/common from 0.31.1 to 0.31.2 ==== sord ==== Version update (0.16.6 -> 0.16.8) - update to 0.16.8: * Clean up code * Fix potential undefined behavior * Fix potentially incorrect search results * Remove the need for a generated configuration header ==== systemsettings5 ==== Subpackages: systemsettings5-lang - Add QML provides ==== tar ==== Version update (1.32 -> 1.33) Subpackages: tar-lang tar-rmt - GNU tar 1.33: * POSIX extended format headers do not include PID by default * --delay-directory-restore works for archives with reversed member ordering * Fix extraction of a symbolic link hardlinked to another symbolic link * Wildcards in exclude-vcs-ignore mode don't match slash * Fix the --no-overwrite-dir option * Fix handling of chained renames in incremental backups * Link counting works for file names supplied with -T * Accept only position-sensitive (file-selection) options in file list files - remove deprecated texinfo packaging macros ==== texlive-specs-n ==== Version update (2020.176.2.004svn48145 -> 2020.177.2.004svn48145) - Enhance latexmk configuration, that is add a systemwide configuration below /etc/texmf/latexmk/ as latexmk.conf (boo#1180789) For this add patch latexmk_conf.dif ==== vorbis-tools ==== Version update (1.4.0 -> 1.4.2) Subpackages: vorbis-tools-lang - update to 1.4.2: * Cleanup of the build system * Code cleanup * Removed outdated debian/, and vorbis-tools.spec * Updated po/ to reflect new code positions * ogg123, ogginfo: Added support to decode METADATA_BLOCK_PICTURE * ogginfo: Added support for decoding Skeleton - drop oggenc-Fix-large-alloca-on-bad-AIFF-input.patch, vcut-fix-segfault.diff, vorbis-tools-oggenc-CVE-2014-9639.patch, vorbis-tools-r19117-CVE-2014-9640.patch, warning-fixes.diff: merged upstream ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Add webkit-font-scaling.patch: Fix system font scaling not applied to 'font-size: XXXpt'; patch taken from upstream and rebased to apply cleanly (https://bugs.webkit.org/show_bug.cgi?id=218450). - Pass `-q` to setup to disable printing long list of files extracted from source tarball. ==== wireshark ==== Subpackages: libwireshark14 libwiretap11 libwsutil12 wireshark-ui-qt - Disable ITU G.729 Annex A/B speech codec for SUSE based distros, but keep enabled for openSUSE. ==== xdg-desktop-portal-kde ==== Subpackages: xdg-desktop-portal-kde-lang - Add compatibility with qml-autoreqprov ==== xdg-utils ==== - Move call-browser and desktop-launch symlink from desktop-data-openSUSE/SLE to xdg-utils (bsc#170316). ==== xen ==== Version update (4.14.1_05 -> 4.14.1_08) Subpackages: xen-libs xen-tools xen-tools-domU - bsc#1181254 - VUL-0: xen: IRQ vector leak on x86 (XSA-360) xsa360.patch - bsc#1180794 - bogus qemu binary path used when creating fv guest under xen xen.spec - bsc#1180690 - L3-Question: xen: no needsreboot flag set Add Provides: installhint(reboot-needed) in xen.spec for libzypp ==== xfce4-genmon-plugin ==== Version update (4.1.0 -> 4.1.1) Subpackages: xfce4-genmon-plugin-lang - Update to version 4.1.1 * Update configure.ac.in syntax * Add help button to configuration dialog * Add filechooser dialog option to select command * Add new genmon icon * Remove GSourceFunc casts * update prototype of UpdateConf * Set labels to center justify by default * Translation updates ==== xfce4-whiskermenu-plugin ==== Version update (2.5.2 -> 2.5.3) Subpackages: xfce4-whiskermenu-plugin-lang - Update to version 2.5.3 * Fix invalid command expansion with Xfce 4.14 (bxo#panel-plugins/xfce4-whiskermenu-plugin#39) * Translation updates ==== xfsprogs ==== Version update (5.9.0 -> 5.10.0) Subpackages: libhandle1 xfsprogs-scrub - update to 5.10.0: - xfs_repair: remove old code for mountpoint inodes - xfsprogs: Add inode btree counter feature - xfsprogs: Add bigtime feature for Y2038 - xfsprogs: Polish translation update - mkfs.xfs: Add config file feature - mkfs.xfs: allow users to specify rtinherit=0 - xfs_repair: simplify bmap_next_offset - man: various manpage updates - libxfs: remove some old dead code - libxfs: add realtime extent tracking - libxfs changes merged from kernel 5.10 - refresh 0001-repair-shift-inode-back-into-place-if-corrupted-by-b.patch against libxfs changes ==== yast2-bootloader ==== Version update (4.3.17 -> 4.3.18) - Fix unit tests (bsc#1181175). - 4.3.18 ==== yast2-storage-ng ==== Version update (4.3.37 -> 4.3.40) - Partitioner: fix typo calling to popup (bsc#1181348). - 4.3.40 - Partitioner: show used devices for MD BIOS RAID (bsc#1181300). - 4.3.39 - Partitioner: properly set subvolume limit when creating a new subvolume (bsc#1181205). - 4.3.38

9 15

New Tumbleweed snapshot 20210130 released!
by Dominique Leuenberger 31 Jan '21

31 Jan '21

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MozillaFirefox (84.0.2 -> 85.0) MozillaThunderbird (78.6.1 -> 78.7.0) PackageKit bind (9.16.10 -> 9.16.11) bluez crash discount (2.2.4 -> 2.2.6) dolphin emacs evince (3.38.0 -> 3.38.1) fftw3 (3.3.8 -> 3.3.9) flatpak (1.10.0 -> 1.10.1) guile hwinfo (21.71 -> 21.72) icewm (2.0.0 -> 2.1.1) isl kcompletion kernel-firmware (20201218 -> 20210119) libgpg-error (1.39 -> 1.41) libgpod llvm11 mcelog (173 -> 175) mozilla-nss (3.59.1 -> 3.60.1) mozjs78 (78.6.1 -> 78.7.0) open-iscsi p11-kit (0.23.20 -> 0.23.22) patterns-base perl-Net-SSLeay (1.88 -> 1.90) python-kiwi (9.22.1 -> 9.23.5) qemu ruby-common ruby3.0 sendmail soundtouch (2.1.2 -> 2.2) sqlite3 (3.34.0 -> 3.34.1) upower virt-manager webkit2gtk3 yast2-bootloader (4.3.18 -> 4.3.20) === Details === ==== MozillaFirefox ==== Version update (84.0.2 -> 85.0) Subpackages: MozillaFirefox-translations-common - Mozilla Firefox 85.0 * Adobe Flash is completely history * supercookie protection * new bookmark handling and features MFSA 2021-03 (bsc#1181414) * CVE-2021-23953 (bmo#1683940) Cross-origin information leakage via redirected PDF requests * CVE-2021-23954 (bmo#1684020) Type confusion when using logical assignment operators in JavaScript switch statements * CVE-2021-23955 (bmo#1684837) Clickjacking across tabs through misusing requestPointerLock * CVE-2021-23956 (bmo#1338637) File picker dialog could have been used to disclose a complete directory * CVE-2021-23957 (bmo#1584582) Iframe sandbox could have been bypassed on Android via the intent URL scheme * CVE-2021-23958 (bmo#1642747) Screen sharing permission leaked across tabs * CVE-2021-23959 (bmo#1659035) Cross-Site Scripting in error pages on Firefox for Android * CVE-2021-23960 (bmo#1675755) Use-after-poison for incorrectly redeclared JavaScript variables during GC * CVE-2021-23961 (bmo#1677940) More internal network hosts could have been probed by a malicious webpage * CVE-2021-23962 (bmo#1677194) Use-after-poison in <code>nsTreeBodyFrame::RowCountChanged</code> * CVE-2021-23963 (bmo#1680793) Permission prompt inaccessible after asking for additional permissions * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526, bmo#1674278, bmo#1674835, bmo#1675097, bmo#1675844, bmo#1675868, bmo#1677590, bmo#1677888, bmo#1680410, bmo#1681268, bmo#1682068, bmo#1682938, bmo#1683736, bmo#1685260, bmo#1685925) Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7 * CVE-2021-23965 (bmo#1670378, bmo#1673555, bmo#1676812, bmo#1678582, bmo#1684497) Memory safety bugs fixed in Firefox 85 - requires NSS 3.60.1 - requires rust 1.47 - remove obsolete mozilla-pipewire-0-3.patch ==== MozillaThunderbird ==== Version update (78.6.1 -> 78.7.0) Subpackages: MozillaThunderbird-translations-common - Mozilla Thunderbird 78.7.0 MFSA 2021-05 (bsc#1181414) * CVE-2021-23953 (bmo#1683940) Cross-origin information leakage via redirected PDF requests * CVE-2021-23954 (bmo#1684020) Type confusion when using logical assignment operators in JavaScript switch statements * CVE-2020-15685 (bmo#1622640) IMAP Response Injection when using STARTTLS * CVE-2020-26976 (bmo#1674343) HTTPS pages could have been intercepted by a registered service worker when they should not have been * CVE-2021-23960 (bmo#1675755) Use-after-poison for incorrectly redeclared JavaScript variables during GC * CVE-2021-23964 (bmo#1662507, bmo#1666285, bmo#1673526, bmo#1674278, bmo#1674835, bmo#1675097, bmo#1675844, bmo#1675868, bmo#1677590, bmo#1677888, bmo#1680410, bmo#1681268, bmo#1682068, bmo#1682938, bmo#1683736, bmo#1685260, bmo#1685925) Memory safety bugs fixed in Thunderbird 78.7 - MozillaThunderbird.spec: Don't abuse BUILDROOT during %build as newer rpm versions in TW remove everything there as the first action of %install ==== PackageKit ==== Subpackages: PackageKit-backend-zypp PackageKit-gstreamer-plugin PackageKit-gtk3-module PackageKit-lang libpackagekit-glib2-18 typelib-1_0-PackageKitGlib-1_0 - Do not build cnf: scout-c-n-f is still pending, having PK-cnf obsolete cnf is unacceptable. - Add PackageKit-zypp-reset-update-mode-after-get-updates.patch: zypp: Reset update mode after getting updates (gh#hughsie/PackageKit/commit#b208f551, bsc#1180150). - Build command-not-found by default ==== bind ==== Version update (9.16.10 -> 9.16.11) Subpackages: bind-doc bind-utils libbind9-1600 libirs1601 libisccc1600 python3-bind - Upgrade to version 9.16.11 * Bug fixing (please check CHANGES file in the source RPM) * Functional change: policy none;", named now permits a safe transition to insecure mode and publishes the CDS and CDNSKEY DELETE records, as described in RFC 8078. Remove useless Makefiles and Makefile skeleton files in /usr/share/doc/packages/bind/contrib/ [bind.spec, bsc#1179040] * ** MAJOR CHANGE *** Changed protection of/against "named" from chroot jail to systemd protection. This obsoletes subpackage named-chrootenv. Kudos to Matthias Gerstner <matthias.gerstner(a)suse.com> [bind.spec, bind-chrootenv.conf, vendor-files.tar.bz2, bsc#1180294] ==== bluez ==== Subpackages: libbluetooth3 - add bluez-test-2to3.diff to get rid of python2 dependency ==== crash ==== - Added crash-xen-increase-__physical_mask_shift_xen-to-52.patch (bsc#1177050) ==== discount ==== Version update (2.2.4 -> 2.2.6) - Update to version 2.2.6: * No changelog provided - Drop no longer needed discount-fix-compile-warings.diff ==== dolphin ==== Subpackages: dolphin-part dolphin-part-lang libdolphinvcs5 - Add upstream patch to properly show the network button in the URL navigator (kde#431626): - 0001-Show-button-to-open-knetattach-inline-with-URL-nav-o.patch - Refreshed patches: - 0001-Update-cached-viewContainer-geometry-every-time-they.patch ==== emacs ==== Subpackages: emacs-info emacs-nox emacs-x11 etags - Replace system-user-games with user(games): be resilient to package name changes. ==== evince ==== Version update (3.38.0 -> 3.38.1) Subpackages: evince-lang evince-plugin-comicsdocument evince-plugin-djvudocument evince-plugin-dvidocument evince-plugin-pdfdocument evince-plugin-tiffdocument evince-plugin-xpsdocument libevdocument3-4 libevview3-3 nautilus-evince typelib-1_0-EvinceDocument-3_0 typelib-1_0-EvinceView-3_0 - Update to version 3.38.1: + Make Esc cancel any annotation in progress. + Remove ability to launch actions. + Unescape tooltip URI in Recent Documents view. + Fix X11 regression. + Text search if match not in page keep looking for others. + Updated translations. ==== fftw3 ==== Version update (3.3.8 -> 3.3.9) Subpackages: libfftw3-3 libfftw3_threads3 - update to 3.3.9: * New API fftw_planner_nthreads() returns the number of threads currently being used by the planner. * Fix incorrect math in 128-bit generic SIMD * Fix wisdom for avx512. The avx512 alignment requirement was set to 64 bytes, but this is wrong. Alignment requirements are a property of the platform (e.g., x86) and not of the instruction set (e.g., AVX). Among other things, this broke wisdom with avx512. Note that avx512 support is still experimental because the FFTW authors have no avx512 hardware available for testing. * fftw_threads_set_callback function to change the threading backend at runtime. ==== flatpak ==== Version update (1.10.0 -> 1.10.1) Subpackages: libflatpak0 system-user-flatpak - Flatpak only requires glib 2.44, not 2.60 - Update ostree version required to 2020.8 - Update to version 1.10.1: + Fix flatpak build on systems with setuid bwrap + Fix some compiler warnings + Fix crash on updating apps with no deploy data + Updated translations. - Remove deprecated texinfo packaging macros. - Switch to upstream release tarball. ==== guile ==== Subpackages: guile-modules-3_0 libguile-3_0-1 - Skip test-stack-overflow on qemu builds ==== hwinfo ==== Version update (21.71 -> 21.72) - merge gh#openSUSE/hwinfo#92 - improve getting video mode info (bsc#1181101) - try harder to break out of infinite I/O loops - 21.72 ==== icewm ==== Version update (2.0.0 -> 2.1.1) Subpackages: icewm-config-upstream icewm-default icewm-lang icewm-lite - Update to 2.1.1 * Fix issue #542 for texturing background of task pane. * Don't unarm menu popup buttons for issue #527. * Provide drawable context when creating pixmap cursors with Imlib2 for issue #541. - from version 2.1.0 * Remember whether a window is maximized, when going fullscreen, and restore * back to maximized, when leaving fullscreen, for issues #538 and #533. * Disarm workspace buttons on release of left mouse button for issue #527. * Restore icesh setTrayOption and getTrayOption for issue #537. * Make support for "_NET_WM_FULLSCREEN_MONITORS" more EWMH conformant. * Add "monitors", "frame", "properties" commands to icesh. * Make preference FullscreenUseAllMonitors use only all the monitors. * Prevent desktop artefacts for non-opaque move and resize to fix issue #540. * Option to move the ShowDesktop button to the right side. * Alt-F4 in quick-switch closes application window. - from version 2.0.1 * Update translations for Japanese, Czech, Dutch, Catalan, Portuguese, Slovak, Portuguese (Brazil), Indonesian. * Handle horizontal scroll keys in window list window. * Search for icewm icon for internal windows. * Fix setting option values for issue #535. * Allow to set QuickSwitch background opacity for issue #534. * Set the window ID in WM_STATE when iconifying to desktop. * Reset horizontal scrolling in the window list for Home and End. * Add IceVM explanation to README for issue #35. * Update the TODO list for icon_pixmap and icon_window fields. * Fix spelling of Gerenciador for pt_BR. ==== isl ==== - Compile with %optflags ==== kcompletion ==== Subpackages: libKF5Completion5 libKF5Completion5-lang - Add upstream patch to fix Okular search bar no longer closed when pressing ESC (kde#431493): * 0001-Fix-regression-caused-due-to-porting-from-operator-t.patch ==== kernel-firmware ==== Version update (20201218 -> 20210119) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20210119 (git commit 05789708b79b): * brcm: Link RPi4's WiFi firmware with DMI machine name. * brcm: Add NVRAM for Vamrs 96boards Rock960 * brcm: Update Raspberry Pi 3B+/4B NVRAM for downstream changes * cypress: Fix link direction * cypress: Link the new cypress firmware to the old brcm files * brcm: remove old brcm firmwares that have newer cypress variants * rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x059A_25CB * rtl_bt: Update RTL8822C BT(USB I/F) FW to 0x099a_7253 * rtl_bt: Add firmware and config files for RTL8852A BT USB chip * rtl_bt: Update RTL8821C BT(USB I/F) FW to 0x829a_7644 - Fix install-split.sh to deal with the quoted spaces - Update aliases ==== libgpg-error ==== Version update (1.39 -> 1.41) Subpackages: libgpg-error0 libgpg-error0-32bit - update to 1.41: * Fixes another glitch in the "ignore" meta command. * Fixes two typos in the German translation. * New function gpgrt_access. * Make "ignore" meta command work correctly in the option parser. * Interface changes relative to the 1.39 release: gpgrt_access NEW. ==== libgpod ==== Subpackages: libgpod-lang libgpod-tools libgpod4 - Use libplist-2.0 on Tumbleweed: libgpod-Use-libplist-2.0.patch ==== llvm11 ==== Subpackages: clang-tools clang11 clang11-doc libLLVM11 libLTO11 libc++-devel libc++1 libc++abi-devel libc++abi1 libclang11 - Revert changes that broke the ABI (boo#1181326). * Sema-Introduce-BuiltinAttr-per-declaration-builtin-n.patch * Sema-Handle-objc_super-special-lookup-when-checking-.patch * Recognize-setjmp-and-friends-as-builtins-even-if-jmp.patch * Don-t-reject-calls-to-MinGW-s-unusual-_setjmp-declar.patch ==== mcelog ==== Version update (173 -> 175) - Update to version 175 (jsc#SLE-14450): * mcelog: Add a test case to test page error counter replacement. * mcelog: Use 'num-errors' to specify the number of mce records to be injected. * mcelog: Report how often the replacement of page CE counter happened * mcelog: Limit memory consumption for counting CEs per page * mcelog: Add support for Sapphirerapids server. (jsc#SLE-14450) * mcelog: i10nm: Fix mapping from bank number to functional unit - Only refreshing patches, due to tarball modifications: M Start-consolidating-AMD-specific-stuff.patch M add-f10h-support.patch M add-f11h-support.patch M add-f12h-support.patch M add-f14h-support.patch M add-f15h-support.patch M add-f16h-support.patch M email.patch M fix_setgroups_missing_call.patch M mcelog_invert_prefill_db_warning.patch ==== mozilla-nss ==== Version update (3.59.1 -> 3.60.1) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools - update to NSS 3.60.1 Notable changes in NSS 3.60: * TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support has been added, replacing the previous ESNI (draft-ietf-tls-esni-01) implementation. See bmo#1654332 for more information. * December 2020 batch of Root CA changes, builtins library updated to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769 for more information. - removed obsolete ppc-old-abi-v3.patch ==== mozjs78 ==== Version update (78.6.1 -> 78.7.0) - Update to version 78.7.0esr. ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Update to latest upstream (no new tag yet). To fix bsc#1181313. Changes since last update added to open-iscsi-SUSE-latest.diff.bz2: * Fix iscsiadm segfault when exiting * iscsid: Add NO_SYSTEMD to CFLAGS * Change mkdir permissions to 0770, adjust usmask * Fix typo in util.py * iscsid: Do not allow conflicting pid-file options * iscsiadm: Fix memory leak in iscsiadm * libopeniscsiusr: Fix memory leak in iscsi_sessions_get() * libopeniscsiusr: Fix memory leak in iscsi_nodes_get() * idbm: Fix memory leak and NULL pointer dereference in idbm_rec_update_param() * Add etc/systemd/iscsi-init.service to SYSTEMDFILES Makefile variable ==== p11-kit ==== Version update (0.23.20 -> 0.23.22) Subpackages: libp11-kit0 libp11-kit0-32bit p11-kit-tools - update to 0.23.22 (bsc#1180064, bsc#1180065, bsc#1180066): * Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook * anchor: Prefer persistent format when storing anchor [PR#329] * common: Fix infloop in p11_path_build [PR#326, PR#327] * proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [PR#325] * common: Check for a NULL locale before freeing it [PR#321] * proxy: Do not assign duplicate slot IDs [PR#282] * common: Get program name based on executable path if possible [PR#307] * anchor: Exit with non-zero code, if any error occurs [PR#304] * Build and test fixes ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-documentation patterns-base-enhanced_base patterns-base-minimal_base patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced - bootloader pattern should not require a base pattern ==== perl-Net-SSLeay ==== Version update (1.88 -> 1.90) - update to 1.90: - New stable release incorporating all changes from developer releases 1.89_01 to 1.89_05. - Summary of major changes since version 1.88: - Formalised libssl version support policy: all stable versions of OpenSSL in the 0.9.8 - 1.1.1 branches (with the exception of 0.9.8 - 0.9.8b) and all stable releases of LibreSSL in the 2.0 - 3.1 series are supported. The LibreSSL 3.2 series is not yet fully supported because its TLSv1.3 implementation is not currently libssl-compatible. - Added support for LibreSSL on Windows when built with Visual C++. - Exposed P_X509_CRL_add_extensions, several SSL_CIPHER functions, and several stack functions. - Fixed crashes in the callback functions CTX_set_next_proto_select_cb and CTX_set_alpn_select_cb. - The test suite is now compatible with OpenSSL 1.1.1e onwards, as well as OpenSSL security level 2 (the default on many Linux distributions). ==== python-kiwi ==== Version update (9.22.1 -> 9.23.5) - Bump version: 9.23.4 ? 9.23.5 - Update contributing link in README - Bump version: 9.23.3 ? 9.23.4 - Fixes the rpmdb bootstrap management for DNF on SUSE This commit makes sure that the compatibility symlink for /var/lib/rpm is created when the host rpmdb path is set to something different. This fixes a mismatch on bootstrapping SUSE using DNF. Fixes #1669 - Bump version: 9.23.2 ? 9.23.3 - Modify lsblk flags for a consistent output across distros This commit modifies the lsblk flags to make use of the list format instead of raw output. `--list` flag seams to keep the geometry order and produces a consistent output in several distros. - Bump version: 9.23.1 ? 9.23.2 - Update kiwi-systemdeps-image-validation Make python anymarkup to be only recommended. The package does not exist on all distributions, e.g suse does not provide it and for kiwi it's an optional plugin - Fixed missing provides tag When building WSL images the image type is set to appx. Therefore obs is looking for what provides kiwi-image:appx This provides tag was missing - Don't install obsolete requires packages The derived docker build test installs obsolete kiwi requires - Bump version: 9.23.0 ? 9.23.1 - Update spec file Complete and cleanup spec for drop in replacement of new systemdeps sub-packages - Bump version: 9.22.4 ? 9.23.0 - Set min version python requirement The use of new features like type hinting and annotations requires a python version >= 3.6 - Bump version: 9.22.3 ? 9.22.4 - Use the generic Dict type This commit makes use of the Dict type in the container factory classes so these type hints aligned with the other dict related type hints in KIWI code. This commit improves the refactor done in 99be52ba. - Update preferences documentation The last commit added the optional arch attribute to the preferences section but the documentation did not expose this information. This is related to Issue #1640 - Fixed no-self-use issue from codacy report The Logger.progress method is actually a static method and should be used as such - Added strong typing for the following API methods * logger * logger_color_formatter * logger_filter * xml_description * xml_state * markup/any * markup/base * markup/xml This references Issue #1644 - Add 'arch' attribute to preferences This commits adds the attribute 'arch' to preferences. It works as any other 'arch' attribute within the schema. Preferences defined with architectures that do not match the host are ignored. If no 'arch' is provided it matches all any host architecture. Fixes #1640 - Fixed color json output kiwi supports output of yaml/json markup in color mode using pjson. The writing of this data required to be encoded prior output. - Fix vagrant documentation The previous pull request adding a baseVagrantSetup method and documentation broke the build of the docs due to invalid indentation. The test pipeline has failed but the PR was merged so this followup commit is needed to fix the docs - Refactor iso_tools factory class This commit refactors the IsoTools class and turns it into a proper factory class and also includes type hints to facilitate it's use from an API POV. Related to #1498 - Refactor container factory classes This commit refactors the container related classes to turn them into proper factory classes and also includes type hints to facilitate it's use from an API POV. Related to #1498 - Delete traces of travis integration Rename and clarify code that was still using the name travis. Delete all references to the travis CI system from kiwi - Bump version: 9.22.2 ? 9.22.3 - Fixed SUSE doc update in gitlab pipeline There is a dependency set to build_suse_doc in the push_suse_doc target. But the build_suse_doc target has set except "master" when the push_suse_doc has set only "master". Obviously this doesn't fit together - Bump version: 9.22.1 ? 9.22.2 - Fixed source rpm check in gitlab Fedora30 is EOL, thus there is no provider for mock/fedora-30-x86_64.cfg anymore - Delete travis setup - Added gitlab pipeline to deploy kiwi documentation Use a github token and a bit of script code to deploy the kiwi online documentation to the gh-pages branch - Move CI system to gitlab Travis made questionable changes to their open statement and I'm not following this anymore. - Added check_swap_name_used_with_lvm runtime check The optional oem-swapname is only effective if used together with the LVM volume manager. A name for the swap space can only be set if it is created as a LVM volume. In any other case the name does not apply to the system. This condition should be checked to avoid useless settings in the image description. - Allow to customize swap volume name Added a new element <oem-swapname> below the <oemconfig> section which allows to specify a name for the swap volume in case the LVM volume manager is used. The default if not specified continuous to stay at: LVSwap. This Fixes #1638 - Fixed base setup links Do not create a link /var/run pointing to /run. This is unexpected and looks like a left over from kiwi legacy which supported older distributions who might have needed this. This Fixes #1643 - [doc] Clarify that suse* functions are also for openSUSE - Add baseVagrantSetup helper function This function is used to setup a vagrant box, so that each vagrant box creator needn't implement it themselves. - Use DEBUG=0 by default in function Debug This avoids script failures when invoked with `set -u`. - Make debootstrap repository explicit This commit introduces the use_for_debootstrap attribute for repositories of type apt-deb. This is a boolean attribute to specify the repository that will be used for bootstrapping in apt-deb based images. Only one can be selected and if none is specified KIWI just makes use of the last one in the list. Fixes #1593 ==== qemu ==== Subpackages: qemu-arm qemu-audio-spice qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-ppc qemu-s390x qemu-seabios qemu-sgabios qemu-skiboot qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-vhost-user-gpu qemu-x86 - Fix two additional cases of qemu crashing due to qemu module packages not being loaded. qom-handle-case-of-chardev-spice-module-.patch spice-app-avoid-crash-when-core-spice-mo.patch ==== ruby-common ==== - cleanup the .gem.* dirs that rubygems creates on 3.0 (boo#1180528) - add support to package rubygems plugin dirs as the file is conflicting you can only have one version of the same gem installed if it provides a rubygems plugin. at least for now ==== ruby3.0 ==== Subpackages: libruby3_0-3_0 - add https://github.com/rubygems/rubygems/pull/4317.patch make sure the gem plugins path does not contain the buildroot ==== sendmail ==== Subpackages: libmilter1_0 - Move SMTPD_LISTEN_REMOTE hack into valid code of update script - Change location of update script in fillup/sysconfig files - Add better support for IPv6 - Fix bug in udage of fillup_only macro to get sysconfig file for sendmail written by fillup ==== soundtouch ==== Version update (2.1.2 -> 2.2) - update to 2.2.0: * Improvements to help compiler autovectorization * Bugfix in integer version of calcCrossCorrAccumulate() * Compensate initial buffering of anti-alias filter and intepolator. * Tuning for ARM NEON * BPMDetect: Make conversion from size_t to int explicit * BPM PeakFinder: Fix possible reading past end of array. * Change correlation loop 'sum' variable type from double to float ==== sqlite3 ==== Version update (3.34.0 -> 3.34.1) - SQLite 3.34.1: * Fix a potential use-after-free bug when processing a a subquery with both a correlated WHERE clause and a "HAVING 0" clause and where the parent query is an aggregate (boo#1181261) * Fix documentation typos * Fix minor problems in extensions ==== upower ==== Subpackages: libupower-glib3 typelib-1_0-UpowerGlib-1_0 upower-lang - Use libplist-2.0 on Tumblewewd. + upower-build-Use-a-newer-libplist-if-available.patch ==== virt-manager ==== Subpackages: virt-install virt-manager-common - bsc#1180897 - SLES15 SP2: VM does not boot after virt-install installing from ISO image. virtinst-keep-iso-for-xenpv.patch - bsc#1181350 - [Build 20210122] openQA test fails in virt_install on aarch64 virtman-show-no-firmware-for-xenpv.patch ==== webkit2gtk3 ==== Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 libwebkit2gtk3-lang typelib-1_0-JavaScriptCore-4_0 typelib-1_0-WebKit2-4_0 webkit2gtk-4_0-injected-bundles - Add gir-multilib.patch: Fix multilib conflict in gir files. - Disable gold linker for ppc64le ==== yast2-bootloader ==== Version update (4.3.18 -> 4.3.20) - Do not propose resume kernel parameter when the swap is smaller than the RAM size (bsc#1180977). - 4.3.20 - Ensure the proposal is re-calculated when the partitioning plan has changed (bsc#1180218 and bsc#1180976) - 4.3.19

1 0

question to update openSUSE-2020-2091 (systemd/udev)
by dieter 31 Jan '21

31 Jan '21

Hi, according to the description the update openSUSE-2020-2091 for Leap 15.2: https://lists.opensuse.org/archives/list/updates@lists.opensuse.org/thread/… ... - Remove mq-deadline selection from 60-io-scheduler.rules (bsc#1177490) according to the rpm changelog rpm -q --changelog udev-234-lp152.31.16.1.x86_64 |less this change was already done in October, * Di Okt 20 2020 Andreas Herrmann <aherrmann(a)suse.com> - Remove mq-deadline selection from 60-io-scheduler.rules but after the Update /usr/lib/udev/rules.d/60-io-scheduler.rules rpm -qf /usr/lib/udev/rules.d/60-io-scheduler.rules udev-234-lp152.31.16.1.x86_64 looks unchanged, especially: tail /usr/lib/udev/rules.d/60-io-scheduler.rules # MQ: BFQ scheduler for HDD ENV{.IS_MQ}=="1", ATTR{queue/rotational}!="0", ATTR{queue/scheduler}="bfq" # Non-MQ: CFQ scheduler for HDD ENV{.IS_MQ}!="1", ATTR{queue/rotational}!="0", ATTR{queue/scheduler}="cfq" # Non-MQ: deadline scheduler for SSD ENV{.IS_MQ}!="1", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="deadline" LABEL="scheduler_end" Was this change accidentally left out from the update? The related bug (bsc#1177490) is not accessible. Regards, Dieter

2 3

help asked with error changelog sequence
by Cor Blom 30 Jan '21

30 Jan '21

Hi, The following SR gives an error: https://build.opensuse.org/request/show/867778 The factory script says that the sequence in the changelog is wrong. The suggested solution is to remove the last entry, which is not what I want. I don't see what is wrong. Can someone help me here? Thanks, Cor

2 1

Tumbleweed - Review of the week 2021/04
by Dominique Leuenberger / DimStar 30 Jan '21

30 Jan '21

Dear Tumbleweed users and hackers, This week felt like I was fighting with OBS and openQA, and packages breaking Tumbleweed. This also shows in the number of released snapshots: ‘only’ 3. But there was a huge gap between 0121 (reviewer last week) and 0126 (first published snapshot this week). But I’m sure you all prefer longer gaps, but working snapshots. The longer the gap, the more packages are in there, so the total net change remains the same. This wee, we released 0126, 0127, and 0128. The main changes included: * Automake 1.16.3 * findutils 4.8.0 * Linux kernel 5.10.9 * libvirt 7.0.0 * Sudo 1.9.5p2 (CVE-2021-3156) Plenty of submissions are being tested in the Staging projects – almost all of them are filled. The main upcoming changes will be: * Mozilla Firefox 85.0 * Linux kernel 5.10.11 * util-linux 2.36.1 * Rust 1.49.0 * More work on python-rpm-macros, used for multiple python flavors (aka python singlespec) * This will come together with python 3.8.7 * Postfix: change the default database format to lmdb, migrating away from BerkeleyDB (3rd attempt, previous two were reverted) * Bison 3.7.5 * Firewalld 0.9.3 * Pulseaudio 14.2 * Bind 9.16.11: changed protection of/against “named” from chroot jail to systemd protection. This obsoletes subpackage named-chrootenv. * KDE Plasma 5.21: currently 5.20.90 being tested * openssl 1.1.1i, based on centralized crypto-policies package Cheers, Dominique

2 1

[factory][TW] bad OSS package Mesa-dri-nouveau-20.3.3-271.2?
by Felix Miata 30 Jan '21

30 Jan '21

I just upgraded an old 10de:03d0 graphics/TW installation to 20210128, one I try to keep unnecessary software off of. In this case, unneeded is (only some of) *nouveau* applicable to Xorg. Apparently required for X to function with the upstream default modesetting DDX is the $SUBJECT package. It comes from OSS repo with MIT license. Without it installed, Xorg.0.log reports (EE) modeset(0): glamor initialization failed, Xorg presents only a black screen and exit, and Xorg.0.log contains no (EE) lines subsequent, for a total of two lines containing (EE). My question is why zypper demands I answer a license question yes if I wish to upgrade the subject package, in same manner as for xf86-video-nouveau? I perceive nothing at https://mit-license.org/ to suggest any such ack. Are there other Mesa packages requiring license ack? I've never seen one before. Is this worth a bug report? -- Evolution as taught in public schools, like religion, is based on faith, not on science. Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/

3 2