New Tumbleweed snapshot 20210315 released! - openSUSE Factory

16 Mar 2021

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&am…

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
  bcm20702a1-firmware
  grub2
  irqbalance (1.7.0 -> 1.7.0+git20210222.9db8d5c)
  lua54
  pipewire (0.3.22 -> 0.3.23)
  plasma5-disks (5.21.1 -> 5.21.2)
  plasma5-thunderbolt (5.21.1 -> 5.21.2)
  procps
  python-numexpr (2.7.2 -> 2.7.3)
  rubygem-puma (5.2.1 -> 5.2.2)
  rubygem-rspec-rails (4.0.2 -> 5.0.0)
  userspace-rcu (0.12.1 -> 0.12.2)
  wireshark (3.4.3 -> 3.4.4)

=== Details ===

==== bcm20702a1-firmware ====

- fix boo#1175038 - remove unnecessary %postun scriptlet that is
  incorrectly deleting all package files on upgrade; all files are
  already listed in %files as %ghost so no scriptlet is needed.

==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-systemd-sleep-plugin
grub2-x86_64-efi grub2-x86_64-xen

- Fix chainloading windows on dual boot machine (bsc#1183073)
  * 0001-kern-efi-sb-Add-chainloaded-image-as-shim-s-verifiab.patch
- VUL-0: grub2,shim: implement new SBAT method (bsc#1182057)
  * 0031-util-mkimage-Remove-unused-code-to-add-BSS-section.patch
  * 0032-util-mkimage-Use-grub_host_to_target32-instead-of-gr.patch
  * 0033-util-mkimage-Always-use-grub_host_to_target32-to-ini.patch
  * 0034-util-mkimage-Unify-more-of-the-PE32-and-PE32-header-.patch
  * 0035-util-mkimage-Reorder-PE-optional-header-fields-set-u.patch
  * 0036-util-mkimage-Improve-data_size-value-calculation.patch
  * 0037-util-mkimage-Refactor-section-setup-to-use-a-helper.patch
  * 0038-util-mkimage-Add-an-option-to-import-SBAT-metadata-i.patch
  * 0039-grub-install-common-Add-sbat-option.patch
- Fix CVE-2021-20225 (bsc#1182262)
  * 0022-lib-arg-Block-repeated-short-options-that-require-an.patch
- Fix CVE-2020-27749 (bsc#1179264)
  * 0024-kern-parser-Fix-resource-leak-if-argc-0.patch
  * 0025-kern-parser-Fix-a-memory-leak.patch
  * 0026-kern-parser-Introduce-process_char-helper.patch
  * 0027-kern-parser-Introduce-terminate_arg-helper.patch
  * 0028-kern-parser-Refactor-grub_parser_split_cmdline-clean.patch
  * 0029-kern-buffer-Add-variable-sized-heap-buffer.patch
  * 0030-kern-parser-Fix-a-stack-buffer-overflow.patch
- Fix CVE-2021-20233 (bsc#1182263)
  * 0023-commands-menuentry-Fix-quoting-in-setparams_prefix.patch
- Fix CVE-2020-25647 (bsc#1177883)
  * 0021-usb-Avoid-possible-out-of-bound-accesses-caused-by-m.patch
- Fix CVE-2020-25632 (bsc#1176711)
  * 0020-dl-Only-allow-unloading-modules-that-are-not-depende.patch
- Fix CVE-2020-27779, CVE-2020-14372 (bsc#1179265) (bsc#1175970)
  * 0001-include-grub-i386-linux.h-Include-missing-grub-types.patch
  * 0002-efi-Make-shim_lock-GUID-and-protocol-type-public.patch
  * 0003-efi-Return-grub_efi_status_t-from-grub_efi_get_varia.patch
  * 0004-efi-Add-a-function-to-read-EFI-variables-with-attrib.patch
  * 0005-efi-Add-secure-boot-detection.patch
  * 0006-efi-Only-register-shim_lock-verifier-if-shim_lock-pr.patch
  * 0007-verifiers-Move-verifiers-API-to-kernel-image.patch
  * 0008-efi-Move-the-shim_lock-verifier-to-the-GRUB-core.patch
  * 0009-kern-Add-lockdown-support.patch
  * 0010-kern-lockdown-Set-a-variable-if-the-GRUB-is-locked-d.patch
  * 0011-efi-Lockdown-the-GRUB-when-the-UEFI-Secure-Boot-is-e.patch
  * 0012-efi-Use-grub_is_lockdown-instead-of-hardcoding-a-dis.patch
  * 0013-acpi-Don-t-register-the-acpi-command-when-locked-dow.patch
  * 0014-mmap-Don-t-register-cutmem-and-badram-commands-when-.patch
  * 0015-commands-Restrict-commands-that-can-load-BIOS-or-DT-.patch
  * 0016-commands-setpci-Restrict-setpci-command-when-locked-.patch
  * 0017-commands-hdparm-Restrict-hdparm-command-when-locked-.patch
  * 0018-gdb-Restrict-GDB-access-when-locked-down.patch
  * 0019-loader-xnu-Don-t-allow-loading-extension-and-package.patch
  * 0040-shim_lock-Only-skip-loading-shim_lock-verifier-with-.patch
  * 0041-squash-Add-secureboot-support-on-efi-chainloader.patch
  * 0042-squash-grub2-efi-chainload-harder.patch
  * 0043-squash-Don-t-allow-insmod-when-secure-boot-is-enable.patch
  * 0044-squash-kern-Add-lockdown-support.patch
  * 0045-squash-Add-support-for-Linux-EFI-stub-loading-on-aar.patch
  * 0046-squash-verifiers-Move-verifiers-API-to-kernel-image.patch
- Drop patch supersceded by the new backport
  * 0001-linuxefi-fail-kernel-validation-without-shim-protoco.patch
  * 0001-shim_lock-Disable-GRUB_VERIFY_FLAGS_DEFER_AUTH-if-se.patch
  * 0007-linuxefi-fail-kernel-validation-without-shim-protoco.patch
- Add SBAT metadata section to grub.efi
- Drop shim_lock module as it is part of core of grub.efi
  * grub2.spec

==== irqbalance ====
Version update (1.7.0 -> 1.7.0+git20210222.9db8d5c)
Subpackages: irqbalance-ui

- Update to version 1.7.0+git20210222.9db8d5c:
  * ui: fix cpu/irq menu off by one
  * fix uint64_t printf format (use PRIu64)
  * Also fetch node info for non-PCI devices
  * Add hot pull method for irqbalance
  * Add log for hotplug appropriately
  * add irq hotplug feature for irqbalance
  * Remove some unused constant macros in constants.h
  * Add a deprecation notice for IRQBALANCE_BANNED_CPUS
  * Add IRQBALANCE_BANNED_CPULIST to env file
  * log correctly for isolated and nohz_full cpus
  * Update README.md
  * Add some examples for IRQBALANCE_BANNED_CPUS
  * Adjust how we determine if a cpu is online
  * activate_mapping: activate only online CPUs
  * add env variable to ban cpus using cpulist syntax
  * put arg parsing detail into parse_command_line()
  * Updating configure script to version 1.7.0
  * Add strlen checking for IRQBALANCE_BANNED_CPUS
  * remove redundant "/" in SOCKET_TMPFS
  * Fix typo in service unit file
  * arm64: Add irq aff change check For aarch64, the PPIs format in /proc/interrputs can
be parsed and add to interrupt db, and next, the number of interrupts is counted and used
to calculate the load. Finally these interrupts maybe scheduled between the NUMA domains.
  * Correct typos in irqbalance.c
  * free cpu_ban_string when the next request come
  * improve irq migrate rule to avoid high irq load
  * make the option 'V' closer to the option with no arg

==== lua54 ====
Subpackages: liblua5_4-5

- Add upstream-bugs.patch and upstream-bugs-test.patch to fix
  bugs 2,3,4 for build and tests respectively.

==== pipewire ====
Version update (0.3.22 -> 0.3.23)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules
pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools

- Update to version 0.3.23:
  * Highlights
    + Fixes for some critical bugs in last release.
    + Fix bug where audio was not drained properly at the end of
    playback, causing repeating sound.
    + Profile and route switching was improved and should mimic
    more what pulseaudio did.
    + Various fixes for xruns in capture and playback.
    + Bluetooth now supports delay adjustment and various other
    improvements.
    + The pulseaudio server now correctly identifies AC3 and DTS
    streams and returns a not supported error instead of playing
    static.
    + Multichannel support was improved in the alsa plugin and
    the channel mixer. Channels should now play on the right
    speakers in all cases.
  * PipeWire improvements
  + Small fixes and improvements in JSON parsing and encoding.
  + Improvements to param handling in audioconverter. It would
    previously not always notify of changes.
  + Avoid updating some properties that we use internally such
    as the object id and the node.id.
  + log.level in the config files is now actually used.
  + the PIPEWIRE_LATENCY env variable should always override
    any application settings in filter/stream/jack.
  + The config file can now contain filer and stream properties
    to, for example, control the resampler, mixer and latency.
  + Add sandboxing to the systemd services
  + Various FreeBSD fixes.
  + Improve draining and a way to exit the drain state as well.
  + Many multichannel fixes. Channel remapping should now be
    correct.
  + Fix bug with repeating audio at the end of playback because
    the drain in the resampler was not draining all channels.
  + RTKit default rt.prio has been increased to 88. This will
    likely still be clamped to 20 until distros increase the
    max priority.
  * Session-manager
    + Don't try to switch to Pro Audio profile, this should be
    a user choice only.
    + Don't crash when metadata was disabled such as when not
    using the audio features of pipewire.
    + Rework the profile and route handling.
    + Add systemd unit files for the media-session
    + Device names should now also have sane names so that tab
    pactl completion works on them.
  * Device support
    + Fix ALSA format enumeration in more cases. Use the channels
    and rate as a filter.
    + Make sure the graph doesn't ever use buffers larger than
    the alsa device buffer size or we get xruns.
    + Tuning of the alsa device timeout handling and dynamic
    resampler. There should now not be any xruns when streams
    appear and disappear or when the quantum changes.
    + Fix bug in alsa device when reassigning to a new driver,
    in some cases the dynamic resampler was not activated and
    things would drift out of sync and fail.
    + Fixes in quantum changes for ALSA capture and how the
    resampler is drained and fed with the new samples.
  * Bluetooth
    + Delay adjustment has been implemented now. Bluetooth
    devices should now be more synchronized with video due
    to proper delay reporting. Because BT delays can be
    large, it can cause hickups in some players.
    + Fix volume in bluetooth devices.
    + Codec switch improvements.
  * PulseAudio server
    + Latency offset adjustment is now implemented and functional
    for bluetooth devices. It is not working for alsa devices
    yet.
    + Handle unsupported formats. Previously we would accept encoded
    formats and play noise. This fixes AC3 playback in vlc.
    + Move some of the configurable parameters to the config file.
    + Fix a fatal use after free when playing samples
    + Improve module handling. loaded modules now show up in the
    list of modules and can be unloaded. This also prepares the
    core for more module implementations later.
  * ALSA plugin
    + Fix drain with very large buffers, we need to manually start
    the stream before draining.
    + Fix the channel layout handling.
    + Improve compatibility with apps that expect the poll to only
    return when there is activity.
    + Fix drain for capture
  * JACK
    + Add a config option to shorten and filter client names
    + Increase the length of the client name size and make sure
    we don't exceed the allocated size.
    + We now include our own jack header files so we can build
    without depending on another jack-devel package. We don't
    yet install the headers or provide pkgconfig files.
- Move alsa-card-profiles to modules subpackage, they are always
  needed.
- Build/install the `pw-top` tool:
  + Add pkgconfig(ncurses) BuildRequires to satisfy the build deps
    of pw-top.

==== plasma5-disks ====
Version update (5.21.1 -> 5.21.2)
Subpackages: plasma5-disks-lang

- Update to 5.21.2
  * New bugfix release
  * For more details please see:
  * https://kde.org/announcements/plasma/5/5.21.2
- No code changes since 5.21.1

==== plasma5-thunderbolt ====
Version update (5.21.1 -> 5.21.2)
Subpackages: plasma5-thunderbolt-lang

- Update to 5.21.2
  * New bugfix release
  * For more details please see:
  * https://kde.org/announcements/plasma/5/5.21.2
- No code changes since 5.21.1

==== procps ====
Subpackages: libprocps8 procps-lang

- Don't install translated man pages for non-installed binaries
  (uptime, kill).

==== python-numexpr ====
Version update (2.7.2 -> 2.7.3)

- skip python3.6 build (no numpy)
- update to version 2.7.3:
  * Pinned Numpy versions to minimum supported version in an effort to
    alleviate issues seen in Windows machines not having the same MSVC
    runtime installed as was used to build the wheels.
  * ARMv8 wheels are now available, thanks to odidev for the pull
    request.

==== rubygem-puma ====
Version update (5.2.1 -> 5.2.2)

- updated to version 5.2.2
  * Bugfixes
  * Add `#flush` and `#sync` methods to `Puma::NullIO`  ([#2553])
  * Restore `sync=true` on `STDOUT` and `STDERR` streams ([#2557])

==== rubygem-rspec-rails ====
Version update (4.0.2 -> 5.0.0)

- updated to version 5.0.0
  [Full Changelog](https://github.com/rspec/rspec-rails/compare/v4.1.1...v5.0.0)
  Enhancements:
  * Support new #file_fixture_path and new fixture test support code. (Jon Rowe, #2398)
  * Support for Rails 6.1. (Benoit Tigeot, Jon Rowe, Phil Pirozhkov, and more #2398)
  Breaking Changes:
  * Drop support for Rails below 5.2.

==== userspace-rcu ====
Version update (0.12.1 -> 0.12.2)

- update to 0.12.2:
  * fix: exclude clang from GCC version blacklists
  * aarch64: blacklist gcc prior to 5.1
  * Fix: configure: support Autoconf 2.70
  * fix: bump tests thread limit to 4096
  * cleanup: Improve wording of CONFIG_RCU_DEBUG description
  * fix: explicitly include urcu/config.h in files using CONFIG_RCU_ defines
  * Fix typo in README.md
  * fix: add -lurcu-common to pkg-config libs for each flavor
  * call_rcu: Fix race between rcu_barrier() and call_rcu_data_free()

==== wireshark ====
Version update (3.4.3 -> 3.4.4)
Subpackages: libwireshark14 libwiretap11 libwsutil12 wireshark-ui-qt

- Wireshark 3.4.4:
  * CVE-2021-22191: Wireshark could open unsafe URLs (boo#1183353).
- Further features, bug fixes and updated protocol support as listed in:
  https://www.wireshark.org/docs/relnotes/wireshark-3.4.4.html