openSUSE Factory
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
January 2022
- 100 participants
- 96 discussions
What's the secret to seeing only one MOTD when logging in? I have /etc/motd that
says what I want said. /etc/motd.d/ is empty. How do I stop it from being followed
on the following line by the "Have a lot of fun..." openSUSE default? man motd
seems to say if /etc/motd exists, no other should be used, but it's unclear to me.
It seems to me if /etc/motd exists that /usr/lib/motd.d/* should be ignored. Is
this a bug
--
Evolution as taught in public schools is, like religion,
based on faith, not based on science.
Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!
Felix Miata
3
2
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
clamav (0.103.4 -> 0.103.5)
gupnp (1.4.2 -> 1.4.3)
python-hiredis (1.1.0 -> 2.0.0)
python-python-lzo (1.12 -> 1.14)
python-tables (3.6.1 -> 3.7.0)
shadow (4.9 -> 4.11.1)
=== Details ===
==== clamav ====
Version update (0.103.4 -> 0.103.5)
Subpackages: libclamav9 libfreshclam2
- Update to 0.103.5
* CVE-2022-20698: Fix for invalid pointer read that may cause a crash.
This issue affects 0.104.1, 0.103.4 and prior when ClamAV is compiled
with libjson-c and the CL_SCAN_GENERAL_COLLECT_METADATA scan option
(the clamscan --gen-json option) is enabled.
* Fixed ability to disable the file size limit with libclamav C API,
like this:
cl_engine_set_num(engine, CL_ENGINE_MAX_FILESIZE, 0);
This issue didn't affect ClamD or ClamScan which also can disable the
limit by setting it to zero using MaxFileSize 0 in clamd.conf for ClamD,
or clamscan --max-filesize=0 for ClamScan.
Note: Internally, the max file size is still set to 2 GiB. Disabling the
limit for a scan will fall back on the internal 2 GiB limitation.
* Increased the maximum line length for ClamAV config files from 512 bytes
to 1,024 bytes to allow for longer config option strings.
* SigTool: Fix insufficient buffer size for --list-sigs that caused a
failure when listing a database containing one or more very long
signatures. This fix was backported from 0.104.
==== gupnp ====
Version update (1.4.2 -> 1.4.3)
- Update to version 1.4.3:
+ ServiceProxy:
- Properly propagate cancelled actions in deprecated calls.
- Fix deprecated async calls, again.
==== python-hiredis ====
Version update (1.1.0 -> 2.0.0)
- Update to 2.0.0
* Bump hiredis from 0.13.3 to 1.0.0 and consequently add support
for RESP3 (see #104)
* Add type hints (see #106)
* Drop support for EOL Python versions 2.7, 3.4, and 3.5 (see #103)
- Drop obsolete patches
* hiredis1.patch
* bump_hiredis_0.14.1.patch
- Update patches
* 0001-Use-system-libhiredis.patch
* drop-vendor-sources.patch
==== python-python-lzo ====
Version update (1.12 -> 1.14)
- Update to 1.14
* Add python2 support statement
* Fix 32bit int limitations
- Includes support for Python 3.10 now
==== python-tables ====
Version update (3.6.1 -> 3.7.0)
- Update to 3.7.0
* Compatibility with Python 3.10, numpy 1.21 and HDF5 1.12.
* Support for Python 3.5 has been dropped (#840 and #850).
* Internal C-Blosc sources updated to 1.21.1 (#931). Note that,
starting from C-Blosc 1.19 does not include the Snappy codec
sources anymore, so Snappy will be not available if you compile
from included sources; other packages (like conda or wheels),
may (or may not) include it.
* Switch to git submodule for the management of vendored c-blosc
sources.
* Improved code formatting and notation consistency (#873, #868,
[#865] thanks to Miroslav ?edivý).
* Improve the use of modern Python including :mod:pathlib,
f-strings (#859, #855, #839 and #818 thanks to Miroslav
?edivý).
* Simplified management of version information.
* Drop dependency on the deprecated distutils.
* Modernize the setup script and add support for PEP517 (#907).
* Fix pkg-config (setup.py) for Python 3.9 on Debian. Thanks to
Marco Sulla PR #792.
* Fix ROFileNode fails to return the fileno() (#633).
* Do not flush read only files (#915 thanks to @lrepiton).
* Drop the deprecated hdf5Version and File.open_count.
* the :func:get_tables_version and :func:get_hdf5_version
functions are now deprecated please use the coresponding
:data:tables.__version__ and :data:tables.hdf5_version instead.
- Drop patches fixed upstream
* PyTables-compat-numpy119.patch
* PyTables-pr810-tostring.patch
* PyTables-skip-test_vlarray.patch
* tables-pr862-lowercasefdtype.patch
- Replace Never-use-the-msse2-flag-explicitly.patch by use of
environment variable
==== shadow ====
Version update (4.9 -> 4.11.1)
Subpackages: login_defs
- The legacy code does not support /etc/login.defs.d used by YaST.
Enable libeconf to read it (bsc#1192954).
- Update to 4.11.1:
* build: include lib/shadowlog_internal.h in dist tarballs
- Update to 4.11:
* Handle possible TOCTTOU issues in usermod/userdel
- (CVE-2013-4235)
- Use O_NOFOLLOW when copying file
- Kill all user tasks in userdel
* Fix useradd -D segfault
* Clean up obsolete libc feature-check ifdefs
* Fix -fno-common build breaks due to duplicate Prog declarations
* Have single date_to_str definition
* Fix libsubid SONAME version
* Clarify licensing info, use SPDX.
- Update to 4.10:
* From this release forward, su from this package should be
considered deprecated. Please replace any users of it with su
from util-linux
* libsubid fixes
* Rename the test program list_subid_ranges to getsubids, write
a manpage, so distros can ship it.
* Add libeconf dep for new*idmap
* Allow all group types with usermod -G
* Avoid useradd generating empty subid range
* Handle NULL pw_passwd
* Fix default value SHA_get_salt_rounds
* Use https where possible in README
* Update content and format of README
* Translation updates
* Switch from xml2po to itstool in 'make dist'
* Fix double frees
* Add LOG_INIT configurable to useradd
* Add CREATE_MAIL_SPOOL documentation
* Create a security.md
* Fix su never being SIGKILLd when trapping TERM
* Fix wrong SELinux labels in several possible cases
* Fix missing chmod in chadowtb_move
* Handle malformed hushlogins entries
* Fix groupdel segv when passwd does not exist
* Fix covscan-found newgrp segfault
* Remove trailing slash on hoedir
* Fix passwd -l message - it does not change expirey
* Fix SIGCHLD handling bugs in su and vipw
* Remove special case for "" in usermod
* Implement usermod -rG to remove a specific group
* call pam_end() after fork in child path for su and login
* useradd: In absence of /etc/passwd, assume 0 == root
* lib: check NULL before freeing data
* Fix pwck segfault
- Remove because upstreamed:
* shadow-4.9-pwck-segfault.patch
* shadow-4.9-newgrp-segfault.patch
* shadow-4.9-useradd-subuid.patch
* shadow-4.9-sgent-free.patch
* shadow-passwd-handle-null.patch
* shadow-fix-sigabrt.patch
* shadow-libeconf-include.patch
* libsubid-build-fix.patch
- Refreshed:
* shadow-util-linux.patch
* shadow.changes
* shadow.keyring
* shadow.spec
* useradd-script.patch
* useradd-userkeleton.patch
* userdel-script.patch
- Update shadow.keyring:
* Serge Hallyn serge(a)hallyn.com (B175CFA98F192AF2)
* Christian Brauner christian(a)brauner.io (4880B8C9BD0E5106FC070F4F7B3C391EFEA93624)
1
0
(15.4) openSUSE-Leap-15.4-NET-x86_64-Media.iso download failed - http 403
by Alex Bihlmaier 17 Jan '22
by Alex Bihlmaier 17 Jan '22
17 Jan '22
Hello!
Downloading the current 15.4 net iso is failing.
~ » wget
https://download.opensuse.org/distribution/leap/15.4/iso/openSUSE-Leap-15.4…
--2022-01-16 16:20:23--
https://download.opensuse.org/distribution/leap/15.4/iso/openSUSE-Leap-15.4…
Resolving download.opensuse.org (download.opensuse.org)
195.135.221.134, 2001:67c:2178:8::13
Connecting to download.opensuse.org
(download.opensuse.org)|195.135.221.134|:443... connected.
HTTP request sent, awaiting response... 403 Forbidden
2022-01-16 16:20:23 ERROR 403: Forbidden.
3
2
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (21.3.3 -> 21.3.4)
Mesa-drivers (21.3.3 -> 21.3.4)
MozillaFirefox (96.0 -> 96.0.1)
autoyast2 (4.4.24 -> 4.4.25)
cyrus-sasl
ddclient
drbd-utils
firewalld (1.0.2 -> 1.0.3)
joycond
libqb
ncurses (6.3.20211127 -> 6.3.20220101)
perl-Bootloader (0.936 -> 0.937)
pulseaudio
python-boto3 (1.20.28 -> 1.20.35)
python-botocore (1.23.28 -> 1.23.35)
vim
virt-manager
yast2-dhcp-server (4.4.1 -> 4.4.2)
=== Details ===
==== Mesa ====
Version update (21.3.3 -> 21.3.4)
Subpackages: Mesa-dri-devel Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- update to 21.3.4
* bugfix release
==== Mesa-drivers ====
Version update (21.3.3 -> 21.3.4)
Subpackages: Mesa-dri Mesa-gallium Mesa-libva libvdpau_r300 libvdpau_r600 libvdpau_radeonsi libvulkan_intel libvulkan_radeon libxatracker2
- update to 21.3.4
* bugfix release
==== MozillaFirefox ====
Version update (96.0 -> 96.0.1)
Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 96.0.1
* Fixed: Improvements to make the parsing of content-length
headers more robust (bmo#1749957, boo#1194677)
==== autoyast2 ====
Version update (4.4.24 -> 4.4.25)
Subpackages: autoyast2-installation
- Properly merge the autoupgrade workflow when using the online
medium (bsc#1192437, bsc#1194440).
- 4.4.25
==== cyrus-sasl ====
Subpackages: cyrus-sasl-crammd5 cyrus-sasl-digestmd5 cyrus-sasl-gssapi cyrus-sasl-plain libsasl2-3 libsasl2-3-32bit
- postfix: sasl authentication with password fails (bsc#1194265)
Add config parameter --with-dblib=gdbm
- Avoid converting of /etc/sasldb2 by every update. Convert
/etc/sasldb2 only if it is a Berkeley DB
==== ddclient ====
- Modify the systemd service file so ddclient is run After
network-online.target instead of just network.target, since
running ddclient without being online is pointless.
- Added a Wants statement for the same systemd targets as in After
==== drbd-utils ====
- Update to 9.19.0
* v9,events2: show changes of peer-client
* v9: rr-conflict strategy auto-discard for protocol A
* windrbd: various fixes including setting the systemd root
* containers: switch to UBI8
* v9,wait-*: fix segfault
- bsc#1191058, active UsrMerge to install in /usr
Add patch usrmerge_move_lib_to_prefix_lib.patch
- Remove patch fix-libdir-in-Makefile.patch
Remove patch systemd-drbd-service-needs-network-online.patch (included)
- Add drbd-utils.rpmlintrc for Error missing-call-to-setgroups-before-setuid
- Add rpmlint-build-error.patch to fix rpmbuild build errors
- bsc#1190591, fail to start due to lack of /usr/var/run/drbd
- Update to 9.18.0
* build: remove rpm related targets
* drbdsetup,v84: fix minor compile warnings
* systemd: resource specific activation
* systemd: drbd-reactor promoter templates
* doc: fix maximum ping timeout
* doc: add man pages for the systemd templates
* drbdadm,v9: fix dstate for diskless volumes
* build/release: use lbvers.py
* drbd-attr: don't leak fd to drbdsetup
* doc: various fixes and additions
* drbdsetup,events2,v9: add backing_device
* build,Debian: rm dh-systemd dependency
* drbdsetup,events2,v9: fix --poll regression
* drbdmeta: fix bug with ALs with small final extents
* build,Debian: rm mail recommends
* drbdsetup,events2,v9: allow --poll without --now
* drbdsetup,invalidate: allow bitmap based resync after verify
* drbdadm,sh-ll-dev: change output to "none" if diskless
* drbd-attr/may_promote: fixes from 9.15.1
* drbdadm,v9: allow set-gi in single node clusters
* drbsetup,events2,v9: diff(erential) output
* drbsetup,events2,v9: add --full output
* v9: allow resource rename, also in drbdmon
* drbdadm,v9: allow c-max-rate to be disabled
* New drbd-attr Pacemaker RA
* events2: handle mixed initial state and multicast events
* events2: fix regression to always print resync done
- Add patch systemd-drbd-service-needs-network-online.patch
- add pie-fix.patch: explicitly pass -pie linker flag when building drbdmon.
The Makefile explicitly passes -fPIC, thereby breaking our gcc-PIE profile.
In addition the Makefile also ignores CXXFLAGS and LDFLAGS passed via the
environment. Therefore fix it with this patch. This makes drbdmon a PIE
binary (bsc#1184122).
- prepare usrmerge (boo#1029961)
- Move block-drbd back to /etc/xen/scripts (bsc#1177531)
The change in xen.spec was reverted, but the revert was not applied
to this pkg
- bsc#1176436, update to 9.14.0
* pacemaker: various fixes/improvements for PM >=1.1.15
including the 2 series; crm-fence-peer.9.sh
* systemd dependency for drbd-proxy
* containers: multi-arch support, especially for s390x
* multipathd: blacklist drbd
* drbdsetup: code refactoring and improvements,
as well as tests for events2!
add "may_promote", "promotion_score". See man page.
* build: compile fixes for gcc-10; CI pipeline
* handlers: add "disconnected"
- Remove patch crm-fence-peer-pacemaker2-issue2.patch (included)
Remove patch link-error-setup_option.patch (included)
- bsc#1176065, fail to get master id from cib xml in fence handler
Add patch crm-fence-peer-pacemaker2-issue2.patch
- bsc#1172641, fix the link error of setup_option.
Add patch link-error-setup_option.patch
- bsc#1171419, Update to 9.13.0
* crm-fence-peer{,.9}.sh: detect Pacemaker 2 promotable clones
* submodules: switch to https, which makes it easier to clone
if you are behind some weird company firewalls.
* drbd.service: start pacemaker before drbd-proxy
* windrbd: various new commands including create-resource-from-url,
set-syslog-ip, scan-partitions-for-minor, install-bus-device,
remove-bus-device
- Remove patch crm-fence-peer-pacemaker2.patch
- bsc#1166200 ,fix crm-fence-peer regex issue with pacemaker 2.
- Add patch crm-fence-peer-pacemaker2.patch
- Update to 9.12.0
* drbd.ocf: new wrc_timeout param, fail on attach failure,
remove_master_score_if_peer_primary param,
fail_promote_early_if_peer_primary param, improved helper logging
no error if wait-connect fails
* drbdadm,v9: fix dumping meta-disk in corner case
* crm-fence-peer.9.sh: fix Pacemaker 2 compat
* drbdsetup,v9: fixes for various json output corner cases
* drbdsetup,all: prepare for netlink changes (linux v5.2+)
* drbdadm,v9: fix a check for setting up connections multiple times
* init: setup file backed loop devices (mapping from LINSTOR)
* rr-conflict: add retry-connect option (>=drbd 9.0.20)
* drbdmon: 256/16 colors; events2 handler improvements
* drbdsetup,v9: new flag: force-resync (>=drbd 9.0.21)
- Remove netlink-prepare-for-kernel-v5.2.patch
Remove netlink-Add-NLA_F_NESTED-flag-to-nested-attribute.patch
Remove cibadmin-return-code-convert.patch in 144c8cc1d
- BuildRequire pkgconfig(udev) instead of udev: allow OBS to
shortcut through the -mini flavors.
- Remove obsolete Groups tag (fate#326485)
- bsc#1145296, fix the wrong return code with cib_apply_diff
Add patch cibadmin-return-code-convert.patch
- Support Kernel 5.2, bsc#1149945 and bsc#1144702
- Add patch netlink-prepare-for-kernel-v5.2.patch
Add patch netlink-Add-NLA_F_NESTED-flag-to-nested-attribute.patch
- Update to 9.10.0
* drbdmon: limit desplay lenght, minor fixes
* drbdsetup,v9: avoid underflow when resync regresses
* drbdmeta,v9: allow huge (~1PB volumes)
* drbdsetup,v9: add allow-remote-read flag(9.0.19)
* docker: switch to UBI images
* doc: update JA doc
- In our effort to make /etc fully admin controlled, move /etc/xen/scripts
to libexec/xen/scripts
- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
shortcut the build queues by allowing usage of systemd-mini
- Update to 9.9.0
* drbdadm,v9: do not ignore stacked/upper implicit paths.
* docker: provide initial integration.
* doc,v9: document transport keyword
* drbdmeta,v9: support for PMEM activity log format
* drbdadm: allow faking of drbdsetup show output
* drbdmeta,v9: fix forget-peer
- Update to 9.8.0
* i18n: use propper po files
* v9,stacked: allow node-id in stacked section
but one should not use stacked with v9 anyways
* dry run: remove trailing white space
This eases test integration.
Mentioned here because strictly speaking output changed.
* regression tests: if at ./configure time "clitest" is detected,
one can run tests via "make test". Target is a noop otherwise.
* drbdsetup,v9: fix wait-for (same patch as in 9.7.1)
* doc,v9: require-drbd-module-version-*, events2 --now --poll
* drbdadm,v9: allow stacked-on-top-of sections without address
* drbdadm,v9: bring up only the correct paths in multi-site scenaios.
* drbdadm,v9: fix parser segfault if node-id is missing.
* tests: require that they pass on release.
* drbdsetup,v9: fix key collision in show --json.
- bsc#1121794, use drbd9 man pages.
- Update to 9.7.0
* drbdadm,v9,v84: fix resync-after
* drbd.ocf: connect_only_after_promote, require kernel version
* drbdmon: display resync progress
* parser,v9: require-drbd-module-version
* windrbd: add WinDRBD support
- bsc#1115606. Update to new upstream release 9.6.0
* usage-count: also count notty users if possible.
* drbd-overview: remove it, we have drbdtop/drbdmon. saves all the Perl deps.
* drbdmon: update frequency limiting, debug log for drbdevents, use
altbuffer,...
* drbdsetup show: on 9 allow json output.
mainly used in our CI, don't expect a stable field names yet.
* drbdsetup satus: on 9 fix json output to not include NaN/Infinity
* allow higher resync rates: first customers hit a limit. this requires an
updated kernel module as well (e.g., 9.0.16)
* init: fix some 8-only leftovers (sh-b-pri), sanitize the retry logic
* doc: document various 9 features that got forgotten (e.g., quorum-lost)
* build: various small fixes that popped up while playing with meson
- Remove patch: skip_sh-b-pri_in_v9.patch fix in ace704aac
- Update to 9.5.0
* drbdmon: allow to start in problems view (--problems)
* drbdadm,v9: fix always failing stacked handlers from kernel
* drbdadm,v9: adjust now hands over the information that a
diskfull->diskless change was intentional.
* drbdadm,v9: adjust verifies now IPs
- Remove patch: fix_call_khelper_with_stack.patch in 60ec9fa68
- Update to 9.4.0
* drbdmeta: don't exit with negative return codes
* usage counts: only register if we know driver version
* drbdsetup,v9: expose detailed verify/resync statistics
* drbdsetup,v9,json: saner types for client/peer-client/quorum
on --json
* drbdsetup,v9: expose client/peer-client in status if !isatty()
- Including fix for SLE12SP3:
bsc#1064402, remove hardcoded local5 of logfacility
bsc#1037109, drbdmeta does not propagate full bitmap
- bsc#1090167, Update to 9.3.1
* update to Japanese man pages
* fixes for stacking in drbd-9.0
* fixes for proxy support in drbd-9.0
* fix adjusting --bitmap=no peer to diskfull
* VCS: typos and fixes for stacked resources
- Remove upstream patch Fix-no-bitmap-allocate-for-stacked-res.patch
- Remove upstream patch Support-pass-force-to-dump-md.patch
- Remove patch fix-segfault-up-stacked-resource.patch with
upstream fix 74b1cbb274
- drbdadm v84: fixup for disable-write-same
- Fix IPv4 & IPv6 address comparisons for 'drbdadm adjust'
- bsc#1077176, pass the string to backend.
- bsc#1058770, fix kernel trace while starting
sync stacked drbd
- Add patch Fix-no-bitmap-allocate-for-stacked-res.patch
- Add patch Support-pass-force-to-dump-md.patch
- bsc#1076936, from bwiedemann(a)suse.com.
Reproducible builds support merged in upstream, but
the changes in spec is lost.
==== firewalld ====
Version update (1.0.2 -> 1.0.3)
Subpackages: firewalld-bash-completion firewalld-lang firewalld-zsh-completion python3-firewall
- Update to 1.0.3:
* fix(io): _check_config() expects a dict
* feat(build): distribute an OCI container image
* fix(ipset): reduce cost of entry overlap detection
==== joycond ====
Subpackages: joycond-autoload
- Lessened reverse dependency of kmod(hid_nintendo), as otherwise
joycond will be installed on any machine that runs Linux >= 5.16.
- Clarified license: changed GPL-3.0 to GPL-3.0-or-later
==== libqb ====
- Retry if posix_fallocate is interrupted with EINTR (#453) (gh#ClusterLabs/libqb#451, bsc#1193737, bsc#1193912)
* bsc#1193737-0001-Retry-if-posix_fallocate-is-interrupted-with-EINTR-4.patch
==== ncurses ====
Version update (6.3.20211127 -> 6.3.20220101)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen
- Add ncurses patch 20220101
+ add section on releasing memory to curs_termcap.3x and
curs_terminfo.3x manpages.
- Add ncurses patch 20211225
+ improve markup, e.g., for external manpage links in the manpages
(prompted by report by Helge Kreutzmann).
- Add ncurses patch 20211219
+ install ncurses-examples programs in libexecdir, adding a wrapper
script to invoke those.
+ add help-screen and screen-dump to test/combine.c
- Rename package ncurses-tests to ncurses-examples as upstream does
- Add ncurses patch 20211211
+ add test/combine.c, to demo/test combining characters.
- Add ncurses patch 20211204
+ improve configure check for getttynam (report by Werner Fink).
- Correct offsets of patch ncurses-6.3.dif
==== perl-Bootloader ====
Version update (0.936 -> 0.937)
- merge gh#openSUSE/perl-bootloader#137
- grub2 install: Support secure boot on powerpc (bsc#1192764
jsc#SLE-18271).
- 0.937
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-bash-completion pulseaudio-gdm-hooks pulseaudio-lang pulseaudio-module-bluetooth pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-setup pulseaudio-utils pulseaudio-zsh-completion system-user-pulse
- Workaround for spurious errors in dump-modules command
(bsc#1194379):
pulseaudio-dump-module-Ignore-invalid-module-init-tools.patch
==== python-boto3 ====
Version update (1.20.28 -> 1.20.35)
- Update to version 1.20.35
* api-change:``pinpoint``: [``botocore``] Adds JourneyChannelSettings to WriteJourneyRequest
* api-change:``lexv2-runtime``: [``botocore``] Update lexv2-runtime client to latest version
* api-change:``nimble``: [``botocore``] Amazon Nimble Studio now supports validation for Launch
Profiles. Launch Profiles now report static validation results after create/update to detect errors
in network or active directory configuration.
* api-change:``glue``: [``botocore``] This SDK release adds support to pass run properties when
starting a workflow run
* api-change:``ssm``: [``botocore``] AWS Systems Manager adds category support for DescribeDocument
API
* api-change:``elasticache``: [``botocore``] AWS ElastiCache for Redis has added a new Engine Log
LogType in LogDelivery feature. You can now publish the Engine Log from your Amazon ElastiCache for
Redis clusters to Amazon CloudWatch Logs and Amazon Kinesis Data Firehose.
- from version 1.20.34
* api-change:``lexv2-models``: [``botocore``] Update lexv2-models client to latest version
* api-change:``elasticache``: [``botocore``] Doc only update for ElastiCache
* api-change:``honeycode``: [``botocore``] Honeycode is releasing new APIs to allow user to create,
delete and list tags on resources.
* api-change:``ec2``: [``botocore``] Hpc6a instances are powered by a third-generation AMD EPYC
processors (Milan) delivering all-core turbo frequency of 3.4 GHz
* api-change:``fms``: [``botocore``] Shield Advanced policies for Amazon CloudFront resources now
support automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData
ManagedServiceData is now 8192 characters, instead of 4096.
* api-change:``pi``: [``botocore``] This release adds three Performance Insights APIs. Use
ListAvailableResourceMetrics to get available metrics, GetResourceMetadata to get feature metadata,
and ListAvailableResourceDimensions to list available dimensions. The AdditionalMetrics field in
DescribeDimensionKeys retrieves per-SQL metrics.
- from version 1.20.33
* api-change:``finspace-data``: [``botocore``] Documentation updates for FinSpace.
* api-change:``rds``: [``botocore``] This release adds the db-proxy event type to support
subscribing to RDS Proxy events.
* api-change:``ce``: [``botocore``] Doc only update for Cost Explorer API that fixes missing
clarifications for MatchOptions definitions
* api-change:``kendra``: [``botocore``] Amazon Kendra now supports advanced query language and
query-less search.
* api-change:``workspaces``: [``botocore``] Introducing new APIs for Workspaces audio optimization
with Amazon Connect: CreateConnectClientAddIn, DescribeConnectClientAddIns,
UpdateConnectClientAddIn and DeleteConnectClientAddIn.
* api-change:``iotevents-data``: [``botocore``] This release provides documentation updates for
Timer.timestamp in the IoT Events API Reference Guide.
* api-change:``ec2``: [``botocore``] EC2 Capacity Reservations now supports RHEL instance platforms
(RHEL with SQL Server Standard, RHEL with SQL Server Enterprise, RHEL with SQL Server Web, RHEL
with HA, RHEL with HA and SQL Server Standard, RHEL with HA and SQL Server Enterprise)
- from version 1.20.32
* api-change:``ec2``: [``botocore``] New feature: Updated EC2 API to support faster launching for
Windows images. Optimized images are pre-provisioned, using snapshots to launch instances up to 65%
faster.
* api-change:``compute-optimizer``: [``botocore``] Adds support for new Compute Optimizer
capability that makes it easier for customers to optimize their EC2 instances by leveraging
multiple CPU architectures.
* api-change:``lookoutmetrics``: [``botocore``] This release adds FailureType in the response of
DescribeAnomalyDetector.
* api-change:``databrew``: [``botocore``] This SDK release adds support for specifying a Bucket
Owner for an S3 location.
* api-change:``transcribe``: [``botocore``] Documentation updates for Amazon Transcribe.
- from version 1.20.31
* api-change:``medialive``: [``botocore``] This release adds support for selecting the Program Date
Time (PDT) Clock source algorithm for HLS outputs.
- from version 1.20.30
* api-change:``ec2``: [``botocore``] This release introduces On-Demand Capacity Reservation support
for Cluster Placement Groups, adds Tags on instance Metadata, and includes documentation updates
for Amazon EC2.
* api-change:``mediatailor``: [``botocore``] This release adds support for filler slate when
updating MediaTailor channels that use the linear playback mode.
* api-change:``opensearch``: [``botocore``] Amazon OpenSearch Service adds support for Fine Grained
Access Control for existing domains running Elasticsearch version 6.7 and above
* api-change:``iotwireless``: [``botocore``] Downlink Queue Management feature provides APIs for
customers to manage the queued messages destined to device inside AWS IoT Core for LoRaWAN.
Customer can view, delete or purge the queued message(s). It allows customer to preempt the queued
messages and let more urgent messages go through.
* api-change:``es``: [``botocore``] Amazon OpenSearch Service adds support for Fine Grained Access
Control for existing domains running Elasticsearch version 6.7 and above
* api-change:``mwaa``: [``botocore``] This release adds a "Source" field that provides the
initiator of an update, such as due to an automated patch from AWS or due to modification via
Console or API.
* api-change:``appsync``: [``botocore``] AppSync: AWS AppSync now supports configurable batching
sizes for AWS Lambda resolvers, Direct AWS Lambda resolvers and pipeline functions
- from version 1.20.29
* api-change:``cloudtrail``: [``botocore``] This release adds support for CloudTrail Lake, a new
feature that lets you run SQL-based queries on events that you have aggregated into event data
stores. New APIs have been added for creating and managing event data stores, and creating,
running, and managing queries in CloudTrail Lake.
* api-change:``iot``: [``botocore``] This release adds an automatic retry mechanism for AWS IoT
Jobs. You can now define a maximum number of retries for each Job rollout, along with the criteria
to trigger the retry for FAILED/TIMED_OUT/ALL(both FAILED an TIMED_OUT) job.
* api-change:``ec2``: [``botocore``] This release adds a new API called
ModifyVpcEndpointServicePayerResponsibility which allows VPC endpoint service owners to take payer
responsibility of their VPC Endpoint connections.
* api-change:``snowball``: [``botocore``] Updating validation rules for interfaces used in the
Snowball API to tighten security of service.
* api-change:``lakeformation``: [``botocore``] Add new APIs for 3rd Party Support for Lake Formation
* api-change:``appstream``: [``botocore``] Includes APIs for App Entitlement management regarding
entitlement and entitled application association.
* api-change:``eks``: [``botocore``] Amazon EKS now supports running applications using IPv6
address space
* api-change:``quicksight``: [``botocore``] Multiple Doc-only updates for Amazon QuickSight.
* api-change:``ecs``: [``botocore``] Documentation update for ticket fixes.
* api-change:``sagemaker``: [``botocore``] Amazon SageMaker now supports running training jobs on
ml.g5 instance types.
* api-change:``glue``: [``botocore``] Add Delta Lake target support for Glue Crawler and 3rd Party
Support for Lake Formation
- Update BuildRequires and Requires from setup.py
==== python-botocore ====
Version update (1.23.28 -> 1.23.35)
- Version update to 1.23.35
* api-change:``pinpoint``: Adds JourneyChannelSettings to WriteJourneyRequest
* api-change:``lexv2-runtime``: Update lexv2-runtime client to latest version
* api-change:``nimble``: Amazon Nimble Studio now supports validation for Launch Profiles. Launch
Profiles now report static validation results after create/update to detect errors in network or
active directory configuration.
* api-change:``glue``: This SDK release adds support to pass run properties when starting a
workflow run
* api-change:``ssm``: AWS Systems Manager adds category support for DescribeDocument API
* api-change:``elasticache``: AWS ElastiCache for Redis has added a new Engine Log LogType in
LogDelivery feature. You can now publish the Engine Log from your Amazon ElastiCache for Redis
clusters to Amazon CloudWatch Logs and Amazon Kinesis Data Firehose.
- from version 1.23.34
* api-change:``lexv2-models``: Update lexv2-models client to latest version
* api-change:``elasticache``: Doc only update for ElastiCache
* api-change:``honeycode``: Honeycode is releasing new APIs to allow user to create, delete and
list tags on resources.
* api-change:``ec2``: Hpc6a instances are powered by a third-generation AMD EPYC processors (Milan)
delivering all-core turbo frequency of 3.4 GHz
* api-change:``fms``: Shield Advanced policies for Amazon CloudFront resources now support
automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData
ManagedServiceData is now 8192 characters, instead of 4096.
* api-change:``pi``: This release adds three Performance Insights APIs. Use
ListAvailableResourceMetrics to get available metrics, GetResourceMetadata to get feature metadata,
and ListAvailableResourceDimensions to list available dimensions. The AdditionalMetrics field in
DescribeDimensionKeys retrieves per-SQL metrics.
- from version 1.23.33
* api-change:``finspace-data``: Documentation updates for FinSpace.
* api-change:``rds``: This release adds the db-proxy event type to support subscribing to RDS Proxy
events.
* api-change:``ce``: Doc only update for Cost Explorer API that fixes missing clarifications for
MatchOptions definitions
* api-change:``kendra``: Amazon Kendra now supports advanced query language and query-less search.
* api-change:``workspaces``: Introducing new APIs for Workspaces audio optimization with Amazon
Connect: CreateConnectClientAddIn, DescribeConnectClientAddIns, UpdateConnectClientAddIn and
DeleteConnectClientAddIn.
* api-change:``iotevents-data``: This release provides documentation updates for Timer.timestamp in
the IoT Events API Reference Guide.
* api-change:``ec2``: EC2 Capacity Reservations now supports RHEL instance platforms (RHEL with SQL
Server Standard, RHEL with SQL Server Enterprise, RHEL with SQL Server Web, RHEL with HA, RHEL with
HA and SQL Server Standard, RHEL with HA and SQL Server Enterprise)
- from version 1.23.32
* api-change:``ec2``: New feature: Updated EC2 API to support faster launching for Windows images.
Optimized images are pre-provisioned, using snapshots to launch instances up to 65% faster.
* api-change:``compute-optimizer``: Adds support for new Compute Optimizer capability that makes it
easier for customers to optimize their EC2 instances by leveraging multiple CPU architectures.
* api-change:``lookoutmetrics``: This release adds FailureType in the response of
DescribeAnomalyDetector.
* api-change:``databrew``: This SDK release adds support for specifying a Bucket Owner for an S3
location.
* api-change:``transcribe``: Documentation updates for Amazon Transcribe.
- from version 1.23.31
* api-change:``medialive``: This release adds support for selecting the Program Date Time (PDT)
Clock source algorithm for HLS outputs.
- from version 1.23.30
* api-change:``ec2``: This release introduces On-Demand Capacity Reservation support for Cluster
Placement Groups, adds Tags on instance Metadata, and includes documentation updates for Amazon EC2.
* api-change:``mediatailor``: This release adds support for filler slate when updating MediaTailor
channels that use the linear playback mode.
* api-change:``opensearch``: Amazon OpenSearch Service adds support for Fine Grained Access Control
for existing domains running Elasticsearch version 6.7 and above
* api-change:``iotwireless``: Downlink Queue Management feature provides APIs for customers to
manage the queued messages destined to device inside AWS IoT Core for LoRaWAN. Customer can view,
delete or purge the queued message(s). It allows customer to preempt the queued messages and let
more urgent messages go through.
* api-change:``es``: Amazon OpenSearch Service adds support for Fine Grained Access Control for
existing domains running Elasticsearch version 6.7 and above
* api-change:``mwaa``: This release adds a "Source" field that provides the initiator of an update,
such as due to an automated patch from AWS or due to modification via Console or API.
* api-change:``appsync``: AppSync: AWS AppSync now supports configurable batching sizes for AWS
Lambda resolvers, Direct AWS Lambda resolvers and pipeline functions
- from version 1.23.29
* api-change:``cloudtrail``: This release adds support for CloudTrail Lake, a new feature that lets
you run SQL-based queries on events that you have aggregated into event data stores. New APIs have
been added for creating and managing event data stores, and creating, running, and managing queries
in CloudTrail Lake.
* api-change:``iot``: This release adds an automatic retry mechanism for AWS IoT Jobs. You can now
define a maximum number of retries for each Job rollout, along with the criteria to trigger the
retry for FAILED/TIMED_OUT/ALL(both FAILED an TIMED_OUT) job.
* api-change:``ec2``: This release adds a new API called
ModifyVpcEndpointServicePayerResponsibility which allows VPC endpoint service owners to take payer
responsibility of their VPC Endpoint connections.
* api-change:``snowball``: Updating validation rules for interfaces used in the Snowball API to
tighten security of service.
* api-change:``lakeformation``: Add new APIs for 3rd Party Support for Lake Formation
* api-change:``appstream``: Includes APIs for App Entitlement management regarding entitlement and
entitled application association.
* api-change:``eks``: Amazon EKS now supports running applications using IPv6 address space
* api-change:``quicksight``: Multiple Doc-only updates for Amazon QuickSight.
* api-change:``ecs``: Documentation update for ticket fixes.
* api-change:``sagemaker``: Amazon SageMaker now supports running training jobs on ml.g5 instance
types.
* api-change:``glue``: Add Delta Lake target support for Glue Crawler and 3rd Party Support for
Lake Formation
==== vim ====
Subpackages: gvim vim-data vim-data-common
- disable-unreliable-tests-arch.patch: refresh
==== virt-manager ====
Subpackages: virt-install virt-manager-common
- jsc#SLE-20855 KVM: Enable vfio-ccw and vfio-ap in virt-* tools
965480e8-virt-install-add-mediated-device.patch
f87e96d3-hostdev-use-method-get_mdev_uuid.patch
9d4002ee-tests-verify-MDEV-support.patch
9363e1e6-virt-xml-add-support-for-mediated-devices.patch
0e15cd51-virt-manager-enable-MDEV-support.patch
==== yast2-dhcp-server ====
Version update (4.4.1 -> 4.4.2)
- Fix DNS zone creation by fixing a maintained DNS zone check.
Reported and fixed by Daniel Pätzold <obel1x(a)web.de>
See github#yast/yast-dhcp-server#59.
- 4.4.2
1
0
And their first OpenSUSE TW update went fine on this week's episode
On Mon, Jan 3, 2022 at 3:10 PM Luna Jernberg <droidbittin(a)gmail.com> wrote:
> JB and LUP moves to OpenSUSE TW Server: https://linuxunplugged.com/439
> from Arch in the first podcast episode of this year
>
1
1
[factory][15.4] was radeon.cik_support=0 amdgpu.cik_support=1 support dropped in 15.4 but not TW?
by Felix Miata 16 Jan '22
by Felix Miata 16 Jan '22
16 Jan '22
TW with radeon.cik_support=0 amdgpu.cik_support=1 on kernel command line and using
amdgpu driver is still behaving as expected. If I try that in 15.4, no
/dev/dri/card/0 is the result, and thus no X absent using nomodeset. If I remove
it, X works, but it refuses to load the amdgpu DDX, falling back to modesetting
DIX. Errors re iommu show up in journal:
# inxi -Gxx | head -n3
Graphics:
Device-1: AMD Kaveri [Radeon R7 Graphics] vendor: ASUSTeK driver: amdgpu v: kernel
bus-ID: 00:01.0 chip-ID: 1002:130f
# journalctl -b | grep amdgpu
Jan 15 18:51:36 asa88 kernel: Command line: BOOT_IMAGE=/boot/vmlinuz root=LABEL=<filter> noresume ipv6.disable=1 net.ifnames=0 mitigations=auto consoleblank=0 radeon.cik_support=0 amdgpu.cik_support=1 video=1440x900@60 5
Jan 15 18:51:36 asa88 kernel: Kernel command line: BOOT_IMAGE=/boot/vmlinuz root=LABEL=<filter> noresume ipv6.disable=1 net.ifnames=0 mitigations=auto consoleblank=0 radeon.cik_support=0 amdgpu.cik_support=1 video=1440x900@60 5
Jan 15 18:51:36 asa88 dracut-cmdline[197]: Using kernel command line parameters: root=UUID=99e89f51-a917-43b9-9ee7-ec6251de0509 rootfstype=ext4 rootflags=rw,noatime BOOT_IMAGE=/boot/vmlinuz root=LABEL=<filter> noresume ipv6.disable=1 net.ifnames=0 mitigations=auto consoleblank=0 radeon.cik_support=0 amdgpu.cik_support=1 video=1440x900@60 5
Jan 15 23:51:41 asa88 kernel: [drm] amdgpu kernel modesetting enabled.
Jan 15 23:51:41 asa88 kernel: amdgpu: Topology: Add APU node [0x0:0x0]
Jan 15 23:51:41 asa88 kernel: fb0: switching to amdgpu from EFI VGA
Jan 15 23:51:41 asa88 kernel: amdgpu 0000:00:01.0: vgaarb: deactivate vga console
Jan 15 23:51:41 asa88 kernel: amdgpu 0000:00:01.0: amdgpu: Trusted Memory Zone (TMZ) feature not supported
Jan 15 23:51:41 asa88 kernel: amdgpu 0000:00:01.0: amdgpu: Fetched VBIOS from VFCT
Jan 15 23:51:41 asa88 kernel: amdgpu: ATOM BIOS: 113-SPEC-102
Jan 15 23:51:41 asa88 kernel: amdgpu 0000:00:01.0: amdgpu: VRAM: 1024M 0x000000F400000000 - 0x000000F43FFFFFFF (1024M used)
Jan 15 23:51:41 asa88 kernel: amdgpu 0000:00:01.0: amdgpu: GART: 1024M 0x000000FF00000000 - 0x000000FF3FFFFFFF
Jan 15 23:51:41 asa88 kernel: [drm] amdgpu: 1024M of VRAM memory ready
Jan 15 23:51:41 asa88 kernel: [drm] amdgpu: 3072M of GTT memory ready.
Jan 15 23:51:41 asa88 kernel: [drm] amdgpu: dpm initialized
Jan 15 23:51:41 asa88 kernel: kfd kfd: amdgpu: Allocated 3969056 bytes on gart
Jan 15 23:51:41 asa88 kernel: kfd kfd: amdgpu: error getting iommu info. is the iommu enabled?
Jan 15 23:51:41 asa88 kernel: kfd kfd: amdgpu: Error initializing iommuv2
Jan 15 23:51:41 asa88 kernel: kfd kfd: amdgpu: device 1002:130f NOT added due to errors
Jan 15 23:51:41 asa88 kernel: amdgpu 0000:00:01.0: amdgpu: SE 1, SH per SE 1, CU per SH 8, active_cu_number 8
Jan 15 23:51:42 asa88 kernel: fbcon: amdgpu (fb0) is primary device
Jan 15 23:51:42 asa88 kernel: amdgpu 0000:00:01.0: [drm] fb0: amdgpu frame buffer device
Jan 15 23:51:42 asa88 kernel: [drm] Initialized amdgpu 3.42.0 20150101 for 0000:00:01.0 on minor 0
Is this expected behavior? Are we supposed to add some iommu option to the kernel
command line to make radeon.cik_support=0 amdgpu.cik_support=1 work for loading
the amdgpu DDX now?
--
Evolution as taught in public schools is, like religion,
based on faith, not based on science.
Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!
Felix Miata
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
389-ds
apache2
apache2-manual
apache2-prefork
apache2-utils
avahi
aws-cli (1.22.28 -> 1.22.35)
btrfsprogs (5.15 -> 5.16)
busybox (1.34.1 -> 1.35.0)
drbd-utils
emacs
flatpak (1.12.2 -> 1.12.3)
frameworkintegration
freerdp (2.4.1 -> 2.5.0)
gdm (41.0 -> 41.3)
ghostscript
gnome-clocks
gnome-session (40.1.1 -> 41.3)
grub2
iproute2 (5.15 -> 5.16)
libqt5-qtwebengine (5.15.7 -> 5.15.8)
libstorage-ng (4.4.72 -> 4.4.73)
linux-glibc-devel (5.15 -> 5.16)
nautilus (41.1 -> 41.2)
nodejs-common
patterns-base
perl-HTTP-Message (6.35 -> 6.36)
perl-IO-Socket-SSL (2.073 -> 2.074)
poppler (21.12.0 -> 22.01.0)
poppler-qt5 (21.12.0 -> 22.01.0)
python-gtk
python-kiwi (9.24.14 -> 9.24.16)
qemu
strace (5.15 -> 5.16)
yast2 (4.4.34 -> 4.4.36)
yast2-installation (4.4.33 -> 4.4.34)
yast2-packager (4.4.18 -> 4.4.19)
yast2-schema (4.4.7 -> 4.4.8)
yast2-security (4.4.6 -> 4.4.7)
yast2-storage-ng (4.4.31 -> 4.4.32)
=== Details ===
==== 389-ds ====
Subpackages: lib389 libsvrcore0
- Fix %pre macro in pkg for systemd services
- Remove recommends on supportutils per review
- Remove insecure recommends on md5 sasl auth
==== apache2 ====
- Align some defaults in apache2-server-tuning.conf to upstream
defaults:
* Updated MaxRequestWorkers and ServerLimit to 256. [bsc#1194062]
- The old name MaxRequestsPerChild is changed to MaxConnectionsPerChild.
* See https://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxconnectionsperchild
==== apache2-manual ====
- Align some defaults in apache2-server-tuning.conf to upstream
defaults:
* Updated MaxRequestWorkers and ServerLimit to 256. [bsc#1194062]
- The old name MaxRequestsPerChild is changed to MaxConnectionsPerChild.
* See https://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxconnectionsperchild
==== apache2-prefork ====
- Align some defaults in apache2-server-tuning.conf to upstream
defaults:
* Updated MaxRequestWorkers and ServerLimit to 256. [bsc#1194062]
- The old name MaxRequestsPerChild is changed to MaxConnectionsPerChild.
* See https://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxconnectionsperchild
==== apache2-utils ====
- Align some defaults in apache2-server-tuning.conf to upstream
defaults:
* Updated MaxRequestWorkers and ServerLimit to 256. [bsc#1194062]
- The old name MaxRequestsPerChild is changed to MaxConnectionsPerChild.
* See https://httpd.apache.org/docs/2.4/mod/mpm_common.html#maxconnectionsperchild
==== avahi ====
Subpackages: avahi-lang libavahi-client3 libavahi-client3-32bit libavahi-common3 libavahi-common3-32bit libavahi-core7
- Move sftp-ssh and ssh services to the doc directory. They allow
a host's up/down status to be easily discovered and should not
be enabled by default (boo#1179060).
==== aws-cli ====
Version update (1.22.28 -> 1.22.35)
- Update to version 1.22.35
+ For detailed changes see
https://github.com/aws/aws-cli/blob/1.22.35/CHANGELOG.rst
- Update Requires in spec file from setup.py
==== btrfsprogs ====
Version update (5.15 -> 5.16)
Subpackages: btrfsprogs-udev-rules libbtrfs0
- Update to 5.16
* rescue: new subcommand clear-uuid-tree to fix failed mount due to bad uuid
subvolume keys, caught by tree-checker
* fi du: skip inaccessible files
* prop: properly resolve to symlink targets
* send, receive: fix crash after parent subvolume lookup errors
* build:
* fix build on 5.12+ kernels due to changes in linux/kernel.h
* fix build on musl with old kernel headers
* other:
* error handling fixes, cleanups, refactoring
* extent tree v2 preparatory work
* lots of RST documentation updates (last release with asciidoc sources),
https://btrfs.readthedocs.io
- Update to 5.15.1
* fi usage: fix wrongly reported space of used or unallocated space
* fix detection of block device discard capability
* check: add more sanity checks for checksum items
* build: make sphinx optional backend for documentation
==== busybox ====
Version update (1.34.1 -> 1.35.0)
Subpackages: busybox-static
- Update to 1.35.0
- Adjust busybox.config for new features in find, date and cpio
- Annotate CVEs already fixed in upstream, but not mentioned in .changes:
* CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when autocompleting
* CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing segfaults
* CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer underflow in udhcpc
* CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing
* CVE-2016-6301 (bsc#991940): NTP server denial of service flaw
* CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow
* CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow
* CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components
* CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376,
CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380,
CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384,
CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes
- CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via malformed gzip data
- CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp
- CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the retrieve_file_data()
- CVE-2011-5325 (bsc#951562): tar directory traversal
- CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation
==== drbd-utils ====
- remove instance units from post scripts, they can not be reloaded
==== emacs ====
Subpackages: emacs-info emacs-nox emacs-x11 etags
- Skip patch boo1180353-6d8144a2.patch for emacs 25.3 as already
part of emacs 27.2: Was fix for boo#1180353 that was a possible
segmentation fault in case of stack overflow of etags
==== flatpak ====
Version update (1.12.2 -> 1.12.3)
Subpackages: libflatpak0 system-user-flatpak
- Update to 1.12.3:
+ CVE-2021-43860: a malicious repository could have sent invalid
application metadata in a way that hides some of the app
permissions displayed during installation (boo#1194610)
+ flatpak-builder could allow --mirror-screenshots-url commands
to create directories outside of the build directory
(boo#1194611)
+ Extra-data downloading now properly handles compressed
content-encodings which fixes checksum verification
+ Note: In some corner case server setups this may require the
extra-data checksum to be changed
+ Avoid unnecessary policy-kit dialog due to auto-pinning when
installing runtimes
+ Better handling of updates of extensions that exist in multiple
repositories
+ Fixed (initial) installation apps with renamed ids
+ Fixed regression in updates from no-enumerate remotes
+ We now verify checksums of summary caches, to better handle
local file corruption
+ Improved cli output for non-terminal targets
+ Flatpak run --session-bus now works
+ Fix build with PyParsing >= 3.0.4
+ Fixed "Since" annotations on FlatpakTransaction signals
+ bash auto completion now doesn't complete on command name
aliases
+ Minor improvements to the search command
+ Minor improvements to the list command
+ Minor improvements to the repair command
+ Add more tests
+ Updated translations.
- Drop support-new-pyparsing.patch: Fixed upstream.
==== frameworkintegration ====
Subpackages: frameworkintegration-plugin libKF5Style5
- Add upstream change to fix a regression in 5.90.0 (kde#448237)
* 0001-Fix-wrong-porting-of-KNSCore-Engine-configSearchLoca.patch
==== freerdp ====
Version update (2.4.1 -> 2.5.0)
Subpackages: libfreerdp2-2 libwinpr2-2
- Upgraded to freerdp 2.5.0
* Fixed smartcard login in case a redirection occurs the pin was lost
* Backported windows client drawing fixes
* Backported improved macOS keyboard layout detection
* Backported TcpConnectTimeout
* Backported LibreSSL compatibility patches
* Backported signal handler backtrace
* Backported OpenSSL 3.0 support
* Backport #gh:FreeRDP/FreeRDP#7539: Wayland client clipboard issues
* Backport #gh:FreeRDP/FreeRDP#7509: Various fixes regarding registry
emulation, addin loader and updated locale detection
* Backport #gh:FreeRDP/FreeRDP#7466: Android android_register_pointer
missing initialization
==== gdm ====
Version update (41.0 -> 41.3)
Subpackages: gdm-lang gdm-schema gdmflexiserver libgdm1 typelib-1_0-Gdm-1_0
- Update to version 41.3:
+ Juggle Xorg's -listen/-nolisten command line change better.
+ Fix session type selection.
+ Fix crash.
+ Drop vestigial gdm-pin service.
+ XDMCP fixes.
+ Wayland nvidia udev updates.
+ Updated translations.
- Rebase gdm-disable-wayland-on-mgag200-chipsets.patch.
- Drop gdm-daemon-Infer-session-type-from-desktop-file.patch and
gdm-restart-greeter-session-after-crash.patch: fixed upstream.
==== ghostscript ====
Subpackages: ghostscript-x11
- CVE-2021-45949.patch fixes CVE-2021-45949
heap-based buffer overflow in sampled_data_finish
cf. https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-20…
(bsc#1194304)
- CVE-2021-45944 use-after-free in sampled_data_sample
is already fixed in the Ghostscript 9.54.0 upstream sources
(bsc#1194303)
==== gnome-clocks ====
Subpackages: gnome-clocks-lang gnome-shell-search-provider-gnome-clocks
- Add appstream-glib, desktop-file-utils BuildRequires and check
section and meson_test macro, run tests during build.
- Modernize our Supplements to current standard.
==== gnome-session ====
Version update (40.1.1 -> 41.3)
Subpackages: gnome-session-core gnome-session-default-session gnome-session-lang gnome-session-wayland
- Update to version 41.3:
+ No changes, just version synching.
- Changes from version 40.8:
+ data: Install GNOME on Wayland session for X11 preferred setups
+ Don't spew as much into log when falling back to non-systemd sessions
+ Work better with certain versions of meson
+ Correct screwed up check for gnome-shell
+ Various cleanups and leak fixes
+ Updated translations.
- Rebase gnome-session-better-handle-empty-xdg_session_type.patch.
- Drop gnome-session-exit-when-lost-name-on-bus.patch: no longer
applicable.
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin grub2-x86_64-efi grub2-x86_64-xen
- Power guest secure boot with static keys: GRUB2 signing portion
(jsc#SLE-18271) (bsc#1192764)
* 0001-grub-install-Add-SUSE-signed-image-support-for-power.patch
- Power guest secure boot with static keys: GRUB2 signing portion
(jsc#SLE-18271) (bsc#1192764)
* grub2.spec
- Power guest secure boot with static keys: GRUB2 portion (jsc#SLE-18144)
(bsc#1192686)
* 0001-ieee1275-Drop-HEAP_MAX_ADDR-and-HEAP_MIN_SIZE-consta.patch
* 0002-ieee1275-claim-more-memory.patch
* 0003-ieee1275-request-memory-with-ibm-client-architecture.patch
* 0004-Add-suport-for-signing-grub-with-an-appended-signatu.patch
* 0005-docs-grub-Document-signing-grub-under-UEFI.patch
* 0006-docs-grub-Document-signing-grub-with-an-appended-sig.patch
* 0007-dl-provide-a-fake-grub_dl_set_persistent-for-the-emu.patch
* 0008-pgp-factor-out-rsa_pad.patch
* 0009-crypto-move-storage-for-grub_crypto_pk_-to-crypto.c.patch
* 0010-posix_wrap-tweaks-in-preparation-for-libtasn1.patch
* 0011-libtasn1-import-libtasn1-4.18.0.patch
* 0012-libtasn1-disable-code-not-needed-in-grub.patch
* 0013-libtasn1-changes-for-grub-compatibility.patch
* 0014-libtasn1-compile-into-asn1-module.patch
* 0015-test_asn1-test-module-for-libtasn1.patch
* 0016-grub-install-support-embedding-x509-certificates.patch
* 0017-appended-signatures-import-GNUTLS-s-ASN.1-descriptio.patch
* 0018-appended-signatures-parse-PKCS-7-signedData-and-X.50.patch
* 0019-appended-signatures-support-verifying-appended-signa.patch
* 0020-appended-signatures-verification-tests.patch
* 0021-appended-signatures-documentation.patch
* 0022-ieee1275-enter-lockdown-based-on-ibm-secure-boot.patch
* 0023-x509-allow-Digitial-Signature-plus-other-Key-Usages.patch
- Fix no menuentry is found if hibernation on btrfs RAID1 (bsc#1193090)
* grub2-systemd-sleep-plugin
==== iproute2 ====
Version update (5.15 -> 5.16)
- remove routef from links; it doesn't exist anymore
- update to 5.16:
* devlink: Fix cmd_dev_param_set() to check configuration mode
* ip: add AMT support
* iplink_can: fix configuration ranges in print_usage() and add
unit
* tc: flower: Fix buffer overflow on large labels
* ip/ipnexthop: fix unsigned overflow in parse_nh_group_type_res()
* tc/m_vlan: fix print_vlan() conditional on TCA_VLAN_ACT_PUSH_ETH
* iplink_can: add new CAN FD bittiming parameters:
Transmitter Delay Compensation (TDC)
==== libqt5-qtwebengine ====
Version update (5.15.7 -> 5.15.8)
- Update to version 5.15.8:
* Update Chromium:
[Backport] CVE-2021-3517: libxml2: Heap-based buffer overflow
in xmlEncodeEntitiesInternal() in entities.c
[Backport] CVE-2021-3541 libxml2: Exponential entity expansion
attack bypasses all existing protection mechanisms
[Backport] CVE-2021-37984 : Heap buffer overflow in PDFium
[Backport] CVE-2021-37987 : Use after free in Network APIs
[Backport] CVE-2021-37989 : Inappropriate implementation in Blink
[Backport] CVE-2021-37992 : Out of bounds read in WebAudio
[Backport] CVE-2021-37993 : Use after free in PDF Accessibility
[Backport] CVE-2021-37996 : Insufficient validation of untrusted
input in Downloads
[Backport] CVE-2021-38001 : Type Confusion in V8
[Backport] CVE-2021-38003 : Inappropriate implementation in V8
[Backport] CVE-2021-38005: Use after free in loader (1/3)
[Backport] CVE-2021-38005: Use after free in loader (2/3)
[Backport] CVE-2021-38005: Use after free in loader (3/3)
[Backport] CVE-2021-38007: Type Confusion in V8
[Backport] CVE-2021-38009: Inappropriate implementation in cache
[Backport] CVE-2021-38010: Inappropriate implementation in serviceworkers
[Backport] CVE-2021-38012: Type Confusion in V8
[Backport] CVE-2021-38015: Inappropriate implementation in input
[Backport] CVE-2021-38017: Insufficient policy enforcement in iframe
sandbox
[Backport] CVE-2021-38018: Inappropriate implementation in navigation
[Backport] CVE-2021-38019: Insufficient policy enforcement in CORS
[Backport] CVE-2021-38021: Inappropriate implementation in referrer
[Backport] CVE-2021-38022: Inappropriate implementation in WebAuthentication
[Backport] CVE-2021-4057: Use after free in file API
[Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (1/2)
[Backport] CVE-2021-4058: Heap buffer overflow in ANGLE (2/2)
[Backport] CVE-2021-4059: Insufficient data validation in loader
[Backport] CVE-2021-4062: Heap buffer overflow in BFCache
[Backport] CVE-2021-4078: Type confusion in V8
[Backport] CVE-2021-4079: Out of bounds write in WebRTC
[Backport] CVE-2021-4098: Insufficient data validation in Mojo
[Backport] CVE-2021-4099: Use after free in Swiftshader
[Backport] CVE-2021-4101: Heap buffer overflow in Swiftshader.
[Backport] CVE-2021-4102: Use after free in V8
[Backport] Dependency for CVE-2021-37989
[Backport] Dependency for CVE-2021-38009
[Backport] Security bug 1245870
[Backport] Security bug 1252858
[Backport] Security bug 1259899
Bump V8_PATCH_LEVEL
Compile with GCC 11 -std=c++20
Fix stack overflow on gpu channel recreate with an error
Use wglSetPixelFormat directly only if in software mode
[Backport] Handle long SIGSTKSZ in glibc > 2.33
[Backport] abseil-cpp: Fixes build with latest glibc
* Handle qtpdf compilation with static runtime
* Add bitcode support for qtpdf on ios
* Do not access accessibility from qt post routines
* Blacklist javascriptClipboard test on ubuntu 20.04
* Re-enable network-service-in-process
* Bump version from 5.15.7 to 5.15.8
* Update patch level
* Fix pinch gesture
* Fix leak of properties after XkbRF_GetNamesProp
* Fix leak on getDefaultScreeenId
- Drop patch:
* 0001-Fix-build-with-glibc-2.34.patch
==== libstorage-ng ====
Version update (4.4.72 -> 4.4.73)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- Translated using Weblate (Indonesian) (bsc#1149754)
- 4.4.73
==== linux-glibc-devel ====
Version update (5.15 -> 5.16)
- Update to kernel headers 5.16
==== nautilus ====
Version update (41.1 -> 41.2)
Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension1 nautilus-lang
- Update to version 41.2:
+ Avoid cropping format popover in Compress dialog.
+ Fix "Move to"/"Copy to" from Starred.
+ Fix memory leak on tab switch.
+ Updated translations.
==== nodejs-common ====
- Use NodeJS 17 as default for TW
==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-base patterns-base-basesystem patterns-base-basic_desktop patterns-base-console patterns-base-enhanced_base patterns-base-minimal_base patterns-base-selinux patterns-base-sw_management patterns-base-transactional_base patterns-base-x11 patterns-base-x11_enhanced
- Install PAM manual pages instead of the PDFs
- specfile cleanup
- Don't recommend ntfs-3g by default on TW, the kernel module got
improved
==== perl-HTTP-Message ====
Version update (6.35 -> 6.36)
- updated to 6.36
see /usr/share/doc/packages/perl-HTTP-Message/Changes
6.36 2022-01-05 14:39:42Z
- Fix examples in HTTP::Request::Common synopsis: HTTP::Request::Common
does not put headers in an arrayref, unlike HTTP::Request (GH#170) (Karen
Etheridge)
- Update to contributing information (GH#171) (Håkon Hægland)
==== perl-IO-Socket-SSL ====
Version update (2.073 -> 2.074)
- updated to 2.074
see /usr/share/doc/packages/perl-IO-Socket-SSL/Changes
2.074
- add SSL_ciphersuites option for TLS 1.3 ciphers
- no longer use own default for ciphers, instead use system default but disable
some weak ciphers which might still be enabled on older systems
==== poppler ====
Version update (21.12.0 -> 22.01.0)
Subpackages: libpoppler-cpp0 libpoppler-glib8 poppler-tools
- Update to 22.01.0:
core:
* Allow local (relative to dll) fonts dir on Windows
* TextOutputDev: require more spacing between columns.
Issue #1093
* Fix crash in Splash::gouraudTriangleShadedFill. Issue #1183
* Fix crash when calling Form::reset()
* GfxSeparationColorSpace: Check validity of colorspace and
function. Issue #1184
* Minor code improvements
glib:
* Include glib.h before using defines from it
* Close file descriptors on error
* Plug some memory leaks
* Replace use of deprecated g_memdup/g_time_zone_new
* Remove FD-taking functions on windows
utils:
* pdfsig: Add support for documents with passwords
* pdfsig: Fix signing with -sign if nss password is needed
==== poppler-qt5 ====
Version update (21.12.0 -> 22.01.0)
- Update to 22.01.0:
core:
* Allow local (relative to dll) fonts dir on Windows
* TextOutputDev: require more spacing between columns.
Issue #1093
* Fix crash in Splash::gouraudTriangleShadedFill. Issue #1183
* Fix crash when calling Form::reset()
* GfxSeparationColorSpace: Check validity of colorspace and
function. Issue #1184
* Minor code improvements
glib:
* Include glib.h before using defines from it
* Close file descriptors on error
* Plug some memory leaks
* Replace use of deprecated g_memdup/g_time_zone_new
* Remove FD-taking functions on windows
utils:
* pdfsig: Add support for documents with passwords
* pdfsig: Fix signing with -sign if nss password is needed
==== python-gtk ====
- add python-rpm-macros dependency
==== python-kiwi ====
Version update (9.24.14 -> 9.24.16)
- Bump version: 9.24.15 ? 9.24.16
- Fixed regression in compression detection
The change from 282529de8f612dee32d54ee868c2365dcd829220
Introduced a bad regression. The assumption was made that the
xz tool could be used to detect if a file is compressed or not.
However, this requires the file to be locally present. In the
scope of the method call is_compressed() and within a remote
deployment e.g PXE this is not the case. Therefore the former
way to "detect" the compression according to the .xz postfix
of the source filename was restored. In addition the function
name was changed to is_xz_compressed() because that's what the
method can do and not more. This Fixes #2015
- Added debug option --debug-run-scripts-in-screen
Instead of running scripts in screen if the --debug switch is
set, we allow to explicitly switch on this behavior via
a new option. This Fixes #2010
- Change packages target for bootincludes
Packages marked with bootinclude="true" will be added to the
referenced kiwi boot image description if the initrd_system
is set to "kiwi" instead of "dracut". The package marked was
primarily added to the type="image" section and got only
added to the type="bootstrap" section if no image type section
existed. However, it has turned out that this approach has
the disadvantage that packages which must be installed as
part of the bootstraping (e.g certificates) cannot be handled.
This commit changes the behavior of the bootinclude to include
the package always to the type="bootstrap" section.
- Add GitHub workflow badges
- Fixed Codacy Badge
- Allow firmware="custom" setting
The firmware attribute in kiwi is used to indicate for
which boot firmware the image should be build. Specifying
the target firmware is helpful to create for example the
correct disk layout. If no firmware is specified KIWI
decides for a default according to the image architecture.
This selection is not 100% accurate and as we don't know
the later target system. Especially for embedded devices
the correct disk layout and other settings can be
board specific and KIWI's default settings regarding the
firmware could be invalid. For compatibility reasons we
cannot switch off the default selection case and therefore
a new attribute value "custom" is introduced with this
commit. If set KIWI does not select any firmware and
consequently all settings caused by a firmware setup will
be skipped. On the other hand this means all needed
settings for the target to boot and not done by KIWI
needs to be specified explicitly and as needed.
- Add util-linux dep for -systemdeps-disk-images subpackage
Without this dependency, kiwi fails to work properly in minimal image
build environments, like in a mock chroot where util-linux is not installed.
- index.rst: fix headline
* third try: apply diff by schaefi
- index.rst: fix headline
* removed lonely bracket
* added more lines to fix syntax
- index.rst: Change title (bsc#1189294#c2)
* 'KIWI NG 9: KIWI NG Documentation' -> 'Building Linux System Appliances with KIWI Next Generation (KIWI NG <VERSION>)
* suggested in bsc#1189294#c2 for more clarity
* change has been discussed with and approved by main author (Marcus S.)
- support compressed modules in other formats
when cleaning up the firmware directory for unused files
- Bump version: 9.24.14 ? 9.24.15
- Update documentation
Rework troubleshooting chapter and add an article
about app security subsystems like selinux and their
potential influence on building images. Also update
the quickstart with a reference to the troublshooting
chapter. This Fixes #1891
- Added support for collection modules
In CentOS Stream 8 and Red Hat Enterprise Linux 8, there are
Application Streams that are offered in the form of modules
(using Fedora Modularity technology). To build images that use
this content KIWI needs to support to enable/disable various
modules. This commit allows to configure collection modules
in a new element as shown below
<packages type="bootstrap">
<collectionModule name="module" stream="stream" enable="true|false"/>
</packages>
This Fixes Issue #1999
==== qemu ====
Subpackages: qemu-accel-qtest qemu-accel-tcg-x86 qemu-arm qemu-audio-spice qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-chardev-baum qemu-chardev-spice qemu-guest-agent qemu-hw-display-qxl qemu-hw-display-virtio-gpu qemu-hw-display-virtio-gpu-pci qemu-hw-display-virtio-vga qemu-hw-usb-host qemu-hw-usb-redirect qemu-hw-usb-smartcard qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-ppc qemu-s390x qemu-seabios qemu-sgabios qemu-skiboot qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-opengl qemu-ui-spice-app qemu-ui-spice-core qemu-vgabios qemu-vhost-user-gpu qemu-x86
- It's time to really start requiring -F when using -b in
qemu-img for us as well. Users/customers have been warned
in the relevant release notes (bsc#1190135)
* Patches dropped:
Revert-qemu-img-Improve-error-for-rebase.patch
Revert-qemu-img-Require-F-with-b-backing.patch
==== strace ====
Version update (5.15 -> 5.16)
- Update to strace 5.16
* Improvements
* Implemented --secontext=mismatch option to find mismatches in SELinux
contexts.
* Implemented decoding of futex_waitv syscall introduced in Linux 5.16.
* Implemented decoding of BPF_LINK_GET_NEXT_ID and BPF_LINK_GET_FD_BY_ID bpf
syscall commands.
* Enhanced decoding of BPF_MAP_CREATE, BPF_PROG_TEST_RUN, and BPF_PROG_LOAD
bpf syscall commands.
* Enhanced decoding of BTRFS_IOC_FS_INFO ioctl command.
* Updated lists of AUDIT_*, BPF_*, BTRFS_*, DEVCONF_*, FAN_*, ETH_P_*,
IPV4_DEVCONF_*, KVM_*, NDA_*, SO_*, and V4L2_* constants.
* Updated lists of ioctl commands from Linux 5.16.
==== yast2 ====
Version update (4.4.34 -> 4.4.36)
Subpackages: yast2-logs
- Adapted Report.yesno_popup to Ruby 3 (bsc#1193192)
- 4.4.36
- Simplify slide show to support future parallel installations
(jsc#SLE-20437)
- 4.4.35
==== yast2-installation ====
Version update (4.4.33 -> 4.4.34)
- Show release notes button in progress in Qt interface
(jsc#SLE-20437)
- 4.4.34
==== yast2-packager ====
Version update (4.4.18 -> 4.4.19)
- Simplify slide show to support future parallel installations
(jsc#SLE-20437)
- 4.4.19
==== yast2-schema ====
Version update (4.4.7 -> 4.4.8)
- Added lsm 'none' section to the security schema (jsc#SLE-22069)
- 4.4.8
==== yast2-security ====
Version update (4.4.6 -> 4.4.7)
Related to jsc#SLE-22069:
- Autoyast LSM section: added "none" section in order to mark it
as not selectable during the installation.
- 4.4.7
==== yast2-storage-ng ====
Version update (4.4.31 -> 4.4.32)
- Allow to skip the activation of the rest of LUKS devices
(bsc#1162545).
- Partitioner: always allow to provide password for closed LUKS
devices.
- 4.4.32
1
0
Hi all,
yesterday I submitted cilium-cli to Factory in SR#946406.
cilium-cli is the new way to install and interact with cilium on your kubernetes
clusters.
Worked like a charm on three k3s clusters running on openSUSE MicroOS, but if
you encounter issues please reach out to me (Bugzilla)!
Have a nice weekend!
Johannes
--
Johannes Kastl
Linux Consultant & Trainer
Tel.: +49 (0) 151 2372 5802
Mail: kastl(a)b1-systems.de
B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg
http://www.b1-systems.de
GF: Ralph Dehner
Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
MozillaFirefox (95.0.2 -> 96.0)
fetchmail
gnome-desktop (41.2 -> 41.3)
gnome-shell (41.2 -> 41.3)
hdparm (9.62 -> 9.63)
libpipeline (1.5.3 -> 1.5.5)
mtr (0.94 -> 0.95)
mutter (41.2 -> 41.3)
qpdf
rdma-core (38.0 -> 38.1)
sssd
tcsh (6.23.00 -> 6.23.02)
vim (8.2.3995 -> 8.2.4063)
wayland (1.19.0 -> 1.20.0)
xen
=== Details ===
==== MozillaFirefox ====
Version update (95.0.2 -> 96.0)
Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 96.0
* https://www.mozilla.org/en-US/firefox/96.0/releasenotes
MFSA 2022-01 (bsc#1194547)
* CVE-2022-22746 (bmo#1735071)
Calling into reportValidity could have lead to fullscreen
window spoof
* CVE-2022-22743 (bmo#1739220)
Browser window spoof using fullscreen mode
* CVE-2022-22742 (bmo#1739923)
Out-of-bounds memory access when inserting text in edit mode
* CVE-2022-22741 (bmo#1740389)
Browser window spoof using fullscreen mode
* CVE-2022-22740 (bmo#1742334)
Use-after-free of ChannelEventQueue::mOwner
* CVE-2022-22738 (bmo#1742382)
Heap-buffer-overflow in blendGaussianBlur
* CVE-2022-22737 (bmo#1745874)
Race condition when playing audio files
* CVE-2021-4140 (bmo#1746720)
Iframe sandbox bypass with XSLT
* CVE-2022-22750 (bmo#1566608)
IPC passing of resource handles could have lead to sandbox
bypass
* CVE-2022-22749 (bmo#1705094)
Lack of URL restrictions when scanning QR codes
* CVE-2022-22748 (bmo#1705211)
Spoofed origin on external protocol launch dialog
* CVE-2022-22745 (bmo#1735856)
Leaking cross-origin URLs through securitypolicyviolation
event
* CVE-2022-22744 (bmo#1737252)
The 'Copy as curl' feature in DevTools did not fully escape
website-controlled data, potentially leading to command
injection
* CVE-2022-22747 (bmo#1735028)
Crash when handling empty pkcs7 sequence
* CVE-2022-22736 (bmo#1742692)
Potential local privilege escalation when loading modules
from the install directory.
* CVE-2022-22739 (bmo#1744158)
Missing throttling on external protocol launch dialog
* CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366,
bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869,
bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011)
Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5
* CVE-2022-22752 (bmo#1740534, bmo#1741210, bmo#1742770)
Memory safety bugs fixed in Firefox 96
- removed obsolete patches
* mozilla-bmo1745560.patch
* mozilla-bmo1744896.patch
* mozilla-sandbox-fips.patch
- requires
NSPR >= 4.33
NSS >= 3.73.1
==== fetchmail ====
Subpackages: fetchmailconf
- fix [bsc#1194203]:
* Always create fetchmail group, even if the user is already
present, as a leftover from Leap 15.2 upgrade. This may happen
also if user is messing with groups/users directly or upgrading
from even an older fetchmail versions.
==== gnome-desktop ====
Version update (41.2 -> 41.3)
Subpackages: gnome-desktop-lang gnome-version libgnome-desktop-3-19 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0
- Update to version 41.3:
+ No changes, version bump only.
==== gnome-shell ====
Version update (41.2 -> 41.3)
Subpackages: gnome-extensions gnome-shell-calendar gnome-shell-lang
- Update to version 41.3:
+ Improve window tracking
+ Simplify scroll fade shader to work with old hardware
+ Tweak (un)minimize animations
+ Don't wake up screen in DND mode
+ Fix immediately withdrawn notifications getting stuck
+ Honor XDG SingleMainWindow key in .desktop files
+ Fixed crashes
+ Misc. bug fixes and cleanups
+ Updated translations.
- Modernize our Supplements in gnome-shell-calendar sub-package.
==== hdparm ====
Version update (9.62 -> 9.63)
- Update to 9.63:
* new --sanitize-overwrite-passes flag, courtesy Michal Grzedzicki.
* "Plurals patch" from Martin Guy.
==== libpipeline ====
Version update (1.5.3 -> 1.5.5)
- Update to 1.5.5:
* Move release process to GitLab CI.
- Back to download from savannah.nongnu.org for a fully bootstrapped
tar ball without the need of autoconfig and gl
Compare https://gitlab.com/cjwatson/libpipeline/-/releases
and https://gitlab.com/cjwatson/libpipeline/-/packages/4425007
- Use autoconf
- update to 1.5.4:
* Building libpipeline now requires Autoconf >= 2.64.
* Developmed moved to Gitlab
==== mtr ====
Version update (0.94 -> 0.95)
- update to 0.95:
* loads of fixes,
see https://raw.githubusercontent.com/traviscross/mtr/v0.95/NEWS
- mtr-0.75-manmtr.patch, mtr-0.87-manxmtr.patch: refreshed to apply
again
==== mutter ====
Version update (41.2 -> 41.3)
Subpackages: mutter-lang
- Update to version 41.3:
+ Check keyboard serials for activation
+ Fix mixed up refresh rates in multi-monitor setups
+ Allow disabling HW cursors
+ Improve damage handling
+ Consider xrandr flags for advertised modes
+ Ensure constraints after client resize
+ window-group: Disable culling when rendinging clone to
offscreen buffer
+ Fix workspace switch animation in default plugin
+ Fix unfullscreening of window that were mapped fullscreen
+ Fix DMA-BUF screencasts with unredirected fullscreen windows
+ Fix orientation changes on devices with 90°
+ Fixed crashes
+ Plugged leaks
+ Misc. bug fixes and cleanups.
- Drop patches fixed upstream:
+ mutter-allow-disable-hardware-cursors.patch
+ mutter-initialize-saved_rect_fullscreen.patch
- Renumber patches yet again.
==== qpdf ====
- add fix-signedness-warning.patch (build for aarch64)
==== rdma-core ====
Version update (38.0 -> 38.1)
Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1 rdma-ndd
- Update to v38.1
- Major fixes for hns provider
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-32bit sssd-krb5-common sssd-ldap
- Remove libsmbclient-devel BuildRequires in favor of
pkgconfig(smbclient)
==== tcsh ====
Version update (6.23.00 -> 6.23.02)
Subpackages: tcsh-lang
- Update to tcsh 6.23.02
9. Make the \U escape up to 8 hex digits.
8. V6.23.01 - 20211209
7. add \cc and \Uhhh, and document escape sequences
6. add $'string with escapes' ("dollar-single-quotes") (Kimmo Suominen)
5. don't glob the filetest builtin arguments twice
4. remove the duplicate echo escape parsing code and use parseescape
3. add \x{hh} \xhh \uhhh (H.Merijn Brand)
2. fix and document ln=target
1. Merge in patches from pkgsrc:
- Modernize the installation targets so that they use INSTALL_DATA,
INSTALL_PROGRAM, and MKDIR_P.
- Enable SYSMALLOC and SHORT_STRINGS on NetBSD.
- Enable NO_FIX_MALLOC and SHORT_STRINGS on OpenBSD.
- Port patches
* tcsh-6.17.06-dspmbyte.dif
* tcsh-6.18.03-catalogs.dif
* tcsh-6.21.00.dif
==== vim ====
Version update (8.2.3995 -> 8.2.4063)
Subpackages: gvim vim-data vim-data-common
- Updated to version 8.2.4063, fixes the following problems
- fixes boo#1194559 CVE-2022-0156
* Not all sshconfig files are detected as such.
* Vim9: type checking for list and dict lacks information about declared
type.
* Vim9: not enough testing for extend() and map().
* Asan error for adding zero to NULL.
* Redundant check for NUL byte.
* Coverity warns for checking for NULL pointer after using it.
* Insert complete code uses global variables.
* First char typed in Select mode can be wrong.
* Error messages are spread out.
* Old compiler complains about struct init with variable.
* Error messages are spread out.
* Vim9: crash when declaring variable on the command line.
* Session does not restore help buffer properly when "options' is missing
from 'sessionoptions'.
* Error messages are spread out.
* Reading one byte beyond the end of the line.
* Error messages are spread out.
* Test fails because of changed error number.
* Error messages are spread out.
* Build failure without the spell feature.
* Git and gitcommit file types not properly recognized.
* Build failure with tiny features. (Tony Mechelynck)
* Vim9: incorrect error for argument that is shadowing var.
* Gcc warns for misleading indent in Athena menu code.
* ml_get error when win_execute redraws with Visual selection.
* Vim9: import mechanism is too complicated.
* Debugger test fails.
* Missing part of the :import changes.
* Two error messages in the wrong file.
* Using uninitialized variable.
* Confusing error message if imported name is used directly.
* Error for import not ending in .vim does not work for .vimrc.
* ml_get error with specific win_execute() command. (Sean Dewar)
* ml_get error with :doautoall and Visual area. (Sean Dewar)
* Debugging NFA regexp my crash, cached indent may be wrong.
* A script local funcref is not found from a mapping.
* Crash in xterm with only two lines. (Dominique Pellé)
* ATTRIBUTE_NORETURN is not needed.
* Running filetype tests leaves directory behind.
* Coverity warns for possibly using a NULL pointer.
* Timer triggered at the debug prompt may cause trouble.
* Vim9: script test file is getting too long.
* Insert mode completion is insufficiently tested.
* Various code not used when features are disabled.
* The xdiff library is linked in even when not used.
* Keeping track of allocated lines in user functions is too complicated.
* Using unitialized pointer.
* Vim9: build error.
* Using int for second argument of ga_init2().
* Vim9: no error when importing the same script twice.
* Some global functions are only used in one file.
* Some error messages not in the right place.
* Depending on the build features error messages are unused.
* gcc complains about use of "%p" in printf.
* Vim9: reading before the start of the line with "$" by itself.
* Vim9: need to prefix every item in an autoload script.
* Compiler complains about possibly uninitialized variable.
* Not easy to resize a window from a plugin.
* Vim9: autoload mechanism doesn't fully work yet.
* Vim9 script test fails.
* Vim9: line break in expression causes v:errmsg to be filled. (Yegappan
Lakshmanan)
* Vim9: memory leak when exporting function in autoload script.
* Vim9: not fully implementing the autoload mechanism.
* Vim9: import test failure in wrong line.
* Vim9: an expression of a map cannot access script-local items. (Maxim Kim)
* win_execute() is slow on systems where getcwd() or chdir() is slow. (Rick
Howe)
* Codecov bash script is deprecated.
* Match highlighting of tab too short.
* Vim9: exported function in autoload script not found. (Yegappan Lakshmanan)
==== wayland ====
Version update (1.19.0 -> 1.20.0)
Subpackages: libwayland-client0 libwayland-cursor0 libwayland-egl1 libwayland-server0
- Add wayland-shm-Close-file-descriptors-not-needed.patch: For
platforms that support mremap(), we don't need to hold file
descriptors all the time, because programs like Xwayland will
hold a lot of file descriptors and may crash, this patch close
file descriptors earlier for those platforms (bsc#1194190).
- obsolete/provide libwayland-egl-devel 18.0.2 also on sle15-sp4
- Update to release 1.20
* A few protocol additions: wl_surface.offset allows clients to
update a surface's buffer offset independently from the
buffer, wl_output.name and description allow clients to
identify outputs without depending on xdg-output-unstable-v1.
* In protocol definitions, events have a new "type" attribute
and can now be marked as destructors.
* A number of bug fixes, including a race condition when
destroying proxies in multi-threaded clients.
==== xen ====
Subpackages: xen-libs xen-tools xen-tools-domU
- bsc#1193307 - pci backend does not exist when attach a vf to a pv
guest
libxl-Fix-PV-hotplug-and-stubdom-coldplug.patch
Drop libxl-PCI-defer-backend-wait.patch
4
6
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
389-ds (2.0.10~git0.21dd2802c -> 2.0.11~git13.e14935725)
pam_krb5
pam_mount
python-aiosmtpd
python-atpublic
rubygem-ruby-libvirt
sqlite3 (3.36.0 -> 3.37.1)
=== Details ===
==== 389-ds ====
Version update (2.0.10~git0.21dd2802c -> 2.0.11~git13.e14935725)
Subpackages: lib389 libsvrcore0
- Add missing support utils plugin
- Update to version 2.0.11~git13.e14935725:
* Issue 5080 - BUG - multiple index types not handled in openldap migration (#5094)
* Issue 5079 - BUG - multiple ways to specific primary (#5087)
* Issue 4992 - BUG - slapd.socket container fix (#4993)
* Issue 5037 - in OpenQA changelog trimming can crashes (#5070)
* Issue 4299 - UI LDAP editor - add "edit" and "rename" functionality
* Issue 4962 - Fix various UI bugs - Database and Backups (#5044)
* Issue 5046 - BUG - update concread (#5047)
* Issue 5043 - BUG - Result must be used compiler warning (#5045)
* Issue 4165 - Don't apply RootDN access control restrictions to UNIX connections
* Issue 4931 - RFE: dsidm - add creation of service accounts
* Issue 5024 - BUG - windows ro replica sigsegv (#5027)
* Issue 5020 - BUG - improve clarity of posix win sync logging (#5021)
* Issue 5008 - If a non critical plugin can not be loaded/initialized, bootstrap should succeeds (#5009)
- Resolve boo#1194068 by adding required schema
- Update to version 2.0.11~git0.237913e86:
* Bump version to 2.0.11
* Issue 4962 - Fix various UI bugs - Settings and Monitor (#5016)
* Issue 5014 - UI - Add group creation to LDAP editor
* Issue 5006 - UI - LDAP editor tree not being properly updated
* Issue 5001 - Update CI test for new availableSASLMechs attribute
* Issue 4959 - Invalid /etc/hosts setup can cause isLocalHost to fail.
* Issue 5001 - Fix next round of UI bugs:
* Issue 4962 - Fix various UI bugs - dsctl and ciphers (#5000)
* Issue 4978 - use more portable python command for checking containers
* Issue 4678 - RFE automatique disable of virtual attribute checking (#4918)
* Issue 4972 - gecos with IA5 introduces a compatibility issue with previous (#4981)
* Issue 4978 - make installer robust
* Issue 4976 - Failure in suites/import/import_test.py::test_fast_slow_import
* Issue 4973 - update snmp to use /run/dirsrv for PID file
* Issue 4962 - Fix various UI bugs - Plugins (#4969)
* Issue 4973 - installer changes permissions on /run
* Issue 4092 - systemd-tmpfiles warnings
* Issue 4956 - Automember allows invalid regex, and does not log proper error
* Issue 4731 - Promoting/demoting a replica can crash the server
* Issue 4962 - Fix various UI bugs part 1
* Issue 3584 - Fix PBKDF2_SHA256 hashing in FIPS mode (#4949)
* Issue 4943 - Fix csn generator to limit time skew drift (#4946)
* Issue 2790 - Set db home directory by default
* Bump github contianer shm size to 4 gigs
* Issue 4299 - Merge LDAP editor code into Cockpit UI
* Issue 4938 - max_failure_count can be reached in dscontainer on slow machine with missing debug exception trace
* Issue 4921 - logconv.pl -j: Use of uninitialized value (#4922)
* Issue 4847 - BUG - potential deadlock in replica (#4936)
* Issue 4513 - fix ACI CI tests involving ip/hostname rules
* Issue 4925 - Performance ACI: targetfilter evaluation result can be reused (#4926)
* Issue 4916 - Memory leak in ldap-agent
==== pam_krb5 ====
- Use the %_pam_moduledir macro in pam_userpass.spec in order to
have the package follow UsrMerge.
[bsc#1190951, pam_krb5.spec]
==== pam_mount ====
Subpackages: libcryptmount0 libcryptmount0-32bit pam_mount-32bit
- Use the %_pam_moduledir macro in pam_mount.spec in order to
have the package follow UsrMerge.
[bsc#1190954, pam_mount.spec]
==== python-aiosmtpd ====
- Remove hardcoded conditional on python36 flavor which got removed
in Tumbleweed
==== python-atpublic ====
- Fix sybil usage in conftest based on sybil version.
* https://gitlab.com/warsaw/public/-/merge_requests/16
==== rubygem-ruby-libvirt ====
- Drop BuildRequires: libvirt, not necessary and very expensive
==== sqlite3 ====
Version update (3.36.0 -> 3.37.1)
- update to 3.37.1:
* Fix a bug introduced by the UPSERT enhancements of version
3.35.0 that can cause incorrect byte-code to be generated for
some obscure but valid SQL, possibly resulting in a NULL-
pointer dereference.
* Fix an OOB read that can occur in FTS5 when reading corrupt
database files.
* Improved robustness of the --safe option in the CLI.
* Other minor fixes to assert() statements and test cases.
- SQLite3 3.37.0:
* STRICT tables provide a prescriptive style of data type
management, for developers who prefer that kind of thing.
* When adding columns that contain a CHECK constraint or a
generated column containing a NOT NULL constraint, the
ALTER TABLE ADD COLUMN now checks new constraints against
preexisting rows in the database and will only proceed if no
constraints are violated.
* Added the PRAGMA table_list statement.
* Add the .connection command, allowing the CLI to keep multiple
database connections open at the same time.
* Add the --safe command-line option that disables dot-commands
and SQL statements that might cause side-effects that extend
beyond the single database file named on the command-line.
* CLI: Performance improvements when reading SQL statements that
span many lines.
* Added the sqlite3_autovacuum_pages() interface.
* The sqlite3_deserialize() does not and has never worked
for the TEMP database. That limitation is now noted in the
documentation.
* The query planner now omits ORDER BY clauses on subqueries and
views if removing those clauses does not change the semantics
of the query.
* The generate_series table-valued function extension is modified
so that the first parameter ("START") is now required. This is
done as a way to demonstrate how to write table-valued
functions with required parameters. The legacy behavior is
available using the -DZERO_ARGUMENT_GENERATE_SERIES
compile-time option.
* Added new sqlite3_changes64() and sqlite3_total_changes64()
interfaces.
* Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2().
* Use less memory to hold the database schema.
1
0