May 2022 - openSUSE Factory - openSUSE Mailing Lists

New Tumbleweed snapshot 20220519 released!
by Dominique Leuenberger 20 May '22

20 May '22

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: autotrace csmash elfutils-debuginfod glibc libcap-ng (0.7.11 -> 0.8.3) multipath-tools (0.8.8+64+suse.f265f7e0 -> 0.8.9+90+suse.71a70fb) pcre pentobi (20.0 -> 21.0) perl (5.34.0 -> 5.34.1) === Details === ==== autotrace ==== Subpackages: libautotrace3 - biWidth*biBitCnt integer overflow fix (bsc#1182158, CVE-2019-19004, CVE-2019-19004.patch). - Bitmap double free fix (bsc1182159, CVE-2019-19005, CVE-2017-9182, CVE-2017-9190, CVE-2019-19005.patch). ==== csmash ==== - Build with to pkgconfig(sdl) so we can use sdl12_compat. ==== elfutils-debuginfod ==== - Add config-Move-the-2-dev-null-inside-the-sh-c-quotes-fo.patch in order to fix boo#1199265. ==== glibc ==== Subpackages: glibc-32bit glibc-devel glibc-extra glibc-lang glibc-locale glibc-locale-base nscd - nptl-spurious-eintr.patch: nptl: Handle spurious EINTR when thread cancellation is disabled (BZ #29029) - Follow the distro default gcc version to build the cross bootstrap packages. - switched to https urls ==== libcap-ng ==== Version update (0.7.11 -> 0.8.3) - Update to 0.8.3: * Add vararg support to python bindings for capng_updatev * Add support for ambient capabilities * Add support for V3 filesystem capabilities * If procfs is not available, leave last_cap as CAP_LAST_CAP * If bounding and ambient not found in status, try prctl method * In capng_apply, move ambient caps to the end of the transaction * In capng_apply, return errors more aggressively. * In capng_apply, if the action includes the bounding set,resync with the kernel * Fix signed/unsigned warning in cap-ng.c * In capng_apply, return a unique error code to diagnose any failure * In capng_have_capability, return 0 for failure * Add the libdrop_ambient admin tool * In capng_apply, if we blew up in bounding set, allow setting capabilities * If PR_CAP_AMBIENT is not available, do not build libdrop_ambient * Improve last_cap check * Fix parameters to capng_updatev python bindings to be signed * Detect capability options at runtime to make containerization easier (ntkme) * Initialize the library when linked statically * Add gcc function attributes for deallocation ==== multipath-tools ==== Version update (0.8.8+64+suse.f265f7e0 -> 0.8.9+90+suse.71a70fb) Subpackages: kpartx libmpath0 - Update to version 0.8.9+90+suse.71a70fb: * support overriding -D_FORTIFY_SOURCE in OPTFLAGS * add -U_FORTIFY_SOURCE to optflags to avoid compilation errors on old distros - Update to version 0.8.9+87+suse.a1eb122: * add ability to autodetect support for -D_FORTIFY_SOURCE=3 - Update to version 0.8.9+85+suse.a9da21c: * This is a pre-release of multipath-tools 0.9.0 * multipath.conf: add "protocol" subsection in "overrides" section This allows to set "dev_loss_tmo", "fast_io_fail_tmo", and "eh_deadline" on a per-protocol basis rather than per storage * multipath.conf: drop support for deprecated options: getuid_callout, pg_timeout, config_dir, multipath_dir * multipathd: don't switch to DAEMON_IDLE during startup (bsc#1199346, bsc#1197570) * multipathd: avoid delays during uevent processing (bsc#1199347) * Fixes for minor issues reported by coverity * Fix for memory leak with uid_attrs * Fix possibility to redefine -D_FORTIFY_SOURCE macro. * Updates for built in hardware db - Update to version 0.8.9+42+suse.45974f11: * Logging improvements * Fix busy loop with delayed_reconfigure (bsc#1199342) * multipathd: use remove_map_callback for delayed reconfigure * multipathd: Don't keep starting TUR threads, if they always hang. (bsc#1199345) * Fix handling of path addition in read-only arrays on NVMe * Updates of built-in hardware database - Update to upstream 0.8.9 * libmultipath: only warn once about unsupported dev_loss_tmo * Otherwise code-identical to 0.8.8+64 ==== pcre ==== Subpackages: libpcre1 libpcre1-32bit libpcreposix0 - Added pcre-8.45-bsc1199232-unicode-property-matching.patch * bsc#1199232 * Fixes unicode property matching issue ==== pentobi ==== Version update (20.0 -> 21.0) - Update to version 21.0 * New help viewer implementation, which includes DocBook files in the resources. This avoids using an external browser, which did not work with all installation directories on Ubuntu 21.10 because Firefox and Chromium have restricted access to local files, or using WebView, which is not supported on all Linux architectures or in Qt 6.0/6.1. * Fixed visibility of labels on Callisto 1x1-piece in dark theme. * Fixed rendering issues on Android with Qt 6.3.0. * Fixed detection of loaded files or autosaved games modified by another application. ==== perl ==== Version update (5.34.0 -> 5.34.1) Subpackages: perl-base perl-doc - Update to 5.34.1 - maintenance release B::Deparse has been upgraded from version 1.56 to 1.57. Encode has been upgraded from version 3.08 to 3.08_01. GDBM_File has been upgraded from version 1.19 to 1.19_01. Module::CoreList has been upgraded from version 5.20210520 to 5.20220313. perl5db.pl has been upgraded from version 1.60 to 1.60_01. - Drop c029d660f2fe60699cf64bbb3fa9f671a1a370d5.patch (upstream) - Don't install anything in testsuite build - Run testsuite also in qemu build - posix-sigaction.patch: remove, this has been fixed properly in commit 19c9c2ee4a

1 0

decryption password an different terminal
by tn eo 20 May '22

20 May '22

4 3

Tumbleweed - Review of the week 2022/20
by Dominique Leuenberger / DimStar 20 May '22

20 May '22

Dear Tumbleweed users and hackers, This week, we released 6 snapshots. One snapshot hit reached the (negative) record of most failed tests in one run. The issue was simply that YaST was unable to start, which for rather obvious reasons impacts almost all tests. This could swiftly be corrected and the following snapshot already worked again. The 6 published snapshots were 0512, 0513, 0515, 0516, 0517, and 0518. The main changes included in those snapshots are: * KDE Gear 22.04.1 * KDE Frameworks 5.94.0 * GStreamer 1.20.2 * Linux kernel 5.17.7 * PostgreSQL 14.3 * bind 9.18.2 * NetworkManager 1.38.0: NOTE: Users upgrading with –no-recommends or recommends disabled in the zypp config, might lose wifi connection. Install NetworkManager-wifi (that specific split is under review in Bugzilla) The main changes being worked on in Stagings are currently: * Setting build flags to FORTIFY_SOURCE=3 (starting from snapshot 0519). No full rebuild will be done for this, the packages will get that feature on their next natural rebuild * Perl 5.34.1 * Linux kernel 5.17.9 * Mozilla Firefox 101 * Mesa 22.1.0 * Python 3.10 as the default interpreter Cheers, Dominique

1 0

Invitation to ALP Community Work Group (doodle for meeting slot)
by Lubos Kocman 20 May '22

20 May '22

Hello openSUSE! now when Leap 15.4 RC and Leap Micro 5.2 GA announcements are settled let's go now for something completely different. I'd like to invite you to a newly formed Community Work Group (or CWG) around the new *Adaptable Linux Platform https://en.opensuse.org/openSUSE:ALP/Workgroups/Community We'll initially focus on transparency during ALP planning, prototyping, and related public communication, opensuse infra readiness . There are topics where we can already start working right now. The first desktop *workshop has shown us that we need to focus on areas such as single place for documentation, our "signature" look and feel, brand recognition, event calendar, etc. We will to turn feedback from the workshop into action items and ensure we have WG members working on them. We have a big opportunity in this regard since unlike SLES 15 , ALP is going to (and already being *prototyped) be built in OBS by default. If you're interested then please tell us which one of existing weekly community weekly slots (Tuesday/Thursday) should be used for regular CWG meetups https://doodle.com/meeting/organize/id/b68562Ve [0]https://lists.opensuse.org/archives/list/project@lists.opensuse.org/threa… [1]https://en.opensuse.org/openSUSE:ALP/Workgroups/Community/Workshops/LeapD… [2]https://build.opensuse.org/project/show/devel:LEO

1 0

No additional languages in Leap and Leap Micro Download pages
by Ivan vorstanenko 19 May '22

19 May '22

Hello us! I translate some strings in Weplate of page get.opensuse.org. But no languages other than English are available in Leap and Leap Micro pages. (other download pages contains languages) I open bug report (https://bugzilla.opensuse.org/show_bug.cgi?id=1199541) But I think, the selected section (Documentation) is wrong. I can't decide, which component is correct for this bug. Which section do I need to choose? Or, maybe, I need to write somewhere else?

1 0

Re: Request of testing new fingerprint reader library
by Lukáš Krejza 19 May '22

19 May '22

Dne čtvrtek 19. května 2022 10:45:04 CEST, Benjamin Berg napsal(a): > Hi, > > On Thu, 2022-05-19 at 00:17 +0200, Lukáš Krejza wrote: > > Dne čtvrtek 19. května 2022 0:04:06 CEST, Neal Gompa napsal(a): > > > > The original plan was to do that, but since it has not been the case yet > > (and it is already some time that this fork exist), distributions started > > to switch to this one for the time being. It does not seem that this fork > > will merge back to mainline anytime soon, so we are just following > > general "trend" of other distros to support more use-cases and hardware > > for the users. > There never was a plan to merge the TOD branch back into libfprint > upstream. > > For any driver that is open source, we are or course happy to work with > the developers to integrate it into upstream libfprint. > > The TOD branch exists to enable non-free code to be loaded (into the > GPL'ed fprintd binary). There are good reasons for me to accept that > this is happening and I have little power to do anything against it. > However, I hope that there is no false impression that upstream > libfprint is condoning the existence of the TOD branch and non-free > drivers in particular. > > > Also, the mainline devs are actively solving bugs reported by users using > > the "-tod" fork, as you can see for example here: > > https://gitlab.freedesktop.org/ libfprint/libfprint/-/issues/436 . > > Not really. The TOD fork just adds an extra feature that allows side > loading more code. It makes little sense to ignore valid bug reports > for the main library. Doing so would be detrimental to everyone, > including users of upstream libfprint. > > All I am doing in that bug is not actively sabotaging users of the TOD > fork as there is a benefit to everyone. > > > Also, developers themselves are pointing users to the fork, as you can see > > here: https://gitlab.freedesktop.org/libfprint/libfprint/-/issues/267 > > People wear multiple hats, so the line can be blurry. The person > posting the link contributed the goodixmoc driver, and is likely also > involved with the non-free goodix driver that appears to exists for > other chipsets. > > I didn't delete the reference. But I also don't feel that the > discussion there gives the impression that upstream is condoning the > existence of the TOD branch and loading non-free code. > > Benjamin Thank you Benjamin for explaining your opinion about the situation and clearing it out further. I have contacted board and asked for their decision, they should have also ability to contact SUSE legal team, if required. Regards, Gryffus

1 0

Request of testing new fingerprint reader library
by Lukáš Krejza 19 May '22

19 May '22

Hello list(s), we, together with Florian "Sp1rit" have created packages for "new" libfprint- tod library/fork, which is going to replace current one used in distribution. This library has advantage of loading external drivers as libraries, typically closed source ones. These closed source drivers are soon going to appear on Packman as "libfprint2-tod1-*" packages (the SR is pending). The library source code is located on https://gitlab.freedesktop.org/3v1n0/libfprint/-/ tree/tod and is always re-based on current libfprint "upstream". It is also the default one in Ubuntu, Arch and Debian (if i checked correctly). We are able to test the closed source drivers, since we have access to devices using them. However, what we cannot test are fingerprint readers, that are supported directly by libfprint library. For this, i would like to ask anyone, who is using his fingerprint reader on openSUSE Tumbleweed with libfprint library to test with this new library using following steps: 1) Add home:sp1rit:factory repository: :~> sudo zypper ar --refresh --name libfprint-tod https:// download.opensuse.org/repositories/home:/sp1rit:/factory/openSUSE_Tumblewee… home:sp1rit:factory.repo 2) Install libfprint-2-2 package from it (and do NOT install libfprint-2- tod1): :~> sudo zypper in --from libfprint-tod libfprint-2-2 fprintd 3) Open one terminal window, su to root and start fprintd in debug mode: :~> su [enter] :~ # env G_MESSAGES_DEBUG=all /usr/libexec/fprintd 4) Open second terminal window and enroll or verify fingerprint (as normal user): :~> fprintd-enroll or :~> fprintd-verify That is all. After this test, please send us output from the terminal window, that you started fprintd in debug mode (step 3) in. You can use https:// paste.opensuse.org/ for that. For switching back to original libfprint, just remove the repository: :~> sudo zypper rr libfprint-tod and install original libfprint :~> sudo zypper in libfprint-2-2 fprintd That should be all. @Fridrich, @Matthias, @Timo: I am CCing you in case you missed discussion that happened on Factory ML. If you have any objection against planned switch, please step up now. We will be doing SR to hardware/libfprint in forthcomming days, when we get some confirmation that it is working correctly for the users using "native" libfprint. Thanks very much to everyone involved for helping openSUSE get better and better! Regards and happy hacking, Gryffus

3 4

New Tumbleweed snapshot 20220517 released!
by Dominique Leuenberger 18 May '22

18 May '22

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&versio… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: akonadi-server apparmor bind (9.16.25 -> 9.18.2) gnome-shell-extensions (42.0 -> 42.1) gnutls gtk4 (4.6.2 -> 4.6.4) hplip (3.21.10 -> 3.22.4) libapparmor libproxy libproxy-plugins lirc memcached (1.6.14 -> 1.6.15) open-iscsi plymouth python-Pygments (2.11.2 -> 2.12.0) python-kiwi (9.24.31 -> 9.24.35) python-stack-data (0.1.3 -> 0.2.0) rubygem-concurrent-ruby (1.1.9 -> 1.1.10) rubygem-nokogiri (1.13.4 -> 1.13.6) squashfs yast2-iscsi-client (4.5.1 -> 4.5.3) yast2-trans (84.87.20220507.8ff263ce4d -> 84.87.20220513.26f6bfaa16) === Details === ==== akonadi-server ==== Subpackages: akonadi-server-lang libKF5AkonadiAgentBase5 libKF5AkonadiCore5 libKF5AkonadiPrivate5 libKF5AkonadiWidgets5 libKF5AkonadiXml5 - Add akonadiserver-apparmor-typos-mr94.patch to ensure mariadbd_akonadi AppArmor profile actually gets used ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-docs apparmor-parser apparmor-parser-lang apparmor-profiles apparmor-utils apparmor-utils-lang pam_apparmor pam_apparmor-32bit python3-apparmor - add dovecot-profiles-boo1199535-mr881.diff: update dovecot profiles for latest dovecot (boo#1199535) ==== bind ==== Version update (9.16.25 -> 9.18.2) Subpackages: bind-doc bind-utils - Add upstream patch bind-prevent-buffer-overflow.patch. - The named-checkconf had been moved from /usr/sbin to /usr/bin but that had not been reflected in scripts that called this, eg named.prep. So these scripts failed. Some installations still have "createNamedConfInclude" in the NAMED_INITIALIZE_SCRIPTS in /etc/sysconfig/named. The named.prep will now report this but continue. [bsc#1199044, vendor-files.tar.bz2] - Upgrade to 9.18.2: Most important bugs fixed: * The "starting maxtime timer" message related to outgoing zone transfers was incorrectly logged at the ERROR level instead of DEBUG(1). * Ensure that zone maintenance queries have a retry limit. * When using both the `+qr` and `+y` options `dig` could crash if the connection to the first server was not successful. * dig could hang in some cases involving multiple servers in a lookup, when a request fails and the next one refuses to start for some reason, for example if it was an IPv4 mapped IPv6 address. * dig +nssearch was hanging until manually interrupted. * When an UPDATE targets a zone that is not configured, the requested zone name is now logged in the "not authoritative" error message, so that it is easier to track down problematic update clients. * Quote the dns64 prefix in error messages that complain about problems with it, to avoid confusion with the following dns64 ACLs. * When encountering socket error while trying to initiate a TCP connection to a server, dig could hang indefinitely, when there were more servers to try. * When timing-out or having other types of socket errors during a query, dig wasn't trying to perform the lookup using other servers, in case they exist. * Resending a UDP request in the result of a timeout could cause an assertion failure when the resent query's result was SERVFAIL. * Replace single TCP write timer with per-TCP write timers. * Invalid dnssec-policy definitions were being accepted where the defined keys did not cover both KSK and ZSK roles for a given algorithm. This is now checked for and the dnssec-policy is rejected if both roles are not present for all algorithms in use. * Fix query context management issues in the TCP part of dig. Noteworthy functional changes: * Add new "reuseport" option to enable/disable load balancing of sockets. * Set the minimum MTU on UDPv6 and TCPv6 sockets and limit TCP maximum segment size (TCP_MAXSEG) to (1220) for both TCPv4 and TCPv6 sockets. Needed to define two macros in contrib code: FALLTHOUGH is a copy of how it is defined in <isc/util.h> UNREACHABLE follows the model used in MacOS /usr/include/c++/v1/cstdlib to determine if __builtin_ureachable is available [bind-9.18.2.tar.xz, bind-9.18.2.tar.xz.sha512.asc, bind-define-local-instances-of-FALLTHROUGH-and-UNREACHABLE.patch] - * When using forwarders, bogus NS records supplied by, or via, those forwarders may be cached and used by named if it needs to recurse for any reason, causing it to obtain and pass on potentially incorrect answers. [CVE-2021-25220] * TCP connection slots may be consumed for an indefinite time frame via a specifically crafted TCP stream sent from a client. This issue can only be triggered on BIND servers which have keep-response-order enabled, which is not the default configuration. The keep-response-order option is an ACL block, and as such, any hosts specified within it will be able to trigger this issue on affected versions. [CVE-2022-0396] * The RFC 8198 Aggressive Use of DNSSEC-Validated Cache feature (synth-from-dnssec) had been refactored and the default has been changed so that is now automatically enabled for dnssec-validating resolvers. Subsequently it was found that repeated patterns of specific queries to servers with this feature enabled could cause an INSIST failure in query.c:query_dname which causes named to terminate unexpectedly. The vulnerability affects BIND resolvers running 9.18.0 that have both dnssec-validation and synth-from-dnssec enabled. (Note that dnssec-validation auto; is the default setting unless configured otherwise in named.conf and that enabling dnssec-validation automatically enables synth-from-dnssec unless explicitly disabled) [CVE-2022-0635] * The refactoring of the recursive client code introduced a "backstop lifetime timer." While BIND is processing a request for a DS record that needs to be forwarded, it waits until this processing is complete or until the backstop lifetime timer has timed out. When the resume_dslookup() function is called as a result of such a timeout, the function does not test whether the fetch has previously been shut down. This introduces the possibility of triggering an assertion failure, which could cause the BIND process to terminate. [CVE-2022-0667] * Reset client TCP connection when data received cannot be parsed as a valid DNS request. For a complete list of changes, see * Bind Release Notes https://downloads.isc.org/isc/bind9/9.18.1/doc/arm/html/notes.html * The CHANGES file in the source RPM This obsoletes bind-define-missing-threads.patch Also, removed bind-python3 from the spec file as it is not build any longer. [bind.spec, bind-9.18.1.tar.xz, bind-9.18.1.tar.xz.sha512.asc, bind-define-missing-threads.patch] - Update to new MAJOR VERSION 9.18.0. This has many enhnancements, bug fixes and changes. The spec file also has mechanisms to run the integrated test suite. MAJOR CHANGES: * Support for securing DNS traffic using Transport Layer Security (TLS). TLS is used by both DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). * Support for zone transfers over TLS (XFR-over-TLS, XoT) for both incoming and outgoing zone transfers. * The dig tool is now able to send DoT queries (+tls option). * Support for OpenSSL 3.0 APIs was added. A number of utilities have been removed: dnssec-checkds, dnssec-coverage, dnssec-keymgr, which have been deprecated in favor of dnssec-policy feature, as well as python support (package python3-bind). A number of utilities have been moved from (/usr)/sbin to (/usr)/bin The DLZ modules have been put into seperate sub-packages to keep unwanted dependencies out of the main package: * bind-modules-perl: dlz_perl_driver.so * bind-modules-mysql: dlz_mysql_dynamic.so, dlz_mysqldyn_mod.so * bind-modules-ldap: dlz_ldap_dynamic.so * bind-modules-bdbhpt: dlz_bdbhpt_dynamic.so * bind-modules-sqlite3: dlz_sqlite3_dynamic.so * bind-modules-generic: dlz_filesystem_dynamic.so, dlz_wildcard_dynamic.so For a complete list of changes, see * Bind Release Notes https://downloads.isc.org/isc/bind9/9.18.0/doc/arm/html/notes.html * The CHANGES file in the source RPM [bind.spec, bind-9.18.0.tar.xz, bind-9.18.0.tar.xz.sha512.asc, bind-avoid-fallthrough-warning-error.patch, bind-contrib-pthread.patch, named-bootconf.diff, bind-define-missing-threads.patch] - Old-style DLZ drivers have been deprecated in favor of DLZ modules. The DLZ drivers configuration option will be removed from the next major BIND 9 release. The option to use the DLZ modules is already available in BIND 9; please see the ARM section on DLZ modules. The dynamically lodable driver modules are stored in /usr/lib64/bind-plugins Example configurations for ldap and mysql are provided in named.conf. [bind.spec, vendor-files/config/named.conf] ==== gnome-shell-extensions ==== Version update (42.0 -> 42.1) Subpackages: gnome-shell-classic gnome-shell-extensions-common gnome-shell-extensions-common-lang - Update to version 42.1: + Misc. bug fixes and cleanups. + Updated translations. ==== gnutls ==== Subpackages: libgnutls-dane0 libgnutls30 libgnutls30-32bit libgnutls30-hmac - disable kcapi usage for now, as kernel-obs-build not adjusted to contain the algorithms. bsc#1189283 ==== gtk4 ==== Version update (4.6.2 -> 4.6.4) Subpackages: gtk4-lang gtk4-schema gtk4-tools libgtk-4-1 typelib-1_0-Gtk-4_0 - Update to version 4.6.4: + GtkFileChooser: - Fix select button sensitivity in select_folder mode. - Fix some fallout from list model porting. + GtkListView, GtkColumnView: Optimize scrolling. + print-to-file: Handle nonexisting files better in the dialog. + Avoid infinite loops in size allocation. + CSS: Optimize a case of reparenting that is important in GtkListView. + GSK: Check for half-float support before using it. + Wayland: - Ignore empty preedit updates This fixes a problem with textview scrolling. - Freeze popups when hidden. This addresses a frame rate drop- + Updated translations. - Update to version 4.6.3: + GtkOverlay: Bring back positional style classes. + GtkFileChooser: - Prevent unwanted completion popups. - Fix small problems in save mode. - Fix buildable suport of GtkFileFilter. + GtkPopover: Fix button positions in right-to-left locales. + GtkLabel: Fix small issues with link handling. + Tooltips: Don't restrict the minimum tooltip length. + Theme: - Don't use opacity for overlay scrollbars. - Fix selection text color in vertical spin buttons. + GSK: - Accept textures that are generated by webkit. - Align offscreen rendering to the pixel grid. + Accessibility: Fix a crash in startup when orca is running. + Input: - Fix display changes in GtkIMMultiContext. - Fix activating on-screen keyboards. - Always propagate hold events in GtkEventControllerScroll. + Windows: - Fix a critical warning in clipboard handling. - Report serial numbers for events. + MacOS: Prevent fullscreen transition reentrancy. + Updated translations. - Drop gtkimmulticontext-Handle-switches-between-displays.patch: fixed upstream. ==== hplip ==== Version update (3.21.10 -> 3.22.4) Subpackages: hplip-hpijs hplip-sane - Update to 3.22.4 Added support for following new Distro's: * Manjaro 21.2 Added support for the following new Printers: * HP LaserJet Pro 4001ne * HP LaserJet Pro 4001n * HP LaserJet Pro 4001dne * HP LaserJet Pro 4001dn * HP LaserJet Pro 4001dwe * HP LaserJet Pro 4001dw * HP LaserJet Pro 4001d * HP LaserJet Pro 4001de * HP LaserJet Pro 4002ne * HP LaserJet Pro 4002n * HP LaserJet Pro 4002dne * HP LaserJet Pro 4002dn * HP LaserJet Pro 4002dwe * HP LaserJet Pro 4002dw * HP LaserJet Pro 4002d * HP LaserJet Pro 4002de * HP LaserJet Pro 4003dn * HP LaserJet Pro 4003dw * HP LaserJet Pro 4003n * HP LaserJet Pro 4003d * HP LaserJet Pro 4004d * HP LaserJet Pro 4004dn * HP LaserJet Pro 4004dw * HP LaserJet Pro MFP 4101dwe * HP LaserJet Pro MFP 4101dw * HP LaserJet Pro MFP 4101fdn * HP LaserJet Pro MFP 4101fdne * HP LaserJet Pro MFP 4101fdw * HP LaserJet Pro MFP 4101fdwe * HP LaserJet Pro MFP 4102dwe * HP LaserJet Pro MFP 4102dw * HP LaserJet Pro MFP 4102fdn * HP LaserJet Pro MFP 4102fdw * HP LaserJet Pro MFP 4102fdwe * HP LaserJet Pro MFP 4102fdne * HP LaserJet Pro MFP 4102fnw * HP LaserJet Pro MFP 4102fnwe * HP LaserJet Pro MFP 4103dw * HP LaserJet Pro MFP 4103dn * HP LaserJet Pro MFP 4103fdn * HP LaserJet Pro MFP 4103fdw * HP LaserJet Pro MFP 4104dw * HP LaserJet Pro MFP 4104fdw * HP LaserJet Pro MFP 4104fdn * HP ScanJet Pro 3600 f1 * HP ScanJet Pro N4600 fnw1 * HP ScanJet Pro 2600 f1 * HP ScanJet Enterprise Flow N6600 fnw1 - Changes from 3.22.2 Added support for following new Distro's: * Elementary OS 6.1 * RHEL 8.5 * Linux Mint 20.3 Added support for the following new Printers: * HP LaserJet Tank MFP 1602a * HP LaserJet Tank MFP 1602w * HP LaserJet Tank MFP 1604w * HP LaserJet Tank MFP 2602dn * HP LaserJet Tank MFP 2602sdn * HP LaserJet Tank MFP 2602sdw * HP LaserJet Tank MFP 2602dw * HP LaserJet Tank MFP 2604dw * HP LaserJet Tank MFP 2604sdw * HP LaserJet Tank MFP 2603dw * HP LaserJet Tank MFP 2603sdw * HP LaserJet Tank MFP 2605sdw * HP LaserJet Tank MFP 2606dn * HP LaserJet Tank MFP 2606sdn * HP LaserJet Tank MFP 2606sdw * HP LaserJet Tank MFP 2606dw * HP LaserJet Tank MFP 2606dc * HP LaserJet Tank MFP 1005 * HP LaserJet Tank MFP 1005w * HP LaserJet Tank MFP 1005nw * HP LaserJet Tank 1502a * HP LaserJet Tank 1502w * HP LaserJet Tank 1504w * HP LaserJet Tank 2502dw * HP LaserJet Tank 2502dn * HP LaserJet Tank 2504dw * HP LaserJet Tank 2503dw * HP LaserJet Tank 2506dw * HP LaserJet Tank 2506d * HP LaserJet Tank 2506dn * HP LaserJet Tank 1020 * HP LaserJet Tank 1020w * HP LaserJet Tank 1020nw - Changes from 3.21.12 Added support for following new Distro's: * MX Linux 21 * Elementary OS 6 * Fedora 35 - Drop photocard-fix-import-error-for-pcardext.patch, because now in upstream. - Rebase Use-lsb_release-fallback-code-if-import-distro-fails.patch, bacause some is in upstream now. - Reabse hplip-missing-drivers.patch ==== libapparmor ==== Subpackages: libapparmor1 libapparmor1-32bit - add dovecot-profiles-boo1199535-mr881.diff: update dovecot profiles for latest dovecot (boo#1199535) ==== libproxy ==== - Add libproxy-python-310.patch: Detect python 3.10. ==== libproxy-plugins ==== Subpackages: libproxy1-config-gnome3 libproxy1-config-kde libproxy1-networkmanager libproxy1-pacrunner-webkit - Add libproxy-python-310.patch: Detect python 3.10. ==== lirc ==== - Add lirc-autoconf-py310.patch: Output of autoreconf in order to find the correct python version when Tumbleweed switches to Python 3.10. ==== memcached ==== Version update (1.6.14 -> 1.6.15) - update to 1.6.15: * proxy: Fix buffer overflow and prevent recv() of 0 byte * proxy: allow await() to be called recursively * proxy: mcp.request(cmd, [val | resp]) * proxy: hacky method of supporting noreply/quiet * proxy: add ring_hash builtin * proxy: fix logger entry memory corruption * storage: parameterize the compaction thread sleep * proxy: pull chunks into individual c files * proxy: documentation updates * proxy: "stats settings" for proxy * proxy: await improvements * proxy: trivial support for SO_KEEPALIVE on backend * mcmc: upstream update for SO_KEEPALIVE * proxy: fix crash on stats proxy sans user stats * proxy: enable backend_total stat * proxy: track in-flight requests * proxy: add some basic logging for backend errors * proxy: logging improvements + lua mcp.log() * proxy: add stats for commands seen ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Set initiatorname in %post (at end of install), for cases where root is read-only at startup time (bsc#1198457) ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Add code to plymouth-watermark-config.patch in order to install the Watermark image file to initrd - Refresh patches to apply cleanly - Remove plymouth-keep-KillMode-none.patch: With the iteration of tumbleweed, system could boot with the systemd recommanding option KillMode=mixed, So it's the time to remove this patch (bsc#1177082 bsc#1184087 boo#1182145). ==== python-Pygments ==== Version update (2.11.2 -> 2.12.0) - update to 2.12.0: - Added lexers: * Cplint (#2045) * Macaulay2 (#1791) * Minecraft (#2107) * Qlik (#1925) * ``UnixConfigLexer`` for "colon-separated" config files, like ``/etc/passwd`` (#2112) - Updated lexers: * Agda: Update keyword list (#2017) * C family: Fix identifiers after ``case`` statements (#2084) * Clojure: Highlight ratios (#2042) * Csound: Update to 6.17 (#2064) * CSS: Update the list of properties (#2113) * Elpi: - Fix catastrophic backtracking (#2053, #2061) - Fix handling of ``->`` (#2028) * Futhark: Add missing tokens (#2118) * Gherkin: Add ``But`` (#2046) * Inform6: Update to 6.36 (#2050) * LilyPond: - Fix incorrect lexing of names containing a built-in (#2071) - Fix properties containing dashes (#2099) * PHP: Update builtin function and keyword list (#2054, #2056) * Scheme: Various improvements (#2060) * Spice: Update the keyword list, add new types (#2063, #2067) * Terraform: - Support non-idiomatic comments (#2065, #2066) - Fix class name lexing (#2097) - Add ``plugins`` argument to ``get_all_lexers()``. - Bump minimal Python version to 3.6 (#2059) - Fix multiple lexers marking whitespace as ``Text`` (#2025) - Remove various redundant uses of ``re.UNICODE`` (#2058) - Associate ``.resource`` with the Robot framework (#2047) - Associate ``.cljc`` with Clojure (#2043) - Associate ``.tpp`` with C++ (#2031) - Remove traces of Python 2 from the documentation (#2039) - The ``native`` style was updated to meet the WCAG AAA contrast guidelines (#2038) - Fix various typos (#2030) - Fix ``Groff`` formatter not inheriting token styles correctly (#2024) - Various improvements to the CI (#2036) - The Ada lexer has been moved to a separate file (#2117) - drop elpi_fix_catastrophic_backtracking.patch: upstream ==== python-kiwi ==== Version update (9.24.31 -> 9.24.35) - Bump version: 9.24.34 ? 9.24.35 - Allow more repo params to be set on the cmdline The repository parameters for signing keys, the component list the main distribution name for debian repositories and also the repository_gpgcheck could not be set via the commandline options --add-repo and/or --set-repo. This commit adds support for them and also updates the manual page accordingly - Update ubuntu integration tests Build them against latest release (jammy). This Fixes #2128 - Bump version: 9.24.33 ? 9.24.34 - Follow up fix for isolinux-config isolinux-config is called to update the search path inside of the isolinux binary. isolinux/syslinux is exclusive to the ix86 architecture and to BIOS firmware. Therefore the condition to actually call it should reflect this. - Bump version: 9.24.32 ? 9.24.33 - Fixed runtime check Fixed check_dracut_module_for_disk_overlay_in_package_list. The check complains if the dracut-kiwi-overlay module is not installed but overlay support was requested. This is correct but should only be done if the selected initrd system is dracut. - Add option to set LUKS type to luks1 (#2126) Add option to set LUKS type to luks1 So far the LUKS type could be set to luks and luks2. However, what luks version the value 'luks' evaluates to depends on how the distributor has packaged luks. Thus it's possible that 'luks' is either luks1 or luks2. To also have the opportunity to explicitly specify luks1 this commit adds the opportunity in the schema. - Update devel packages helper Added trang as needed when working on the schema - Add support for dm integrity with secret key Allow to protect the opening of the integrity data map and journal through a keyfile. For setting the key file two new optional type attributes were added: * integrity_keyfile * integrity_metadata_key_description The key file format must be correct according to the selected integrity algorithm. As of now the kiwi default hmac-sha256 algorithm is used with the selected keyfile The optional integrity_metadata_key_description attribute allows to specify a custom description of an integrity key as it is expected to be present in the kernel keyring. The information is placed in the integrity metadata block. If not specified kiwi creates a key argument string instead which is based on the given integrity_keyfile filename. The format of this key argument is: :BASENAME_OF_integrity_keyfile_WITHOUT_FILE_EXTENSION - Update get_disksize_mbytes to support clones When using partition clones the pre-calculation of the disk size needs to take this into account. - Fixed UUID setup for XFS Make sure the log got replayed prior generating a new UUID - Fixed scope of setup_isolinux_boot_path There is a method called setup_isolinux_boot_path which is encoded in the Iso class. The method allows to change the boot path in the isolinux binary and makes sense when the bootloader is selected to be isolinux. However, the method was called in the scope of the FileSystemIsoFs class which responsibility is to create an ISO filesystem. The creation of an ISO filesystem has no direct connection to a bootloader. Thus calling this method in the scope of the FileSystemIsoFs implementation is wrong and can lead to unexpected side effects. This commit moves the call of the method to the places where isolinux as a bootloader can still be used. This Fixes #2117 - Correct the URL to the dracut home page This fixes https://github.com/OSInside/kiwi/issues/2097 - Change the custom vagrant config file to 00-vagrant.conf If it is called 99-vagrant.conf, then anything "before" that, like 50-redhat.conf takes precedence and overrides our custom settings. - Add Leap 15.4, SLE 15 SP4 & CentOS Stream 9 to the scripts tests - Bump version: 9.24.31 ? 9.24.32 - Add support for standalone dm integrity There is support in kiwi to use dm_integrity in combination with the LUKS header and dm_crypt. However there is also the use case to setup dm_integrity in standalone mode. This commit allows to create the dm_integrity layer outside of LUKS using /etc/integritytab to activate the map through a systemd generator if systemd is used. Regarding systemd it's required to use a version of system which provides: system-generators/systemd-integritysetup-generator. If this generator does not exist in the distribution it will also be missing in the dracut generated initrd and the boot will not be able to succeed. It's mentioned here because even newer distributions might be missing the generator Along with the implementation there are two new optional attributes in the <type> section: standalone_integrity="true|false" embed_integrity_metadata="true|false" standalone_integrity activates/deactivates the dm_integrity map on top of the root filesystem. Similar to the veritysetup support there is the opportunity to create an embedded magic metadata block at the end of the device containing the root filesystem via embed_integrity_metadata - Update per codacy smell - Add support for part clones to the Disk interface The Disk class provides methods to create partition(s) and map names according to its scope and independent of the actual partition tools. For example: create_root_partition(). This commit adds an additional optional clone parameter to all methods for which we want to allow partition clones - Be less strict in boot link to itself As part of the grub setup a link named 'boot' inside of /boot is created pointing to itself 'boot -> .'. The reason is to allow the bootloader config to find its files referenced as /boot/something independently if /boot is placed into an extra partition. However if an extra boot partition is used and a filesystem which does not support symlinks, e.g fat, that symlink creation should not lead to an error in the image build process as it is considered an optional safe link and not a mandatory pre-requisite - Fixed TW arm rpi integration test Explicitly add ruby to the package list ==== python-stack-data ==== Version update (0.1.3 -> 0.2.0) - Update to 0.2.0: - Fallback to basic Source.pieces when there is no Source.tree. - Handle nodes inside f-strings missing location info from asttokens - Add 29-Pygments-2-12.patch (gh#alexmojaki/stack_data#29) making the package compabile with Pygments 2.12. ==== rubygem-concurrent-ruby ==== Version update (1.1.9 -> 1.1.10) - updated to version 1.1.10 * (#951) Set the Ruby compatibility version at 2.2 * (#939, #933) The `caller_runs` fallback policy no longer blocks reads from the job queue by worker threads * (#938, #761, #652) You can now explicitly `prune_pool` a thread pool (Sylvain Joyeux) * (#937, #757, #670) We switched the Yahoo stock API for demos to Alpha Vantage (Gustavo Caso) * (#932, #931) We changed how `SafeTaskExecutor` handles local jump errors (Aaron Jensen) * (#927) You can use keyword arguments in your initialize when using `Async` (Matt Larraz) * (#926, #639) We removed timeout from `TimerTask` because it wasn't sound, and now it's a no-op with a warning (Jacob Atzen) * (#919) If you double-lock a re-entrant read-write lock, we promote to locked for writing (zp yuan) * (#915) `monotonic_time` now accepts an optional unit parameter, as Ruby's `clock_gettime` (Jean Boussier) ==== rubygem-nokogiri ==== Version update (1.13.4 -> 1.13.6) - updated to version 1.13.6 [#]# 1.13.6 / 2022-05-08 [#]## Security * [CRuby] Address [CVE-2022-29181](https://nvd.nist.gov/vuln/detail/CVE-2022-29181), improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See [GHSA-xh29-r2w5-wx8m](https://github.com/sparklemotion/nokogiri/security/adv… for more information. [#]## Improvements * `{HTML4,XML}::SAX::{Parser,ParserContext}` constructor methods now raise `TypeError` instead of segfaulting when an incorrect type is passed. [#]# 1.13.5 / 2022-05-04 [#]## Security * [CRuby] Vendored libxml2 is updated to address [CVE-2022-29824](https://nvd.nist.gov/vuln/detail/CVE-2022-29824). See [GHSA-cgx6-hpwq-fhv5](https://github.com/sparklemotion/nokogiri/security/adv… for more information. [#]## Dependencies * [CRuby] Vendored libxml2 is updated from v2.9.13 to [v2.9.14](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.9.14). [#]## Improvements * [CRuby] The libxml2 HTML parser no longer exhibits quadratic behavior when recovering some broken markup related to start-of-tag and bare `<` characters. [#]## Changed * [CRuby] The libxml2 HTML parser in v2.9.14 recovers from some broken markup differently. Notably, the XML CDATA escape sequence `<![CDATA[` and incorrectly-opened comments will result in HTML text nodes starting with `<!` instead of skipping the invalid tag. This behavior is a direct result of the [quadratic-behavior fix](https://gitlab.gnome.org/GNOME/libxml2/-/commit/798bdf1) noted above. The behavior of downstream sanitizers relying on this behavior will also change. Some tests describing the changed behavior are in [`test/html4/test_comments.rb`](https://github.com/sparklemotion/nokogiri/blob/3ed5bf2b5a367cb9dc6e329c5a1c512e1dd4565d/test/html4/test_comments.rb#L187-L204). ==== squashfs ==== - set LZMA_XZ_SUPPORT=1 so you can (un)squash -comp lzma images ==== yast2-iscsi-client ==== Version update (4.5.1 -> 4.5.3) - Fix a crash when opening the main dialog (bsc#1199552). - 4.5.3 - Internal cleanup in several parts to turn the auto-converted YCP code into something closer to common Ruby. - Enable iscsiuio during installation only if there is any card in the system using the bnx2i or qedi modules (bsc#1194432). - 4.5.2 ==== yast2-trans ==== Version update (84.87.20220507.8ff263ce4d -> 84.87.20220513.26f6bfaa16) Subpackages: yast2-trans-af yast2-trans-ar yast2-trans-bg yast2-trans-bn yast2-trans-bs yast2-trans-ca yast2-trans-cs yast2-trans-cy yast2-trans-da yast2-trans-de yast2-trans-el yast2-trans-en_GB yast2-trans-es yast2-trans-et yast2-trans-fa yast2-trans-fi yast2-trans-fr yast2-trans-gl yast2-trans-gu yast2-trans-hi yast2-trans-hr yast2-trans-hu yast2-trans-id yast2-trans-it yast2-trans-ja yast2-trans-jv yast2-trans-ka yast2-trans-km yast2-trans-ko yast2-trans-lo yast2-trans-lt yast2-trans-mk yast2-trans-mr yast2-trans-nb yast2-trans-nl yast2-trans-pa yast2-trans-pl yast2-trans-pt yast2-trans-pt_BR yast2-trans-ro yast2-trans-ru yast2-trans-si yast2-trans-sk yast2-trans-sl yast2-trans-sr yast2-trans-sv yast2-trans-ta yast2-trans-th yast2-trans-tr yast2-trans-uk yast2-trans-vi yast2-trans-wa yast2-trans-xh yast2-trans-zh_CN yast2-trans-zh_TW yast2-trans-zu - Update to version 84.87.20220513.26f6bfaa16: * New POT for text domain 'nfs'. * New POT for text domain 'iscsi-client'. * New POT for text domain 'kdump'.

1 0

openSUSE Release Engineering meeting 18.05.2022
by Lubos Kocman 18 May '22

18 May '22

All meeting minutes can be found here: https://etherpad.opensuse.org/p/ReleaseEngineering-meeting Meeting is hosted here https://meet.opensuse.org/ReleaseEngineeringMeeting ## Attendees DimStar, bittin, guillaumeg, rbrown; DocB, gp, m4u, dirk,maxlin, lkocman ## Internal SUSE IT Supported distribution Leap Micro 5.2 GA is today at noon UTC (finalizing get-o-o) RC build of Leap 15.4 is out. SLES 15 SP4 GMC received a Go yesterday, once we have confirmed GM, Leap 15.4 can have its GMC build Community WG Doodle is live (you can vote for the existing Thursday or Tuesday weekly meeting slot). The deadline is Sunday. That was confirmed at the community meeting. https://doodle.com/meeting/participate/id/b68562Ve/vote SUSE will host 5 El Rancho SUSE students for a summer job with SUSE support. They will be in Provo Utah for a one-week onboarding June 20 - 24. The agreement is to have a talk about how to get engaged in openSUSE. The expectation is something like a 20minutes talk and 10 minutes for questions (we'll have to jump-start an inclusive conversation, of that I'm sure). Contact person is Leopoldo M. Since we've already had a group of students on our call, I think we can iterate on that (invite people), introduce perhaps edu(a)lists.opensuse.org, and show them easy ways how to start contributing. Is somebody from the community interested in the mentorship of students? If so let us know. This could be mentorship on projects/thesis, field trips, or virtual discussions with parents to ensure support. Feel free to share your preferred contact with Leopoldo.Macias@suse Internal URL for SUSE employees https://forms.office.com/Pages/ResponsePage.aspx?id=9nqh91wcNkqqi_W-JHqkutS… The first internal ALP WorkGroup status update is today. openQA discussion with Santi and Anna M. (reduce the scope of migration from unsupported releases, finish maintenance setup for openQA, lkocman will do cleanup of his tickets). I've shared some new work that we expect for 15.5 (testing with the latest stable kernel, employee HW testing). ## openSUSE Tumbleweed openSUSE:Factory build fail stats: 464 failed, 22 (build in progress, number incomplete) unresolvable (last week: 525/25) https://tinyurl.com/ysy4nnnz * Gcc 12 snapshot / rebuild went without issues through QA and had been released * XOrg 11 video drivers rebuilt without -z now (X failed to start on some drivers) - all shoudl be fixed in 0516 * KDE Gear 22.04.1 and KDE Frameworks 5.94.0 * Switch for python 3.10 as main interpreter is work in progress, Staging:A is shaping up. Something like ~ 10 build fails left, most with fixes in the queue. No openQA run yet, so no esimate on how bad it really is. GPG Key to sign packages/repos is planned to be updated to be a 4096/RSA key (implementation schedule pending) Tracker bug : https://bugzilla.suse.com/show_bug.cgi?id=1199184 OBS seems to have some hard time finding workers for ceph and kernel builds: very frequently, staging projects are blocked by waiting for the 4 same packages still being scheduled (ceph, kernel-default, kernel-vanilla, kernel-debug) (constraints limit to 18 (ceph) resp 24 (kernels) workers) ## Richard (Kubic/MicroOS) Winding down the Kubic project. Private discusions with possible maintainers of kubernetes packages ongoing, but no commitments yet devel:microos populated and packages moved from devel:kubic Fate of devel:kubic:containers and what will end up where TBD Investigating ways to reduce the impact of SELinux relabling which can add minutes to a boot after an selinux-policy update or rebuild MicroOS (GNOME) Desktop has a fresh community effort to get out of beta, possibly by writing a fresh notification tool for transactional- updates instead of relying on PackageKit. Join the Telegram/Matrix MicroOS Desktop channel to join the effort. lkocman: New description for get-o-o, self-install images are now on the main download page (same as Leap Micro). What about generic VM images and lots of HW specific images? ## Max Leap Micro * Publish GA Leap 15.4 * Continue the RC work * Fixing installcheck problem according to the repodata from the latest build Lubos: To pull in more updated Translations We took changes from SLES mass rebuild and we're still rebuilding. * The remaining build fails: minikube(will be deleted soon) and python- certbot Please note that some additional package version bumps are required to upgrade py-crypto! Currently blocked on PM. Stefan W. wants to have this as ECO update. Axel: I think you'll have to update 4-5 packages. Dirk: I'm not aware of any additional packages needed to update cryptography. python-packaging python-setuptools python-setuptools_scm python-setuptools-rust python-pyOpenSSL python-cryptography Marcus does not recommend forking package in Leap as there are other SLE python modules that will depend on it. Santiago mentioned that he'll have more free cycles for Leap/openQA this week. I'll reach out to him regarding focus on the migration scenarios. ## Guillaume - Arm Tumbleweed: * Snapshot 20220516 released (1st snapshot since GCC12 rebuild) * Some build failures due to GCC12 Leap 15.4: * aarch64: * Net ISO needs a workaround on Raspberry Pi 4: https://bugzilla.suse.com/show_bug.cgi?id=1198992 * armv7: * Enlightenment package still fails in rpmlint check (missing whitelist?): https://bugzilla.opensuse.org/show_bug.cgi?id=1194047 lkocman: will reach out to simotek and Wolfgang Leap Micro 5.2: * Default-SelfInstall image is now available for aarch64. But there are till some issues in openQA: https://progress.opensuse.org/issues/110845 (works locally) lkocman to check if we could remove the firefox tests from the 42.X/15.0 upgrade test suite. It doesn't seem to happen outside of that (same for TW). lkocman will try to look into this Lubos: Action item from workshop: images for inidvidual devices are bit difficult to find. Compared to raspbian etc. Could we have them available on the single download-page on get-o-o (similar to micro perhaps?) I understand it much more files. Guillaume: I will check what could be done, but we have lots of images. ## Sarah - s390x Not available SUSE has shutdown 3 LPARs because of performance issues Issue has been also reported to the CTO for ZSystems of IBM Tumbleweed: * Is rolling openSUSE Leap Beta: * no issues at the moment * maven issues are existing -> discussions about upgrading the Java version or how to fix it lkocman: slightly related topic, should we perhaps re-consider recommended memory amount in Release Notes? I think we still recommend something like 2G minimal / 4G or 8G optimal. * KDE for s390x adopted ## Doug Not available - travelling * TSP * Solution set to be evaluated next week * No certainty on when it can be implemented * Community Workshop * May 10 * https://etherpad.opensuse.org/p/weeklymeeting20220510 * May 12 at 18:00 UTC * oSC22 * Talks Scheduled * Badges and signage arriving this week * Making schedule in venueless platform * Taking care of some action items from meeting * Board meeting location and travel progressing * Need workshop speakers to interact/include with virtual audience in https://opensuse.venueless.events * Tokens for access will be sent out to those who register for the conference on events.opensuse.org * OSCAL oSC22 * Schedule almost complete. (May 20) * Location should be announced soon * GSoC * 5 proposals ranked * deadline is tomorrow ## Dirk * io_uring hang is identified and fix is prepared, still discussing when it will enter SP4 * fixed a couple of issues for python 3.10 switch and fallout from gcc 12 rebuild * ## Wolfgang (Package Hub), Scott Bahling Looking into a issue where mirror admins reported growing size of Leap / Backports. Adrian and Wolfgang are looking into that. Adrian: addition of mirroring of SP4:GA, for some days some architectures were behind and we've had doubled amount of noarch packages. It's expected behavior. Project will be frozen soon. Marcus: Did we do version updates for 15.4 from Factory. We did that in around Alpha phase. Marcus: some of the SP3:Updates were not picked up by Package HUB - SP4. Dirk: I also noticed some overriden versions from SP3. Lubos will check with Wolfgang on this one. Marcus did not see the usual review requests. ## Maintenance team (Marina or Marcus, Maurizio (m4u)) - Marcus: 15.4 is set up channel wise, updates will go in testing occasionaly, if you need more ping me, no openqa setup yet lkocman: could you please help me with cleanup of maintenance tasks in https://progress.opensuse.org/projects/opensuse-leap-15-4/issues/gantt lkocman: will contact Jan Stehlik. Santi (PO for the topic) mentioned he'll work on it. lkocman: messaged Jan Jan confirmed with me that they're on it. lkocman: (still pending) will open a release notes entry for a change Security Advisory identification TODO Marcus: could you give me example of old and new values? - Marina and Maurizio: SLE-PackageHub overlaps (https://github.com/openSUSE/openSUSE-release-process/issues/71) work in progress following the initial list of overlapping packages (https://progress.opensuse.org/issues/106610#note-3) More incidents are under QA. Work is going on and under control (and tracked internally as jsc#MSC-303). Already released: (AH PERFECT!) SUSE:Maintenance:22929:265929 (babl libbabl-0_1-0 typelib-1_0-Babl-0_1) SUSE:Maintenance:23000:266006 (MozillaThunderbird enigmail) SUSE:Maintenance:23009:266004 (freerdp freerdp-devel freerdp-proxy libfreerdp2 libgsm) -> libgsm1 was missing in PH making freerdp not installable SUSE:Maintenance:22928:266007 (argyllcms csync libcsync0 libcsync- plugin-sftp libcsync-plugin-smb) SUSE:Maintenance:23015:267052 (gfbgraph-devel libgfbgraph-0_2-0 typelib-1_0-GFBGraph-0_2 librest gcr) -> librest, gcr and libgoa are needed too for making gfbgraph installable SUSE:Maintenance:23334:268316 (gutenprint gutenprint-devel) SUSE:Maintenance:23486:268867 (hp-drive-guard, upower) --> needs libupower-glib3 SUSE:Maintenance:23487:268897 (liba52-0 liba52-devel) SUSE:Maintenance:23506:268899 (libdvdread4 libdvdread-devel) Lubos will ping m4u about updating the list (m4u: the list gets updated on jsc#MSC-303, let me know if you cannot access, I will update it later today and ping Lubos when done) Lubos will check updates in jira Meet product security at the openSUSE Conference. There are about 3 talks on the maintenance and security topics. Come and say Hello! DimStar: there is currently a pending crypto / gnutls related submission. ## Adrian - OBS Adding tags to specfiles to reference upstream tarballs, so OBS wouldn't have to manage it. It would still land in the history of the source server (fully copy would be still available). Dirk: Did we already have osc release with this functionality? Adrian: good point. Discussion will take some time before we can introduce it. Please make a proposal on factory@ DimStar: we have to look into source validator bot/service Dirk: Agreed first steps, source validator and support in osc lkocman: Was it raised int he Build Service WG for Alp? Adrian: yes it was discussed there. wengel: The noarch repository of OBS://openSUSE:Backports:SLE-15-SP4 (http://download.opensuse.org/repositories/openSUSE:/Backports:/SLE-15-SP4/s… ) doubled in size and people running mirrors got worried about disk space. This happened because the previous builds where kept in the repository since not all builds have finished yet. Once all builds finished the repository cleaned up and only the latest builds are there. This is normal behaviour of OBS since old versions could have been used during build time and since not all builds have finished those versions are kept for the case that a to be build package will need it. feedback loop on mirrored submissions doesn't workstation. Lubos wills end an email with an example to Marco and Adrian. (Sent last week) Marco has reached out to me regarding the mirroring. He has example(s) from SUSE:SLE-15:SP4:GA

1 1

openSUSE:Factory - Build fail notification
by DimStar / Dominique Leuenberger 18 May '22

18 May '22

Dear Package maintainers and hackers. Below package(s) in openSUSE:Factory have been failing to build for at least 4 weeks. We tried to send out notifications to the configured bugowner/maintainers of the package(s), but so far no fix has been submitted. This probably means that the maintainer/bugowner did not yet find the time to look into the matter and he/she would certainly appreciate help to get this sorted. - cage - rubygem-debase Unless somebody is stepping up and submitting fixes, the listed package(s) are going to be removed from openSUSE:Factory. Kind regards, DimStar / Dominique Leuenberger <dimstar(a)opensuse.org>

3 2