All meeting minutes can be found here:
https://etherpad.opensuse.org/p/ReleaseEngineering-meeting
Meeting is hosted here
https://meet.opensuse.org/ReleaseEngineeringMeeting
## Attendees
ddemaio, dleuenberger,guillaumeg, rbrown, meissner, mlin, DocB, dirk
## Leap
* No new Leap build this week, packages are still rebuilding after
updated pool-leap-15.4
Lubos will be on vacation 15th - 26th Jan
## openSUSE Tumbleweed
* Kernel 5.16.0 is in Tumbleweed, 5.16.1 scheduled for checkin
* Python 3.6 being EOL, removal of python36-FOO modules ongoing. Last
week: 226 left, now 142
* Ruby 3.1, incl. switch of default ruby, is in Staging:L - apparmor
missing, no visible progress
* GCC 12 pre-integration tests started (Staging:Gcc7); Scheduled for
actual merge in April/May
## Richard (Kubic/TW MicroOS)
Verifying that fixes to
https://bugzilla.opensuse.org/show_bug.cgi?id=1159205 works
Verifying that SELinux+colord policy fixes work also
Experimented with kiwi-less, container-first VM image building. Have a
working prototype that works entirely in OBS, builds a container using a
Dockerfile, takes that container then converts it to a working,
bootable, openSUSE VM.
Investigating adding nerdctl support to Toolbox
Investigating buildkit and its limits as a container builder
working on a tool to convert existing Tumbleweed (and maybe also Leap)
systems to MicroOS and/or MicroOS Desktop
## Max
* https://code.opensuse.org/leap/features/issue/15 is WIP still:
skippkg-finder is almost ready, we can start monitoring the result and
tweaking NON_FTP_PACKAGES for the affected packages
* Fish - movement from SLE to Leap,
https://code.opensuse.org/leap/features/issue/56 - SLE will drop fish
from any shipping extensions, we can update fish to version 3.x to
Backports without keep fish and fish3 both exist
## Guillaume - Arm
Tumbleweed:
* Rolling
* Upcoming GCC12 tested for aarch64:
https://build.opensuse.org/project/show/home:dirkmueller:branches:openSUSE:…
Leap 15.4:
* opencl-headers package is outdated in Leap 15.4 / SLE15-SP4:
https://bugzilla.opensuse.org/show_bug.cgi?id=1193617 This prevent armnn
to build with opencl support enabled. => SR
https://build.opensuse.org/request/show/944701 has been mirrored and
should reach OBS in 2-3 weeks.
* aarch64:
* kernel issue (rebuild not finished yet?). See
openSUSE:Leap:15.4/pcfclock (and others) unresolvables.
* armv7:
* armv7 images are not tested in openQA yet, because JeOS-efi
image does not build properly due to an armv7 kernel bug with btrfs and
lzo compression: https://bugzilla.opensuse.org/show_bug.cgi?id=1193852
## Sarah - s390x
Not available
## Doug
* Annual survey is live until Feb. 27 - https://survey.opensuse.org
* * Almost 700 responses
* openSUSE Conference
* * Still waiting on contract to be signed
* * CfP is open until April 14 -
https://news.opensuse.org/2022/01/18/cfp-opens-for-osc22/
* * First planning meetings https://etherpad.opensuse.org/p/osc220118
* openSUSE Summit at OSCAL
* * Will start CfP in February
* * June 18 & 19
* * Recorded talks with live Q&A avaialble
* Google Summer of Code
* * No replies as of yet. email ddemaio ASAP if interested
* * Application period from Feb. 7 to 21 (deadline)
* Survey on safety results published -
https://en.opensuse.org/Safety-surveys/2021
## Dirk
No update
## Gerald / Board
No update.
## Wolfgang (Package Hub), Scott Bahling
Not available
## Maintenance team (Marina or Marcus, Maurizio (m4u))
- Marina: working on opencl-headers (SLE side of bsc#1193617)
- Marcus: 15.2 EOL notice posted, bots and channels disabled
- Marcus: 15.3 is operating GREEN
- Marcus: 15.4 is set up channel wise, some updates will go in testing
occasionaly, if you need more ping me, no openqa setup yet
## Adrian - openSUSE Step
No update
Hi all,
During 2021, the YaST team was playing with the idea of building a web-
based installer using our libraries. Finally, we have decided to define
the project and try to invest some CPU cycles on it. 🙂
Please, read the announcement in our blog and do not hesitate to share
your point of view with us.
https://yast.opensuse.org/blog/2022-01-18/announcing-the-d-installer-project
Regards,
Imo
--
Imobach González Sosa
YaST Team at SUSE LLC
https://imobachgs.github.io/
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
expect
gstreamer-plugins-rs (0.7.2 -> 0.8.0)
libstorage-ng (4.4.73 -> 4.4.75)
perl-Net-SSLeay
python-FontTools (4.28.3 -> 4.28.5)
python-authheaders (0.13.0 -> 0.14.1)
python-certifi (2021.5.30 -> 2021.10.8)
python-fastparquet
python-fs (2.4.13 -> 2.4.14)
python-unicodedata2 (13.0.0 -> 14.0.0)
thrift (0.14.1 -> 0.15.0)
xf86-input-wacom
=== Details ===
==== expect ====
- Fix home page URL https://core.tcl-lang.org/expect/
==== gstreamer-plugins-rs ====
Version update (0.7.2 -> 0.8.0)
- Update to version 0.8.0:
* No changelog provided by upstream
==== libstorage-ng ====
Version update (4.4.73 -> 4.4.75)
Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1
- merge gh#openSUSE/libstorage-ng#856
- added python-rpm-macros to build requires (bsc#1194759)
- 4.4.75
- Translated using Weblate (Italian) (bsc#1149754)
- 4.4.74
==== perl-Net-SSLeay ====
- Fix cpanspec.yml
==== python-FontTools ====
Version update (4.28.3 -> 4.28.5)
- update to 4.28.5:
* make sure all occurrences of str() are now replaced with user-defined ntos
* refactored code into submodules, plus several bugfixes and improvements
* Merge GDEF marksets in Lookups properly
* Have fontTools feaLib script exit with error code when build fails
* Added ntos option to customize number formatting
* Speed up subsetting of large CFF fonts
* Speculatively promote lookups to extension to speed up compilation
==== python-authheaders ====
Version update (0.13.0 -> 0.14.1)
- update to 0.14.1:
- Bump version to fix pypi artifacts, no code changes
- Use email.utils to parse the From header addresses (Thanks to Adam Clark
for noting this issue and providing the fix) Fixes Github #5
- Correct minimum authres version requirment in setup.py
- Catch more errors. Add DKIM temperror. (Thanks to 'niftylettuce') Fixes
Github #18
- Skip DMARC records with no 'p' tag and don't raise an error (also thanks
to 'niftylettuce') Fixes Github #14
- Fix issues with upper case characters in domain (Thanks to Mark Sapiro for
root causing the issue and providing a fix for the domain name regex)
Fixes Github #13
- Include ARC result comment is A-R header field when ARC fails. Fixes
Github #12
- Handle the case where no valid From is found. Fixes Github #15
==== python-certifi ====
Version update (2021.5.30 -> 2021.10.8)
- update to 2021.10.8:
added certs:
* CN=TunTrust Root CA O=Agence Nationale de Certification Electronique
* CN=HARICA TLS ECC Root CA 2021 O=Hellenic Academic and Research Institutions CA
==== python-fastparquet ====
- Clean specfile from unused python36 conditionals
- Require thrift 0.15.0 (+patch) for Python 3.10 compatibility
* gh#dask/fastparquet#514
==== python-fs ====
Version update (2.4.13 -> 2.4.14)
- update to 2.4.14:
* Added `fs.copy.copy_file_if`, `fs.copy.copy_dir_if`, and `fs.copy.copy_fs_if`.
* Added `fs.base.FS.getmodified`.
* FTP servers that do not support the MLST command now try to use the MDTM
command to retrieve the last modification timestamp of a resource.
* Fixed performance bugs in `fs.copy.copy_dir_if_newer`. Test cases were
adapted to catch those bugs in the future.
* Fixed precision bug for timestamps in `fs.OSFS.setinfo`.
==== python-unicodedata2 ====
Version update (13.0.0 -> 14.0.0)
- Update to 14.0.0
* Dropped support for EOL Python 2.7 and 3.5 (#47, #48)
* Added support for Python 3.9 and 3.10, and PyPy3
* Updated to Unicode 14.0 (#50)
==== thrift ====
Version update (0.14.1 -> 0.15.0)
- Update to 0.15.0
* Known Open Issues (Blocker or Critical)
- [THRIFT-3877] - C++: library don't work with HTTP (csharp
server, cpp client; need cross test enhancement)
* Removed Languages
- [THRIFT-5229] - ActionScript 3 support dropped
- [THRIFT-5347] - Haskell support dropped
* Breaking Changes
- [THRIFT-5381] - possible collisions at VOID type with some
3rd-party libraries on Haxe cpp targets
- [THRIFT-5396] - deprecate netstd "Async" method postfix
- [THRIFT-5453] - go: NewTSocketConf and NewTSSLSocketConf no
longer return an error
* AS3
- [THRIFT-5229] - Deprecate/remove ActionScript 3 support
* Build Process
- [THRIFT-5334] - version of thrift-maven-plugin is not sync
with the main project
- [THRIFT-5394] - AppVeyor CI tries to download outdated cmake
- [THRIFT-5429] - build: autotools: add foreign to
AM_INIT_AUTOMAKE
* C glib
- [THRIFT-5244] - Dynamic exception specifications are
deprecated in C++11[-Wdeprecated]
- [THRIFT-5265] - Add the zlib transport to c_glib
- [THRIFT-5399] - Fix socket leak in abnormal situation
- [THRIFT-5421] - Fix the problem of incorrect setting of errno
in some files
* C++
- [THRIFT-5341] - Fix Old-Style-Cast, Missing override and
Possible noexcept
- [THRIFT-5342] - Apply 'noexcept' attribute to Init/Copy/Move
Constructors and Assignments
- [THRIFT-5355] - Do not rely on compiler and check boundaries
* D language
- [THRIFT-4303] - D deprecation warnings
- [THRIFT-4979] - Still D deprecation warnings about
std.datetime.* in current master
- [THRIFT-5376] - Fix deprecation warnings in D library
* Dart
- [THRIFT-5285] - Update to dart 2, widen range on http package
* Delphi
- [THRIFT-5350] - 0.14.0 fails to build on non-x86
- [THRIFT-5438] - Inconsistent handling of exceptions during
message read vs. message write phase
- [THRIFT-5384] - Improved error message for HTTP transports
- [THRIFT-5385] - XML-HTTP client reports IsOpen=TRUE even if
it is not
- [THRIFT-5386] - XML-HTTP client may throw "max message size
reached" incorrectly
- [THRIFT-5387] - Improved and simplified Delphi test setup
- [THRIFT-5390] - Named Pipes transport hardening
- [THRIFT-5428] - Prevent costly reallocations to improve
performance
- [THRIFT-5437] - Make TProtocolImpl CTOR virtual
* Documentation
- [THRIFT-5332] - Question: list all the reserved words in
thrift doc
- [THRIFT-5348] - Update debian/copyright
* Erlang
- [THRIFT-5377] - Remove Erlang R16 support
* Go
- [THRIFT-5337] - Go set fields write improvement
- [THRIFT-5353] - Namespace from type is ignored in generated
code
- [THRIFT-5358] - Add go.mod file(s)
- [THRIFT-5369] - Malformed payload can still cause huge
allocations
- [THRIFT-5389] - Thrift compiler generates uncompilable go
code around optional constants
- [THRIFT-5404] - TTransportException.Timeout would correctly
return true when it's connect timeout during TSocket.Open
call
- [THRIFT-5447] - Update supported Go versions before 0.15.0
release
- [THRIFT-5453] - go: NewTSocketConf should not call
net.ResolveTCPAddr
- [THRIFT-5459] - Adding a new exception to an endpoint is
kinda breaking in go
* Haskell
- [THRIFT-5347] - Deprecate Haskell bindings
* Haxe
- [THRIFT-5370] - Haxe 4 compatibility
- [THRIFT-5381] - possible collisions at VOID type with some
3rd-party libraries on Haxe cpp targets
- [THRIFT-5393] - Incorrect namespaces for included types
- [THRIFT-3036] - create official haxelib Thrift package
- [THRIFT-5413] - Int vs String in method get_size required by
property size
* Java
- [THRIFT-5375] - Put org.apache.tomcat.embed:tomcat-embed-core
into scope test
- [THRIFT-5383] - TJSONProtocol Java readString throws on
bounds check
- [THRIFT-5400] - Java library does not export the .annotation
package
- [THRIFT-5425] - Throw an exception when reading TSimpleJson
in Java
- [THRIFT-5430] - FieldMetaData synchronized method can trigger
deadlock during static class initialization in JVM native
code
- [THRIFT-5432] - TSaslTransport throw TTransportException of
MaxMessageSize reached
- [THRIFT-5433] - Add Counter To Thread Name of
TThreadPoolServer
* JavaScript
- [THRIFT-3508] - JS:TS Generator set all fields of the struct
as required
* Lua
- [THRIFT-5417] - Fix Lua compiler omitting default values in
Lua service functions
- [THRIFT-5439] - Lua Generator does not support const i64
* netstd
- [THRIFT-5354] - disable IDE0083 warning
- [THRIFT-5382] - Netstd default list/set enums values are
generated incorrectly in some cases
- [THRIFT-5395] - inconsistent treatment of methods ending in
"Async"
- [THRIFT-5396] - deprecate "Async" method postfix
- [THRIFT-5408] - Support for deprecated methods (via
annotation)
- [THRIFT-5414] - Use of specific parameter names generates
uncompileable code
- [THRIFT-5442] - Separate client service calls into send/recv
methods and make them public
- [THRIFT-5444] - Netstd generator produces uncompileable code
for enums ending with "_result" or "_args"
- [THRIFT-5445] - "cancellationToken" cannot be used as
argument name
- [THRIFT-5236] - THttpTransport.cs still has bad timeout code
- [THRIFT-5349] - Add net5.0 as supported platform
- [THRIFT-5373] - HTTP status in case of Protocol/Transport
exceptions
- [THRIFT-5391] - Named pipes transport hardening
- [THRIFT-5398] - ThreadPoolServer not stoppable via
CancellationToken
- [THRIFT-5407] - Keep support for .NET Core 3.1
- [THRIFT-5419] - Incorrect usage of thread pool in
TThreadPoolAsyncServer may lead to poor performance
- [THRIFT-5422] - add threadpool server to netstd test suite
impl
- [THRIFT-5431] - Response should include 'content-type' header
- [THRIFT-5436] - Timeout.Infinite is not a good default
* PHP
- [THRIFT-5318] - PHP 8 compatible version of binary protocol
- [THRIFT-5440] - Add php8 to composer.json
* Python
- [THRIFT-5352] - Python: IDL exceptions with no fields can't
be instantiated
* Ruby
- [THRIFT-5312] - The Ruby compilation configuration in the
.gemspec file is modified to be compatible with later bundler
versions.
- [THRIFT-5367] - Ruby library crashes when using GC.compact
* Rust
- [THRIFT-4098] - Support user-defined output namespaces in
generated Rust modules
- [THRIFT-4101] - Make auto-generated Rust enums and unions
more user-extensible
- [THRIFT-5314] - Enum forward compatibility
- [THRIFT-5363] - All-caps constant rendered incorrectly
- Add thrift-pr2487-py310.patch for Python 3.10 compatibility
* gh#apache/thrift#2487
* https://issues.apache.org/jira/browse/THRIFT-5488
* required by python-fastparquet
==== xf86-input-wacom ====
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
* harden_wacom-inputattach@.service.patch
Dear openSUSE community,
I already mentionned this problem two months ago:
lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/PXBOKSJW…
Unfortunatelly I still can't manage to trust a self-signed certificate
using the update-ca-certificates command.
The context is GNU Health & Apache installed using Ansible. Any
feedback/help would be much appreciated!
Here is how to reproduce:
Install Ansible
pip3 install ansible-core
export PATH=$PATH:/home/username/.local/bin
Clone Repo (remove spaces between https, link was considered phishing)
git clone h t t p
s://gitlab.com/geraldwiese/gnuhealth-automatic-deployment.git
cd gnuhealth-automatic-deployment/
Execute Playbooks (first might take 10minutes)
ansible-playbook gnuhealth.yml -c local -e my_user=`whoami` -K
ansible-playbook desktop.yml -c local -e my_user=`whoami` -K
Run GNU Health Client & try to connect (leave connection informations
unchanged)
gnuhealth-client → Error 404
Trust cert properly and try HTTPS
sudo cp fetch/gnuhealth-selfsigned.crt /etc/pki/trust/anchors/
sudo update-ca-certificates -v
→ Nothing updated, still facing error
sudo mv /etc/pki/trust/anchors/gnuhealth-selfsigned.crt
/etc/pki/trust/anchors/gnuhealth-selfsigned.pem
sudo update-ca-certificates -v
→ Nothing updated, still facing error
Trust cert the ugly way, remove config (seems necessary at least
partial, don’t know why)
cat fetch/gnuhealth-selfsigned.crt | sudo tee -a
/var/lib/ca-certificates/ca-bundle.pem
rm -r ~/.config/gnuhealth/
gnuhealth-client
Enter connection informations:
Host: localhost:443
Database: health
User name: admin
→ connection should work
I also tried removing the config directory after running
update-ca-certificates but this doesn’t work either.
And I know I could connect directly to GNU Health locally without
HTTPS/Apache but I want to test it in order to add the option to trust
selfsigned certificates to the Ansible playbooks for the case of having
client & server on different systems.
Am I missing something or is this actually a bug?
Best
Gerald
Hi,
tl/dr: my new tool could help you find faster openSUSE mirrors -
especially if you are far away from Nuremberg.
https://github.com/bmwiedemann/bench-http
usage: see README.md
The findbestmirror.pl script will add the best mirror to repos that only
use download.o.o , if it has write permissions to /etc/zypp/repos.d/
It is a good idea to keep a backup of that dir, in case you want to
revert the changes.
limitations:
1) a few (5) mirrors do redirects and those are not considered when
looking for the best mirror.
2) It does not change repos under /repositories (devel+home), because
those are only mirrored in few places and usually only contain few
files, so performance impact should not be so large.
3) Can worsen things if the machine travels between very different
networks (especially across continents).
possible improvements:
we could skip measuring download speed for mirrors that show too high
RTT (e.g. above 500ms) - that would speed up scanning a lot and probably
still produce the same list of best mirrors.
Measured from a Provo (Utah, USA) VM with 8 enabled repos.
Original repos:
zypper clean --all ; time zypper ref --force
real 0m58.552s
zypper clean ; time zypper -n in -d -f kernel-default
real 0m11.405s
After modification by
./findbestmirror.pl < out
# to add http://provo-mirror.opensuse.org/ repos
zypper clean --all ; time zypper ref --force
real 0m40.893s
zypper clean ; time zypper -n in -d -f kernel-default
real 0m6.542s
If you try this, please let me know about how it went.
On a related note: there is ongoing work hinted at in
https://news.opensuse.org/2021/12/23/download-redirector-state/
to improve zypper to contact local mirrorcache servers directly to skip
all round-trips to download.o.o in Nuremberg.
Yet, with my mirror-optimizer it could still be faster.
Ciao
Bernhard M.
Hello,
I'd like to notify you about the following GitHub pull request which
will change the documented behavior of script_run() within the
os-autoinst-distri-opensuse testsuite:
https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/14027
The PR will stay open for 3 weeks, until February 7th, 2022 so that
everybody can update their code.
The API change is that script_run() will no longer return undef by
default when the shell command times out. Instead, script_run() will
raise error and the test module will fail. If your test code
intentionally accepts command timeout as one of the expected valid
results, you can preserve the old behavior by adding a new argument to
the call:
script_run(..., die_on_timeout => 0);
If your code is well-behaved and only treats command timeouts in
script_run() as errors, then the only action you need to take is to
celebrate another small improvement in OpenQA.
--
Martin Doucha mdoucha(a)suse.cz
QA Engineer for Software Maintenance
SUSE LINUX, s.r.o.
CORSO IIa
Krizikova 148/34
186 00 Prague 8
Czech Republic
What's the secret to seeing only one MOTD when logging in? I have /etc/motd that
says what I want said. /etc/motd.d/ is empty. How do I stop it from being followed
on the following line by the "Have a lot of fun..." openSUSE default? man motd
seems to say if /etc/motd exists, no other should be used, but it's unclear to me.
It seems to me if /etc/motd exists that /usr/lib/motd.d/* should be ignored. Is
this a bug
--
Evolution as taught in public schools is, like religion,
based on faith, not based on science.
Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!
Felix Miata
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio…
Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
clamav (0.103.4 -> 0.103.5)
gupnp (1.4.2 -> 1.4.3)
python-hiredis (1.1.0 -> 2.0.0)
python-python-lzo (1.12 -> 1.14)
python-tables (3.6.1 -> 3.7.0)
shadow (4.9 -> 4.11.1)
=== Details ===
==== clamav ====
Version update (0.103.4 -> 0.103.5)
Subpackages: libclamav9 libfreshclam2
- Update to 0.103.5
* CVE-2022-20698: Fix for invalid pointer read that may cause a crash.
This issue affects 0.104.1, 0.103.4 and prior when ClamAV is compiled
with libjson-c and the CL_SCAN_GENERAL_COLLECT_METADATA scan option
(the clamscan --gen-json option) is enabled.
* Fixed ability to disable the file size limit with libclamav C API,
like this:
cl_engine_set_num(engine, CL_ENGINE_MAX_FILESIZE, 0);
This issue didn't affect ClamD or ClamScan which also can disable the
limit by setting it to zero using MaxFileSize 0 in clamd.conf for ClamD,
or clamscan --max-filesize=0 for ClamScan.
Note: Internally, the max file size is still set to 2 GiB. Disabling the
limit for a scan will fall back on the internal 2 GiB limitation.
* Increased the maximum line length for ClamAV config files from 512 bytes
to 1,024 bytes to allow for longer config option strings.
* SigTool: Fix insufficient buffer size for --list-sigs that caused a
failure when listing a database containing one or more very long
signatures. This fix was backported from 0.104.
==== gupnp ====
Version update (1.4.2 -> 1.4.3)
- Update to version 1.4.3:
+ ServiceProxy:
- Properly propagate cancelled actions in deprecated calls.
- Fix deprecated async calls, again.
==== python-hiredis ====
Version update (1.1.0 -> 2.0.0)
- Update to 2.0.0
* Bump hiredis from 0.13.3 to 1.0.0 and consequently add support
for RESP3 (see #104)
* Add type hints (see #106)
* Drop support for EOL Python versions 2.7, 3.4, and 3.5 (see #103)
- Drop obsolete patches
* hiredis1.patch
* bump_hiredis_0.14.1.patch
- Update patches
* 0001-Use-system-libhiredis.patch
* drop-vendor-sources.patch
==== python-python-lzo ====
Version update (1.12 -> 1.14)
- Update to 1.14
* Add python2 support statement
* Fix 32bit int limitations
- Includes support for Python 3.10 now
==== python-tables ====
Version update (3.6.1 -> 3.7.0)
- Update to 3.7.0
* Compatibility with Python 3.10, numpy 1.21 and HDF5 1.12.
* Support for Python 3.5 has been dropped (#840 and #850).
* Internal C-Blosc sources updated to 1.21.1 (#931). Note that,
starting from C-Blosc 1.19 does not include the Snappy codec
sources anymore, so Snappy will be not available if you compile
from included sources; other packages (like conda or wheels),
may (or may not) include it.
* Switch to git submodule for the management of vendored c-blosc
sources.
* Improved code formatting and notation consistency (#873, #868,
[#865] thanks to Miroslav ?edivý).
* Improve the use of modern Python including :mod:pathlib,
f-strings (#859, #855, #839 and #818 thanks to Miroslav
?edivý).
* Simplified management of version information.
* Drop dependency on the deprecated distutils.
* Modernize the setup script and add support for PEP517 (#907).
* Fix pkg-config (setup.py) for Python 3.9 on Debian. Thanks to
Marco Sulla PR #792.
* Fix ROFileNode fails to return the fileno() (#633).
* Do not flush read only files (#915 thanks to @lrepiton).
* Drop the deprecated hdf5Version and File.open_count.
* the :func:get_tables_version and :func:get_hdf5_version
functions are now deprecated please use the coresponding
:data:tables.__version__ and :data:tables.hdf5_version instead.
- Drop patches fixed upstream
* PyTables-compat-numpy119.patch
* PyTables-pr810-tostring.patch
* PyTables-skip-test_vlarray.patch
* tables-pr862-lowercasefdtype.patch
- Replace Never-use-the-msse2-flag-explicitly.patch by use of
environment variable
==== shadow ====
Version update (4.9 -> 4.11.1)
Subpackages: login_defs
- The legacy code does not support /etc/login.defs.d used by YaST.
Enable libeconf to read it (bsc#1192954).
- Update to 4.11.1:
* build: include lib/shadowlog_internal.h in dist tarballs
- Update to 4.11:
* Handle possible TOCTTOU issues in usermod/userdel
- (CVE-2013-4235)
- Use O_NOFOLLOW when copying file
- Kill all user tasks in userdel
* Fix useradd -D segfault
* Clean up obsolete libc feature-check ifdefs
* Fix -fno-common build breaks due to duplicate Prog declarations
* Have single date_to_str definition
* Fix libsubid SONAME version
* Clarify licensing info, use SPDX.
- Update to 4.10:
* From this release forward, su from this package should be
considered deprecated. Please replace any users of it with su
from util-linux
* libsubid fixes
* Rename the test program list_subid_ranges to getsubids, write
a manpage, so distros can ship it.
* Add libeconf dep for new*idmap
* Allow all group types with usermod -G
* Avoid useradd generating empty subid range
* Handle NULL pw_passwd
* Fix default value SHA_get_salt_rounds
* Use https where possible in README
* Update content and format of README
* Translation updates
* Switch from xml2po to itstool in 'make dist'
* Fix double frees
* Add LOG_INIT configurable to useradd
* Add CREATE_MAIL_SPOOL documentation
* Create a security.md
* Fix su never being SIGKILLd when trapping TERM
* Fix wrong SELinux labels in several possible cases
* Fix missing chmod in chadowtb_move
* Handle malformed hushlogins entries
* Fix groupdel segv when passwd does not exist
* Fix covscan-found newgrp segfault
* Remove trailing slash on hoedir
* Fix passwd -l message - it does not change expirey
* Fix SIGCHLD handling bugs in su and vipw
* Remove special case for "" in usermod
* Implement usermod -rG to remove a specific group
* call pam_end() after fork in child path for su and login
* useradd: In absence of /etc/passwd, assume 0 == root
* lib: check NULL before freeing data
* Fix pwck segfault
- Remove because upstreamed:
* shadow-4.9-pwck-segfault.patch
* shadow-4.9-newgrp-segfault.patch
* shadow-4.9-useradd-subuid.patch
* shadow-4.9-sgent-free.patch
* shadow-passwd-handle-null.patch
* shadow-fix-sigabrt.patch
* shadow-libeconf-include.patch
* libsubid-build-fix.patch
- Refreshed:
* shadow-util-linux.patch
* shadow.changes
* shadow.keyring
* shadow.spec
* useradd-script.patch
* useradd-userkeleton.patch
* userdel-script.patch
- Update shadow.keyring:
* Serge Hallyn serge(a)hallyn.com (B175CFA98F192AF2)
* Christian Brauner christian(a)brauner.io (4880B8C9BD0E5106FC070F4F7B3C391EFEA93624)
