Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20211120 Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apache2-mod_php7 (7.4.25 -> 7.4.26) dnsmasq firewalld (1.0.1 -> 1.0.2) gmp health-checker (1.5 -> 1.6) libblockdev (2.25 -> 2.26) libstorage-ng (4.4.56 -> 4.4.57) libx86emu (3.4 -> 3.5) makedumpfile (1.6.9 -> 1.7.0) ncurses (6.3.20211021 -> 6.3.20211115) php7 (7.4.25 -> 7.4.26) rav1e (0.5.0 -> 0.5.0+0) sendmail systemd (249.5 -> 249.6) yast2-storage-ng (4.4.13 -> 4.4.14) === Details === ==== apache2-mod_php7 ==== Version update (7.4.25 -> 7.4.26) - updated to 7.4.26: This is a security release (CVE-2021-21707) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.26 ==== dnsmasq ==== - bsc#1192529, dnsmasq-resolv-conf.patch: Fix a segfault when re-reading an empty resolv.conf - Remove "nogroup" membership from the dnsmasq user. - Use systemd-sysusers from 15.3 onwards ==== firewalld ==== Version update (1.0.1 -> 1.0.2) Subpackages: firewalld-bash-completion firewalld-lang firewalld-zsh-completion python3-firewall - Update to 1.0.2: * fix(firewalld): check capng_apply() return code * fix(nftables): do not log icmp block if inversion * fix(nftables): rich: source address with netmask * fix(fw_config): zone: on rename remove then add * fix(io/functions): check_config against on disk conf * fix(zone): detect same source/interface in zones * docs(policy): fix typos * docs(policies): fix typos ==== gmp ==== Subpackages: libgmp10 libgmp10-32bit - Add gmp-6.2.1-CVE-2021-43618.patch to fix buffer overflow on malformed input to mpz_inp_raw. [bsc#1192717, CVE-2021-43618] ==== health-checker ==== Version update (1.5 -> 1.6) Subpackages: health-checker-plugins-MicroOS - Update to version 1.6 * Adapt rd.retry to also trigger initqueue timeout tasks [gh#kubic-project/health-checker#11] * Reboot system and let the GRUB health-checker part try to find a working initrd if root file system could not be mounted - instead of ending up in an emergency shell * Correctly declare Bash scripts as such ==== libblockdev ==== Version update (2.25 -> 2.26) Subpackages: libbd_btrfs2 libbd_crypto2 libbd_fs2 libbd_loop2 libbd_mdraid2 libbd_part2 libbd_swap2 libbd_utils2 libblockdev2 - Update to version 2.26: + Fixes: - Deprecated glib function call; - Build with LLVM/clang; - Many memory leaks; - Many tests. - Fix dbus.h being wrongly packaged in libbd_lvm-dbus-devl instead of libbd_utils-devel (boo#1189787). ==== libstorage-ng ==== Version update (4.4.56 -> 4.4.57) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#843 - added convenience function get_blk_devices() for Multipath and DmRaid - added macro LIBSTORAGE_NG_VERSION_AT_LEAST - 4.4.57 ==== libx86emu ==== Version update (3.4 -> 3.5) - merge gh#wfeldt/libx86emu#40 - decode extended nop instructions - 3.5 ==== makedumpfile ==== Version update (1.6.9 -> 1.7.0) - Turn on zstd. - Update to 1.7.0 * Zstandard (zstd) compression support * New -L option to limit output file size * Support of kernels up to v5.15 (x86_64) ==== ncurses ==== Version update (6.3.20211021 -> 6.3.20211115) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20211115 + fix memory-leak in delwin for pads (report by Werner Fink, OpenSUSE [#1192668], cf: 20211106), - Add ncurses patch 20211113 + minor clarification to clear.1 (Debian #999437). + add xterm+sl-alt, use that in foot+base (report by Jonas Grosse Sundrup) -TD + improve search-path check for pkg-config, for Debian testing which installs pkg-config with architecture-prefixes. - Correct offsets of patch ncurses-6.3.dif - Add ncurses patch 20211106 + improve check in misc/Makefile.in for empty $PKG_CONFIG_LIBDIR + modify wnoutrefresh to call pnoutrefresh if its parameter is a pad, rather than treating it as an error, and modify new_panel to permit its window-parameter to be a pad (report by Giorgos Xou). + fix a memory-leak in del_curterm (prompted by discussion with Bram Moolenaar, cf: 20210821). - Add ncurses patch 20211030 + simplify some references to WINDOWS._flags using macros. + add a "check" rule in Ada95 makefile, to help with test-packages. + build-fix for cross-compiling to MingW, conditionally add -lssp - Correct offsets of patch ncurses-6.3.dif - Add ncurses patch 20211026 + corrected regex needed for older pkg-config used in Solaris 10. + amend configure option's auto-search to account for systems where none of the directories known to pkg-config exist, adapted from mailing-list comment (report by Milan P. Stanic). - Port patch ncurses-6.2.dif which is now named ncurses-6.3.dif ==== php7 ==== Version update (7.4.25 -> 7.4.26) Subpackages: php7-cli php7-ctype php7-dom php7-gd php7-gettext php7-iconv php7-json php7-mbstring php7-mysql php7-openssl php7-pdo php7-sqlite php7-tokenizer php7-xmlreader php7-xmlwriter - updated to 7.4.26: This is a security release (CVE-2021-21707) which also contains several bug fixes. See https://www.php.net/ChangeLog-7.php#7.4.26 ==== rav1e ==== Version update (0.5.0 -> 0.5.0+0) - Do not hardcode an author in the changes generator service: Attribution happens by the user that actually runs the service. - Integrate obs_scm, cargo_vendor and cargo_audit to assist automation of updates ==== sendmail ==== Subpackages: libmilter1_0 - Added hardening to systemd service(s) (bsc#1181400). Modified: * sendmail-client.service * sendmail.service ==== systemd ==== Version update (249.5 -> 249.6) Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1 libudev1-32bit systemd-32bit systemd-container systemd-doc systemd-lang systemd-sysvinit udev - Import commit 61c79e68381801428c0bc00a56b9e2e9cfa68373 (merge of 249.6) bcdeee7b4c virt: Support detection for ARM64 Hyper-V guests (bsc#1186071) [...] For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/8521f8d22fd44400289fcea03493ebd7... - Drop 0001-Revert-core-Check-unit-start-rate-limiting-earlier.patch It's part of v249.6. ==== yast2-storage-ng ==== Version update (4.4.13 -> 4.4.14) - Fixed calculation of partitions needed for booting when AutoYaST specifies an alternative crypt_method, like pervasive_luks2 (related to jsc#SLE-7376 and jsc#SLE-21308). - 4.4.14 - Fix duplicate PV error detection with disabled multipath (related to bsc#1170216). - Partitioner: initial support for regular LUKS2 encryption, if env variable YAST_LUKS2_AVAILABLE is set (part of jsc#SLE-21308).