Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&...
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed: MozillaFirefox (83.0 -> 84.0) MozillaThunderbird (78.5.1 -> 78.6.0) SDL2 (2.0.12 -> 2.0.14) akonadi-contact boost-base boost-extra dolphin gtk2 (2.24.32+70 -> 2.24.33) kaddressbook kvm_stat (5.9.12 -> 5.10.1) mozilla-nss (3.58 -> 3.59) openblas_pthreads (0.3.12 -> 0.3.13) orca (3.38.1 -> 3.38.2) plasma5-desktop python-importlib-metadata (3.1.1 -> 3.3.0) python-more-itertools (8.5.0 -> 8.6.0) python-pyOpenSSL sudo (1.9.4 -> 1.9.4p2) timezone (2020d -> 2020e) timezone-java (2020d -> 2020e) wireshark (3.4.1 -> 3.4.2) xmlsec1 (1.2.30 -> 1.2.31)
=== Details ===
==== MozillaFirefox ==== Version update (83.0 -> 84.0) Subpackages: MozillaFirefox-translations-common
- Mozilla Firefox 84.0 * Firefox 84 is the final release to support Adobe Flash * WebRender is enabled by default when run on GNOME-based X11 Linux desktops MFSA 2020-54 (bsc#1180039)) * CVE-2020-16042 (bmo#1679003) Operations on a BigInt could have caused uninitialized memory to be exposed * CVE-2020-26971 (bmo#1663466) Heap buffer overflow in WebGL * CVE-2020-26972 (bmo#1671382) Use-After-Free in WebGL * CVE-2020-26973 (bmo#1680084) CSS Sanitizer performed incorrect sanitization * CVE-2020-26974 (bmo#1681022) Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free * CVE-2020-26975 (bmo#1661071) Malicious applications on Android could have induced Firefox for Android into sending arbitrary attacker-specified headers * CVE-2020-26976 (bmo#1674343) HTTPS pages could have been intercepted by a registered service worker when they should not have been * CVE-2020-26977 (bmo#1676311) URL spoofing via unresponsive port in Firefox for Android * CVE-2020-26978 (bmo#1677047) Internal network hosts could have been probed by a malicious webpage * CVE-2020-26979 (bmo#1641287, bmo#1673299) When entering an address in the address or search bars, a website could have redirected the user before they were navigated to the intended url * CVE-2020-35111 (bmo#1657916) The proxy.onRequest API did not catch view-source URLs * CVE-2020-35112 (bmo#1661365) Opening an extension-less download may have inadvertently launched an executable instead * CVE-2020-35113 (bmo#1664831, bmo#1673589) Memory safety bugs fixed in Firefox 84 and Firefox ESR 78.6 * CVE-2020-35114 (bmo#1607449, bmo#1640416, bmo#1656459, bmo#1669914, bmo#1673567) Memory safety bugs fixed in Firefox 84 - requires NSS >= 3.59 rust >= 1.44 rust-cbindgen >= 0.15.0 - remove revert-795c8762b16b.patch and replace with mozilla-pgo.patch - Add/Enable GNOME search provider
==== MozillaThunderbird ==== Version update (78.5.1 -> 78.6.0) Subpackages: MozillaThunderbird-translations-common
- Mozilla Thunderbird 78.6.0 * changes and additions in MailExtensions * several bugfixes * https://www.thunderbird.net/en-US/thunderbird/78.6.0/releasenotes/ MFSA 2020-56 (bsc#1180039)) * CVE-2020-16042 (bmo#1679003) Operations on a BigInt could have caused uninitialized memory to be exposed * CVE-2020-26971 (bmo#1663466) Heap buffer overflow in WebGL * CVE-2020-26973 (bmo#1680084) CSS Sanitizer performed incorrect sanitization * CVE-2020-26974 (bmo#1681022) Incorrect cast of StyleGenericFlexBasis resulted in a heap use-after-free * CVE-2020-26978 (bmo#1677047) Internal network hosts could have been probed by a malicious webpage * CVE-2020-35111 (bmo#1657916) The proxy.onRequest API did not catch view-source URLs * CVE-2020-35112 (bmo#1661365) Opening an extension-less download may have inadvertently launched an executable instead * CVE-2020-35113 (bmo#1664831, bmo#1673589) Memory safety bugs fixed in Thunderbird 78.6
==== SDL2 ==== Version update (2.0.12 -> 2.0.14)
- update to 2.0.14: * Added support for PS5 DualSense and Xbox Series X controllers to the HIDAPI controller driver * Vulkan support to the KMSDRM video driver * see details on https://discourse.libsdl.org/t/sdl-2-0-14-released/28470
==== akonadi-contact ==== Subpackages: akonadi-contact-lang akonadi-plugin-contacts libKF5AkonadiContact5 libKF5ContactEditor5
- Obsolete kdepim-apps-libs-lang as well to avoid update problems
==== boost-base ==== Subpackages: boost-license1_75_0 libboost_date_time1_75_0 libboost_filesystem1_75_0 libboost_iostreams1_75_0 libboost_locale1_75_0 libboost_regex1_75_0 libboost_thread1_75_0
- libboost_nowide now uses same pattern of Provides/Conflicts and version numbers as other Boost libraries - Add missing conflicts for Boost 1.66 - Boost.Build (jam) implementation is now obsoletes older versions
==== boost-extra ====
- libboost_nowide now uses same pattern of Provides/Conflicts and version numbers as other Boost libraries - Add missing conflicts for Boost 1.66 - Boost.Build (jam) implementation is now obsoletes older versions
==== dolphin ==== Subpackages: dolphin-part dolphin-part-lang libdolphinvcs5
- Add upstream patch to fix crash on launch (kde#429628, kde#430434): * 0001-Fix-access-url-navigator-while-creating-new-tab-in-f.patch
==== gtk2 ==== Version update (2.24.32+70 -> 2.24.33) Subpackages: gtk2-data gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-tigrigna gtk2-immodule-vietnamese gtk2-immodule-xim gtk2-lang gtk2-tools gtk2-tools-32bit libgtk-2_0-0 libgtk-2_0-0-32bit
- Update to version 2.24.33: + This is the final GTK 2.x release. There will be no more updates to GTK 2. All users are encouraged to update to GTK 3 or 4. + Make the output of gtk-query-immodules deterministic. + GtkCalendar: Use %OB if supported. + GtkIconTheme: prefer exact matches. + build: - Support automake 1.16. - Fix compiler warnings with newer gcc.
==== kaddressbook ==== Subpackages: kaddressbook-doc kaddressbook-lang libKPimAddressbookImportExport5
- Obsolete kdepim-apps-libs-lang as well to avoid update problems
==== kvm_stat ==== Version update (5.9.12 -> 5.10.1)
- Fix kernel version comparison for selectively applying patches * so that it won't break when, e.g., 5.10.0 hits Factory
==== mozilla-nss ==== Version update (3.58 -> 3.59) Subpackages: libfreebl3 libfreebl3-hmac libsoftokn3 libsoftokn3-hmac mozilla-nss-certs mozilla-nss-tools
- update to NSS 3.59 Notable changes * Exported two existing functions from libnss: CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData Bugfixes * bmo#1607449 - Lock cert->nssCertificate to prevent a potential data race * bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA * bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent * bmo#1670835 - Support enabling and disabling signatures via Crypto Policy * bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed root certs when SHA1 signatures are disabled. * bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to solve some test intermittents * bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in our CVE-2020-25648 fix that broke purple-discord (boo#1179382) * bmo#1666891 - Support key wrap/unwrap with RSA-OAEP * bmo#1667989 - Fix gyp linking on Solaris * bmo#1668123 - Export CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData from libnss * bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA * bmo#1663091 - Remove unnecessary assertions in the streaming ASN.1 decoder that affected decoding certain PKCS8 private keys when using NSS debug builds * bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS.
==== openblas_pthreads ==== Version update (0.3.12 -> 0.3.13)
- Update to version 0.3.13 common: * Added a generic bfloat16 SBGEMV kernel * Fixed a potentially severe memory leak after fork in OpenMP builds that was introduced in 0.3.12 * Added detection of the Fujitsu Fortran compiler * Added detection of the (e)gfortran compiler on OpenBSD * Added support for overriding the default name of the library independently from symbol suffixing in the gmake builds (already supported in cmake) RISC V: * Added a RISC V port optimized for C910V POWER: * Added optimized POWER10 kernels for SAXPY, CAXPY, SDOT, DDOT and DGEMV_N * Improved DGEMM performance on POWER10 * Improved STRSM and DTRSM performance on POWER9 and POWER10 * Fixed segmemtation faults in DYNAMIC_ARCH builds * Fixed compilation with the PGI compiler x86: * Fixed compilation of kernels that require SSE2 intrinsics since 0.3.12 x86_64: * Added an optimized bfloat16 SBGEMV kernel for SkylakeX and Cooperlake * Improved the performance of SASUM and DASUM kernels through parallelization * Improved the performance of SROT and DROT kernels * Improved the performance of multithreaded xSYRK * Fixed OpenMP builds that use the LLVM Clang compiler together with GNU gfortran (where linking of both the LLVM libomp and GNU libgomp could lead to lockups or wrong results) * Fixed miscompilations by old gcc 4.6 * Fixed misdetection of AVX2 capability in some Sandybridge cpus * Fixed lockups in builds combining DYNAMIC_ARCH with TARGET=GENERIC on OpenBSD ARM64: * Fixed segmentation faults in DYNAMIC_ARCH builds MIPS: * Improved kernels for Loongson 3R3 ("3A") and 3R4 ("3B") models, including MSA * Fixed bugs in the MSA kernels for CGEMM, CTRMM, CGEMV and ZGEMV * Added handling of zero increments in the MSA kernels for SSWAP and DSWAP * Added DYNAMIC_ARCH support for MIPS64 (currently Loongson3R3/3R4 only) SPARC: * Fixed building 32 and 64 bit SPARC kernels with the SolarisStudio compilers - Fix invalid symlinks (boo#1179764).
==== orca ==== Version update (3.38.1 -> 3.38.2) Subpackages: orca-lang
- Update to version 3.38.2: + Don't treat unknown coordinates as definitely off-screen. Should fix the problem seen with flat review resulting from a change in Gtk+ 3.24.24.
==== plasma5-desktop ==== Subpackages: plasma5-desktop-emojier plasma5-desktop-lang
- Add upstream patch to fix keyboard repeat settings not being applied immediately (boo#1164739, kde#418175): * Reparse-the-key-repeat-rate-config-when-we-try-to-load-it.patch
==== python-importlib-metadata ==== Version update (3.1.1 -> 3.3.0)
- New version requires typing_extensions for Python < 3.8 (Leap and TW python36 flavor) - update to 3.3.0: * * #265: ``EntryPoint`` objects now expose a ``.dist`` object referencing the ``Distribution`` when constructed from a Distribution. * The object returned by ``metadata()`` now has a formally-defined protocol called ``PackageMetadata`` with declared support for the ``.get_all()`` method. Fixes #126. - add typing-extensions dependency for older python versions
==== python-more-itertools ==== Version update (8.5.0 -> 8.6.0)
- update to 8.6.0: * :func:`all_unique` (thanks to brianmaissy) * :func:`nth_product` and :func:`nth_permutation` (thanks to N8Brooks) * :func:`chunked` and :func:`sliced` now accept a ``strict`` parameter (thanks to shlomif and jtwool) * Python 3.5 has reached its end of life and is no longer supported. * Python 3.9 is officially supported.
==== python-pyOpenSSL ====
- Adjust metadata for skip-networked-test.patch and refer to the proper upstream ticket gh#pyca/pyopenssl#68.
==== sudo ==== Version update (1.9.4 -> 1.9.4p2) Subpackages: sudo-plugin-python
- Update to 1.9.4p2 * Fixed a bug introduced in sudo 1.9.4p1 which could lead to a crash if the sudoers file contains a runas user-specific Defaults entry. Bug #951. - News in 1.9.4p1 * Fixed a regression introduced in version 1.9.4 where sudo would not build when configured using the --without-sendmail option. Bug #947. * Fixed a problem where if I/O logging was disabled and sudo was unable to connect to sudo_logsrvd, the command would still be allowed to run even when the "ignore_logfile_errors" sudoers option was enabled. * Fixed a crash introduced in version 1.9.4 when attempting to run a command as a non-existent user. Bug #948. * The installed sudo.conf file now has the default sudoers Plugin lines commented out. This fixes a potential conflict when there is both a system-installed version of sudo and a user-installed version. GitHub issue #75. * Fixed a regression introduced in sudo 1.9.4 where sudo would run the command as a child process even when a pseudo-terminal was not in use and the "pam_session" and "pam_setcred" options were disabled. GitHub issue #76. * Fixed a regression introduced in sudo 1.8.9 where the "closefrom" sudoers option could not be set to a value of 3. Bug #950.
==== timezone ==== Version update (2020d -> 2020e)
- timezone update 2020e (bsc#1177460) * Volgograd switches to Moscow time on 2020-12-27 at 02:00.
==== timezone-java ==== Version update (2020d -> 2020e)
- timezone update 2020e (bsc#1177460) * Volgograd switches to Moscow time on 2020-12-27 at 02:00.
==== wireshark ==== Version update (3.4.1 -> 3.4.2) Subpackages: libwireshark14 libwiretap11 libwsutil12 wireshark-ui-qt
- Wireshark 3.4.2 * CVE-2020-26422: QUIC dissector crash (boo#1180232) * Fix IETF QUIC TLS decryption errors when packets are coalesced with random data * QUIC: missing dissection of some coalesced SH packets * Fix false expect error seen on FCoE frames * Updated Protocol Support DOCSIS, FC-dNS, FC-SWILS, FCoE, QUIC, SNMP, and USBHID
==== xmlsec1 ==== Version update (1.2.30 -> 1.2.31) Subpackages: libxmlsec1-1 libxmlsec1-nss1 libxmlsec1-openssl1
- Update to version 1.2.31: + Unload error strings in OpenSSL shutdown. + Make userData available when executing preExecCallback function. + Add an option to use secure memset. - Pass --disable-md5 to configure: The cryptographic strength of the MD5 algorithm is sufficiently doubtful that its use is discouraged at this time. It is not listed as an algorithm in [XMLDSIG-CORE1] https://www.w3.org/TR/xmlsec-algorithms/#bib-XMLDSIG-CORE1
Hi,
I does yesterday an upgrade on my Notebook to Kernel 5.10.1 (?) . The Notebook have Win10 and an encrypted /boot/efi; / and /home (see fstab and fdisk below). Afterwords the system hangs during boot after the entering of the HDD encryption password. Detailed output I can only include via picture (if it won't be filterd out from client). Seams to be an issue of "BUG: workqueue lookup) if I interprete the output correctly.
I can boot with the previous Kernel 5.9.14 (?) . But some features don't work anymore (e.g wifi and some other HW).
Partitioning section from /etc/fstab UUID=abc / ext4 defaults 0 1 UUID=cde /boot/efi vfat defaults 0 0 UUID=fgh /home xfs defaults 0 0 UUID=ijk swap swap defaults 0 0
# fdisk -l Disk /dev/nvme0n1: 953.89 GiB, 1024209543168 bytes, 2000409264 sectors Disk model: SAMSUNG MZVLB1T0HALR-00000 Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: 1491C2EA-8A44-404C-889F-0E0DAA8B006E
Device Start End Sectors Size Type /dev/nvme0n1p1 2048 2099199 2097152 1G EFI System /dev/nvme0n1p2 2099200 2361343 262144 128M Microsoft reserved /dev/nvme0n1p3 2361344 212074495 209713152 100G Microsoft basic data /dev/nvme0n1p4 212074496 244316159 32241664 15.4G Linux swap /dev/nvme0n1p5 244316160 250613759 6297600 3G Windows recovery environment /dev/nvme0n1p6 250613760 460328959 209715200 100G Linux filesystem /dev/nvme0n1p7 460328960 2000409230 1540080271 734.4G Linux filesystem
Disk /dev/mapper/cr_nvme-SAMSUNG_MZVLB512HAJQ-00007_S3W9NX0M800722-part7: 15.38 GiB, 16505634816 bytes, 32237568 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/cr_nvme-SAMSUNG_MZVLB512HAJQ-00007_S3W9NX0M800722-part5: 99.102 GiB, 107372085248 bytes, 209711104 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/cr_nvme-SAMSUNG_MZVLB512HAJQ-00007_S3W9NX0M800722-part6: 734.37 GiB, 788519001600 bytes, 1540076175 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes
Citeren Ulf ub22@gmx.net:
Hi,
I does yesterday an upgrade on my Notebook to Kernel 5.10.1 (?) . The Notebook have Win10 and an encrypted /boot/efi; / and /home (see fstab and fdisk below). Afterwords the system hangs during boot after the entering of the HDD encryption password. Detailed output I can only include via picture (if it won't be filterd out from client). Seams to be an issue of "BUG: workqueue lookup) if I interprete the output correctly.
Probably https://bugzilla.opensuse.org/show_bug.cgi?id=1180344#c16
Hi Arjen,
Am Montag, 28. Dezember 2020, 19:49:35 CET schrieb Arjen de Korte:
I does yesterday an upgrade on my Notebook to Kernel 5.10.1 (?) . The Notebook have Win10 and an encrypted /boot/efi; / and /home (see fstab and fdisk below). Afterwords the system hangs during boot after the entering of the HDD encryption password. Detailed output I can only include via picture (if it won't be filterd out from client). Seams to be an issue of "BUG: workqueue lookup) if I interprete the output correctly.
Probably https://bugzilla.opensuse.org/show_bug.cgi?id=1180344#c16
Looks that an upgrade to 20201227-0 don't fix my problem :-(
echo "options iwlwifi enable_ini=0" >> /etc/modprobe.d/99-local.conf
fix it (see my comment in referenced bug @ulfbart)
Ulf
On 12/29/20 6:19 AM, Ulf wrote:
Hi Arjen,
Am Montag, 28. Dezember 2020, 19:49:35 CET schrieb Arjen de Korte:
I does yesterday an upgrade on my Notebook to Kernel 5.10.1 (?) . The Notebook have Win10 and an encrypted /boot/efi; / and /home (see fstab and fdisk below). Afterwords the system hangs during boot after the entering of the HDD encryption password. Detailed output I can only include via picture (if it won't be filterd out from client). Seams to be an issue of "BUG: workqueue lookup) if I interprete the output correctly.
Probably https://bugzilla.opensuse.org/show_bug.cgi?id=1180344#c16
Looks that an upgrade to 20201227-0 don't fix my problem :-(
echo "options iwlwifi enable_ini=0" >> /etc/modprobe.d/99-local.conf
fix it (see my comment in referenced bug @ulfbart)
Please keep discussion in the relevant bug.
Thanks :-)
On 28/12/2020 19.36, Ulf wrote:
Hi,
I does yesterday an upgrade on my Notebook to Kernel 5.10.1 (?) . The Notebook have Win10 and an encrypted /boot/efi; / and /home (see fstab and fdisk below). Afterwords the system hangs during boot after the entering of the HDD encryption password. Detailed output I can only include via picture (if it won't be filterd out from client).
Suggestion for another time: instead of attaching a photo to the list, please upload it to a paste service. We even have an automated script:
susepaste -n "Ulf" -t "Boot hang" -e 151200 boot-error-message.jpg
Which will reply with an URL (if it succeeds) which you can paste here. The example above would be deleted after 3 months - see the man page for other lengths: for bigger files you need shorter times.
Of, you can upload manually to susepaste.org.