Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=opensuse&version=15.2&build=546.1&groupid=50 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Distribution&query_format=advanced&resolution=---&version=Leap%2015.2 When you reply to discuss some issues, make sure to change the subject. Please use the test plan at https://docs.google.com/spreadsheets/d/1AGKijKpKiJCB616-bHVoNQuhWHpQLHPWCb3m... to record your testing efforts and use bugzilla to report bugs. Packages changed: ceph (15.0.0.7866+g639502405f -> 15.0.0.8588+g58b5b29433) dracut (049+git112.fe41ccd9 -> 049+git115.c2d8d6fb) gnuhealth-client (3.6.4 -> 3.6.5) grantleetheme kcalutils konsole kwin5 libimobiledevice (1.2.0+git20170122.45fda81 -> 1.2.0+git20180427.26373b3) libvirt openssl-1_1 ovmf (201908 -> 201911) qemu (4.1.93 -> 4.2.0) systemd xen (4.13.0_03 -> 4.13.0_04) === Details === ==== ceph ==== Version update (15.0.0.7866+g639502405f -> 15.0.0.8588+g58b5b29433) Subpackages: librados2 librbd1 - Update to 15.0.0-8588-g58b5b29433: + spec, debian: cephadm requires lvm2 (bsc#1159466) - ceph-rpmlintrc: fix syntax error introduced by change mentioned in previous changelog entry - Update to 15.0.0-8587-gf0521c1db5: + rebase on tip of upstream master, SHA1 068aafb2ea3c71b5adda79467847ee03b77bb35e * cephadm: do ceph-volume activate+deactivate as part of systemd unit - Update to 15.0.0-8442-g094a533242: + spec: * fix cephadm user/group creation * cephadm subpackage: start summary with a capital letter + ceph-rpmlintrc: silence some RPMLINT warnings - Update to 15.0.0-8370-gec9b27b5e0 + ceph-daemon is renamed to cephadm + mgr/ssh is renamed to mgr/cephadm - increase disk space needs in _constraints for some architectures ==== dracut ==== Version update (049+git112.fe41ccd9 -> 049+git115.c2d8d6fb) - Update to version 049+git115.c2d8d6fb: * suse: Remove incorrect usage of %_libexecdir (boo#1155785) - Update to version 049+git114.058e566c: * 35network-legacy: only skip waiting for interfaces if netroot is set (bsc#1152006) * fixup "Dracut: only login to one target at a time" (bsc#1152650) ==== gnuhealth-client ==== Version update (3.6.4 -> 3.6.5) - version 3.6.5: Fix variable name to values ==== grantleetheme ==== Subpackages: grantleetheme-lang libKF5GrantleeTheme5 - Require exact grantlee5 version it was built with, the plugin location contains the version so the installed plugin won't be found by different versions ==== kcalutils ==== Subpackages: kcalutils-lang libKF5CalendarUtils5 - Require exact grantlee5 version it was built with, the plugin location contains the version so the installed plugin won't be found by different versions ==== konsole ==== Subpackages: konsole-part konsole-part-lang - Add ColorScheme-fix-stack-use-after-scope.patch to fix wrong background color with "Black on Random Light" color scheme (boo#1159247, kde#415242) ==== kwin5 ==== Subpackages: kwin5-lang - Add patch to fix crash in systemsettings (kde#411166): * 0001-Possible-fix-for-KDecoration-crash-in-systemsettings.patch ==== libimobiledevice ==== Version update (1.2.0+git20170122.45fda81 -> 1.2.0+git20180427.26373b3) - update version 1.2.0+git20180427.26373b3 * Propagate lower level errors to callers instead of returning unknown * Added IDEVICE_DEVICE_PAIRED event constant matching the corresponding * Define htobe16 if not defined * Fix parameter check of instproxy_check_capabilities_match() * Avoid double free with OpenSSL 1.1.0 (boo#1103546) * Don't use ERR_remove_thread_state() with OpenSSL 1.1.0 * #ifdef out code which is a no-op with OpenSSL 1.1.0 * cython: Fix build error after error constant rename * gnutls: check for interrupted gnutls_handshake() * idevicescreenshot: Detect screenshot image format to determine file extension * Add basic mobileactivation service implementation * mobileactivation: Add new functions required for drmHandshake / session mode device activation * lockdown: Don't explicitly validate pairing unless we're dealing with an older device * mobileactivation: Don't convert activation record if it is already passed as PLIST_DATA * mobileactivation: Allow passing activation response headers as required for iOS 11.2+ * lockdown: Plug small memory leak * idevicesyslog: Wait for passcode entry on device when required * idevicediagnostics: Add HDMI to the list of valid options for diagnostics command * idevicediagnostics: Add ioregentry command to query device IORegistry by entry * userpref: [GnuTLS] Fix 3.6.0 SHA1 compatibility * userpref: [GnuTLS] Use valid serial for >= 3.6.0 * build: Fix autogen.sh with srcdir != builddir - added _service file to clearly show the package origin - SRPM group assignment fix. Trim DLL/library format baggage from description. - update version 1.2.0+git20170122.45fda81 * m4: use python-config if available to fix python3 support on newer distros * lockdown: remove unneeded plist_free() calls since entire dict is freed later * lockdown: add more error codes * add new lockdownd_pair_with_options() function * fix installation_proxy when using GnuTLS instead of OpenSSL * tools: fix inverted abort condition in idevicecrashreport * tools: idevicecrashreport: propertly initialize buffer used to check for ping message * tools: idevicecrashreport: fix missing 0-term when creating local filename * make sure sockets only listen locally * idevicebackup: fix some timestamps that are relative to the Mac epoch instead of Unix one * avoid potential NULL pointer dereference (leading to segfault) if functions are called w/ null arguments * add new functions to get the underlying file descriptor of an idevice connection * idevicedebug: show error if container info not found * diagnostics_relay: plug small memory leak * file_relay: plug small memory leak * update GnuTLS certificate callback to new API * fix SSL version negotiation with newer versions of OpenSSL * lockdown: remove unnecessary check for pair record file during pairing * userpref: remove obsoleted function userpref_has_pair_record() * idevice: update GnuTLS code to support iOS 10 * lockdown: return LOCKDOWN_E_INVALID_HOST_ID when missing pair record * idevicebackup2: fix removal of snapshot dir during backup w iOS 10+ * idevicebackup2: add installed application info to Info.plist during backup * idevicebackup2: fix assertion occuring when copying non-present MEID * idevicebackup2: suppress repeated printing of global status when 100% is reached * idevicebackup2: use remove_file() wrapper instead of remove() * idevicebackup2: don't report an error when file to remove doesn't exist * idevicebackup2: fix heap buffer out-of-bounds write caused by wrong buffer size * userpref: [GnuTLS]fix pairing record generation and improve error handling * idevicebackup2: plug some small memory leaks * misagent: add new misagent_copy_all() function (introduced in iOS 9.3) * ideviceprovision: use newer API to get list of profiles on iOS 9.3+ * ideviceprovision: check output directory parameter for 'copy' command and return exit code on error * ideviceprovision: allow copying single profiles instead of all * ideviceprovision: add new remove-all command to remove all installed profiles at once * idevicebackup2: fix logical bug when checking for success of backup operation * ideviceprovision: fix ASN1 parsing for large provisioning profiles * property_list_service: remove packet length check when receiving plist data - drop libimobiledevice-CVE-2016-5104.patch, upstreamed - drop libimobiledevice-nosslv3.patch, upstream changed default method from SSLv3_method to TLSv1_method. - Add libimobiledevice-CVE-2016-5104.patch: Make sure sockets only listen locally (CVE-2016-5104, boo#982014). - fix baselibs.conf - libimobiledevice-nosslv3.patch: In tumbleweed, SSLv3_method fails because there is no sslv3 support, use SSLv233_method instead to negotiate the highest TLS version available. - update version 1.2.0 * Require autoconf 2.64 or later * Remove dev tools, will return either as proper tools or website examples * Refactor installation proxy service implementation and normalize code * API: Added instproxy_lookup() to efficiently lookup app information * API: Added instproxy_check_capabilities_match() to check device capabilities * API: Added various instproxy command and status plist getters * API: Make debugserver_client_set_ack_mode() public * Fix handling of clients reconnecting in idevicedebugserverproxy which previously didn't work properly * Flush stdout for every line in idevicesyslog * Fix shutdown of idevicedebugserverproxy tool which could hang * Notify user when erroneously using idevicebackup with iOS 4 or later * Enable build of idevicecrashreport on WIN32 * Fix thread handle leaks on WIN32 adding thread_new and thread_free * cython: Add receive/receive_timeout methods for iDeviceConnection to receive raw data from a connection * cython: Add new FILE_RELAY_E_PERMISSION_DENIED(-6) error * API: Refactor lockdown service internal error checking and add a bunch of new native errors * Convert int16_t macro error types into enum within common module, too * Add new "idevicenotificationproxy" tool to post or observe notifications * Fix overlong blocking in np_client_free() * Improve maintainability and Requires of pkg-config file * API: Add new LOCKDOWN_E_SERVICE_LIMIT error to detect service limit states * API: Remove const argv requirement for debugserver_command_new * cython: Add get_path_for_bundle_identifier() method to InstallationProxyClient * cython: Add DebugServerClient class to communicate with debugserver * Comply to strict function prototypes by using (void) instead of just () * Fix notification proxy shutdown process which was incorrectly implemented * Fix linking problems on OS X * Fix missing debug output which broke with the last release * Unify and improve various debug messages * Fix re-pairing if pairing with existing pair record failed initially * Skip printing long plist (16kb+) files to prevent excessive debug output * Move a few common helpers from backup tools to common utility helper code * Remove incorrect flags from afc_file_open() documentation * Fix various memory leaks - Update to version 1.1.7 * Fix broken app args, environment handling and memory leaks in idevicedebug * Make all tools print an error if lockdown connection fails * Convert int16_t macro error types into enum for better type-checking and * for various debugging benefits * Avoid exporting non-public symbols for better ABI stability * Fix failing backup process for devices having a passcode set and entering * lock state during the process in idevicebackup2 * API: Added lockdownd_start_service_with_escrow_bag() * API: Added afc_remove_path_and_contents() for recursive deletion * Fix last memory leak with OpenSSL through proper library deinitialization * Add new idevicedebug tool to interact with debugserver on a device * API: Add debugserver service implementation * Handle new PermissionDenied error of file_relay due new security in iOS 8+ * Fix retry loop problem when device requests 0 files in idevicebackup2 * Add trust dialog related error codes to Cython bindings * Fix various memory leaks in AFC implementation * Fix disk image upload with latest iOS 8 in ideviceimagemounter * Add new "dump" command to print information about a provisioning profile in * ideviceprovision * Refactor plist print helper code and move it into common module for better * reuse accross the tools * Do not crash if retrieving the system buid fails * API: Make generic "propery_list_service_client" public * Moved doc comments from private to public headers * Fix possible segfault when using lockdownd_get_value() due to always * returning success * Do not read files entirely into memory during restore in idevicebackup * Plug a few memory leaks and fix invalid password check in idevicebackup2 * Add support for file sizes > 4GB on Win32 in idevicebackup2 * Fix declaration for DllMain on Win32 * Silence various compiler warnings * Fix assert within pairing logic - add hard depedency on libplist-devel for libimobiledevice-devel * fix build for openSUSE Factory * I don't know why it didn't automatically requires it. ==== libvirt ==== Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-config-network libvirt-daemon-driver-interface libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-qemu libvirt-libs - CVE-2019-11135: Add TSX_CTRL and TAA_NO bits for IA32_ARCH_CAPABILITIES MSR 07aaced4-Add-TAA-No.patch, f411b7ef6-Add-TSX-CTRL.patch bsc#1152505 - virt-create-rootfs: add SLE 15 and SLE 12 service packs support bsc#1154093 ==== openssl-1_1 ==== Subpackages: libopenssl1_1 libopenssl1_1-32bit - Security fix: [bsc#1158809, CVE-2019-1551] * Overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli - Add openssl-1_1-CVE-2019-1551.patch ==== ovmf ==== Version update (201908 -> 201911) Subpackages: qemu-ovmf-x86_64 - Update to edk2-stable201911 + SecurityPkg: Fix TPM2 ACPI measurement + MdeModulePkg: Enable variable runtime cache by default + OvmfPkg: Disable variable runtime cache + MdeModulePkg/Variable: Add RT GetVariable() cache support + CryptoPkg: Upgrade OpenSSL to 1.1.1d + MdePkg-UefiSpec.h: Add UEFI 2.8 new memory attributes + MdePkg/UefiFileHandleLib: Fix potential NULL dereference + NetworkPkg/HttpDxe: Set the HostName for the verification (CVE-2019-14553) + NetworkPkg/TlsDxe: Add the support of host validation to TlsDxe driver (CVE-2019-14553) + CryptoPkg/TlsLib: TlsSetVerifyHost: parse IP address literals as such (CVE-2019-14553) + CryptoPkg/TlsLib: Add the new API "TlsSetVerifyHost" (CVE-2019-14553) + MdePkg/Include/Protocol/Tls.h: Add the data type of EfiTlsVerifyHost (CVE-2019-14553) + MdeModulePkg/BdsDxe: Fix PlatformRecovery issue + NetworkPkg/SnpDxe: Add PCD to remove ExitBootServices event from SNP driver + MdeModulePkg: Update to support SmBios 3.3.0 + UefiCpuPkg/MpInitLib: honor the platform's boot CPU count in AP detection + SecurityPkg/Tcg2: Add Support Laml, Lasa for TPM2 ACPI + OvmfPkg/PlatformDxe: fix EFI_HII_HANDLE parameters of internal functions + OvmfPkg/VirtioNetDxe: fix SignalEvent() call + OvmfPkg/XenBusDxe: fix UninstallMultipleProtocolInterfaces() call + NetworkPkg/Ip4Dxe: fix NetLibDestroyServiceChild() call + MdeModulePkg/ScsiDiskDxe: Support Storage Security Command Protocol + MdePkg: Implement SCSI commands for Security Protocol In/Out + MdeModulePkg/TerminalDxe: Enhance the arrow keys support + MdeModulePkg/UefiBootManager: Unload image on EFI_SECURITY_VIOLATION + MdeModulePkg/DxeCapsuleLibFmp: Unload image on EFI_SECURITY_VIOLATION + MdeModulePkg: Extend the support keyboard type of Terminal console + UefiCpuPkg/CpuExceptionHandlerLib: Fix split lock + UefiCpuPkg: Fix potential spinLock issue in SmmStartupThisAp + UefiCpuPkg/PiSmmCpu: Enable 5L paging only when phy addr line > 48 + OvmfPkg/EnrollDefaultKeys: clean up Base64Decode() retval handling + ArmVirtPkg/PlatformBootManagerLib: unload image on EFI_SECURITY_VIOLATION + ShellPkg/ShellPkg.dsc AARCH64: enable stack protector + ArmVirtPkg/ArmVirtPrePiUniCoreRelocatable: revert to PIE linking + BaseTools/GenFw AARCH64: fix up GOT based relative relocations + ShellPkg/Pci.c: Update supported link speed to PCI5.0 + PcAtChipsetPkg: add PcdRealTimeClockUpdateTimeout + UefiCpuPkg: Add PcdCpuSmmRestrictedMemoryAccess + ShellPkg/CommandLib: avoid NULL derefence and memory leak + MdePkg/DxeHstiLib: Added checks to improve error handling + BaseTools: Support more file types in build cache + UefiCpuPkg/SecCore: get AllSecPpiList after SecPlatformMain - Update openssl to 1.1.1d + Add openssl-fix-syntax-error.patch to fix a syntax error - Drop ovmf-bsc1153072-fix-invalid-https-cert.patch + Already upstreamed ==== qemu ==== Version update (4.1.93 -> 4.2.0) Subpackages: qemu-block-curl qemu-block-rbd qemu-block-ssh qemu-guest-agent qemu-ipxe qemu-ksm qemu-microvm qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-vgabios qemu-x86 - Update to v4.2.0: See http://wiki.qemu.org/ChangeLog/4.2 Take note that ongoing feature deprecation is tracked at both http://wiki.qemu-project.org/Features/LegacyRemoval and in Appendix B of the qemu-doc.* files installed with the qemu package Some noteworthy changes: * x86: Denverton, Snowridge, and Dhyana CPU models added * x86: Latest version of all CPU models how have TSX (HLE and RTM) disabled by default * x86: Support for AVX512 BFloat16 extensions * x86: VMX features exposed more accurately and controllably * s390: TCG now implements IEP (Instruction Execution Protection) * PowerPC: POWER8 and POWER9 non-virtualized machines separated out * PowerPC: RTAS now comes from SLOF instead of QEMU itself * PowerPC: Unplug of multifunction PCI devices now unplugs the whole slot, as in x86 * ARM: Support for >256 CPUs with KVM is fixed * ARM: Memory hotplug now supported , when using UEFI, ACPI, for virt machine type * ARM: SVE support possuble now for KVM guests * ARM: ACPI generic event device can now deliver powerdown event * The backend device can be specified for a guest audio device * virtio v1.1 packed virtqueues supported * Socket based character device backends now support TCP keep-alive * Use encryption library cipher mode facilities, allowing improved performance for eg. AES-XTS encrption * Misc block device improvements, esp. with nbd - See the following few release-candidate changelog entries for additional changes related to this release - Switched package build to be out-of-tree - Update to v4.2.0-rc5: See http://wiki.qemu.org/ChangeLog/4.2 - Update to v4.2.0-rc4: See http://wiki.qemu.org/ChangeLog/4.2 * Update the support documents used for SUSE SLE releases to cover this qemu release ==== systemd ==== Subpackages: libsystemd0 libsystemd0-32bit libudev1 libudev1-32bit systemd-32bit systemd-bash-completion systemd-container systemd-sysvinit udev - Fix for bsc#1158485 Add 0001-logind-never-elect-a-session-that-is-stopping-as-dis.patch Add 0002-logind-consider-greeter-sessions-suitable-as-display.patch - Remove TasksMax limits for both users and system services (jsc#SLE-10123) - Backport support of dash-truncated dropins and use it to configure TasksMax for user-*.slice. The new mechanism is used (since v239) to replace UserTasksMax= option in logind.conf. This backport allows to start deprecating UserTasksMax usage which could hopefully be removed from the next major version of SLE. Add 0001-shared-dropin-improve-error-message.patch Add 0002-tests-skip-tests-when-cg_pid_get_path-fails-7033.patch Add 0003-unit-name-add-new-unit_name_build_from_type-helper.patch Add 0004-systemctl-fix-indentation-in-output-of-systemcl-stat.patch Add 0005-dropin-when-looking-for-dropins-for-a-unit-also-look.patch Add 0006-test-add-test-for-prefix-unit-loading.patch Add 0007-man-document-the-new-dash-truncation-drop-in-directo.patch Add 0008-Use-a-dash-truncated-drop-in-for-user-j.slice-config.patch Add 0009-login-fix-typo-in-log-message.patch Add 0010-logind-move-two-functions-to-logind_core-utility-lib.patch Add 0011-logind-keep-backward-compatibility-with-UserTasksMax.patch - Add 0001-seccomp-shm-get-at-dt-now-have-their-own-numbers-eve.patch Temporary patch due to SLE15-SP2 having a more recent kernel - Backport IP filetering feature (jsc#SLE-7743) FOR TESTING ONLY Submitted to SLE15-SP2:GA only so this feature get some testing before being released through the normal channel (SLE15:Update) Add 0001-tests-when-running-a-manager-object-in-a-test-migrat.patch Add 0002-in-addr-util-be-more-systematic-with-naming-our-func.patch Add 0003-in-addr-util-prefix-return-parameters-with-ret_.patch Add 0004-in-addr-util-add-new-helper-call-in_addr_prefix_from.patch Add 0005-build-sys-add-new-kernel-bpf.h-drop-in.patch Add 0006-Add-abstraction-model-for-BPF-programs.patch Add 0007-Add-IP-address-address-ACL-representation-and-parser.patch Add 0008-cgroup-add-fields-to-accommodate-eBPF-related-detail.patch Add 0009-Add-firewall-eBPF-compiler.patch Add 0010-cgroup-unit-fragment-parser-make-use-of-new-firewall.patch Add 0011-manager-hook-up-IP-accounting-defaults.patch Add 0012-systemctl-report-accounted-network-traffic-in-system.patch Add 0013-man-document-the-new-ip-accounting-and-filting-direc.patch Add 0014-cgroup-dump-the-newly-added-IP-settings-in-the-cgrou.patch Add 0015-core-support-IP-firewalling-to-be-configured-for-tra.patch Add 0016-ip-address-access-minimize-IP-address-lists.patch Add 0017-Add-test-for-eBPF-firewall-code.patch Add 0018-core-warn-loudly-if-IP-firewalling-is-configured-but.patch Add 0019-socket-label-let-s-use-IN_SET-so-that-we-have-to-cal.patch Add 0020-core-when-creating-the-socket-fds-for-a-socket-unit-.patch Add 0021-core-serialize-deserialize-IP-accounting-across-daem.patch Add 0022-core-when-coming-back-from-reload-reexec-reapply-all.patch Add 0023-cgroup-refuse-to-return-accounting-data-if-accountin.patch Add 0024-bpf-set-BPF_F_ALLOW_OVERRIDE-when-attaching-a-cgroup.patch Add 0025-fix-compile-error-on-musl.patch Add 0026-bpf-firewall-properly-handle-kernels-where-BPF-cgrou.patch Add 0027-core-improve-dbus-cgroup-error-message.patch Add 0028-run-also-show-IP-traffic-accounting-data-on-systemd-.patch Add 0029-core-only-warn-about-BPF-cgroup-missing-once-per-run.patch Add 0030-cgroup-drop-unused-parameter-from-function.patch Add 0031-bpf-firewall-actually-invoke-BPF_PROG_ATTACH-to-chec.patch Add 0032-ip-address-access-let-s-exit-the-loop-after-invalida.patch Add 0033-bpf-firewall-fix-warning-text.patch Add 0034-bpf-add-new-bpf.h-header-copy-from-4.15-kernel.patch Add 0035-bpf-beef-up-bpf-detection-check-if-BPF_F_ALLOW_MULTI.patch Add 0036-bpf-program-optionally-take-fd-of-program-to-detach.patch Add 0037-bpf-use-BPF_F_ALLOW_MULTI-flag-if-it-is-available.patch Add 0038-bpf-program-make-bpf_program_load_kernel-idempotent.patch Add 0039-bpf-rework-how-we-keep-track-and-attach-cgroup-bpf-p.patch Add 0040-bpf-reset-extra-IP-accounting-counters-when-turning-.patch Add 0041-Fix-three-uses-of-bogus-errno-value-in-logs-and-retu.patch Add 0042-tree-wide-avoid-assignment-of-r-just-to-use-in-a-com.patch Add 0043-core-fix-the-check-if-CONFIG_CGROUP_BPF-is-on.patch Add 0044-bpf-firewall-always-use-log_unit_xyz-insteadof-log_x.patch Add 0045-main-bump-RLIMIT_MEMLOCK-for-the-root-user-substanti.patch Add 0046-cgroup-always-invalidate-cpu-and-cpuacct-together.patch Add 0047-unit-initialize-bpf-cgroup-realization-state-properl.patch Add 0048-cgroup-improve-cg_mask_to_string-a-bit-and-add-tests.patch Add 0049-core-rename-cgroup_queue-cgroup_realize_queue.patch Add 0050-core-refactor-bpf-firewall-support-into-a-pseudo-con.patch Add 0051-Move-warning-about-unsupported-BPF-firewall-right-be.patch - Import commit be5eeb6c7d0bbb8147ff894227140d3d21639aeb 24fc1e1ff6 journal: include kmsg lines from the systemd process which exec()d us (#8078) b213992a3d udevd: don't use monitor after manager_exit() 28998ada7d udevd: capitalize log messages in on_sigchld() 6065eee5f8 udevd: merge conditions to decrease indentation d727a42d46 Revert "udevd: fix crash when workers time out after exit is signal caught" 0e6ff3b3d1 core: fragments of masked units ought not be considered for NeedDaemonReload (#7060) (bsc#1156482) 3523d5a0c8 udevd: fix crash when workers time out after exit is signal caught 787b2f859f udevd: wait for workers to finish when exiting (bsc#1106383) - Import commit 71778a1423b0f599ede9faa96d20add61d24db36 98c082a6ca shell-completion: systemctl: do not list template units in {re,}start 816d6111fc shell-completion: systemctl: pass current word to all list_unit* e8b40b6b10 bash-completion: systemctl: pass current partial unit to list-unit* (bsc#1155207) 7cdab60839 bash-completion: systemctl: use systemctl --no-pager 8844419dc8 bash-completion: also suggest template unit files 6f0e7ca3d1 bash-completion: systemctl: add missing options and verbs 4f4d2d4c1b bash-completion: use the first argument instead of the global variable (#6457) A bunch of commits which improves bash completion support. It only touches the shell completion and hence is pretty safe. - Import commit cff9adac2f06cc0876dc905d5642d271b69e755d 3f5a84b97c networkd: VXLan Make group and remote variable separate (bsc#1156213) 9c4571d6b2 networkd: vxlan require Remote= to be a non multicast address (#8117) (bsc#1156213) 7f1b579fc6 fs-util: let's avoid unnecessary strerror() 49e51f69b5 fs-util: introduce inotify_add_watch_and_warn() helper 454c094294 ask-password: improve log message when inotify limit is reached (bsc#1155574) 012115b8dd shared/install: failing with -ELOOP can be due to the use of an alias in install_error() (bsc#1151377) caa9e284af man: alias names can't be used with enable command (bsc#1151377) - No need to daemon-reexec at package installation time. During package installation PID1 is obviously not being run. - Add 0001-mount-swap-cryptsetup-introduce-an-option-to-prevent.patch (jsc#SLE-7689) ==== xen ==== Version update (4.13.0_03 -> 4.13.0_04) - bsc#1159320 - Xen logrotate file needs updated logrotate.conf - Update to Xen 4.13.0 FCS release xen-4.13.0-testing-src.tar.bz2 * Core Scheduling (contributed by SUSE) * Branch hardening to mitigate against Spectre v1 (contributed by Citrix) * Late uCode loading (contributed by Intel) * Improved live-patching build tools (contributed by AWS) * OP-TEE support (contributed by EPAM) * Renesas R-CAR IPMMU-VMSA driver (contributed by EPAM) * Dom0-less passthrough and ImageBuilder (contributed by XILINX) * Support for new Hardware - Update to Xen 4.13.0 RC4 release xen-4.13.0-testing-src.tar.bz2 - Rebase libxl.pvscsi.patch -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org