November 2019 - openSUSE Kubic - openSUSE Mailing Lists

[opensuse-kubic] New MicroOS snapshot 20191122 released!
by Richard Brown 23 Nov '19

23 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apparmor python-appdirs python-cffi (1.13.0 -> 1.13.2) python-pyasn1 (0.4.7 -> 0.4.8) python-pyparsing (2.4.2 -> 2.4.5) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor - Properly pull in full python3 interpreter ==== python-appdirs ==== - Format with spec-cleaner ==== python-cffi ==== Version update (1.13.0 -> 1.13.2) - Update to 1.13.2: * re-release because the Linux wheels came with an attached version of libffi that was very old and buggy - Update to 1.13.1: * deprecate the way to declare in cdef() a global variable with only void *foo;. You should always use a storage class, like extern void *foo; or maybe static void *foo;. These are all equivalent for the purposes of cdef(), but the reason for deprecating the bare version is that (as far as I know) it would always be mistake in a real C header. * fix the regression RuntimeError: found a situation in which we try to build a type recursively. * fixed issue #427 where a multithreading mistake in the embedding logic initialization code would cause deadlocks on CPython 3.7. ==== python-pyasn1 ==== Version update (0.4.7 -> 0.4.8) - Update to 0.4.8: * Added ability of combining `SingleValueConstraint` and `PermittedAlphabetConstraint` objects into one for proper modeling `FROM ... EXCEPT ...` ASN.1 clause. ==== python-pyparsing ==== Version update (2.4.2 -> 2.4.5) - update to version 2.4.5: * Fixed encoding when setup.py reads README.rst to include the project long description when uploading to PyPI. A stray unicode space in README.rst prevented the source install on systems whose default encoding is not 'utf-8'. - changes from version 2.4.4: * Unresolved symbol reference in 2.4.3 release was masked by stdout buffering in unit tests, thanks for the prompt heads-up, Ned Batchelder! - changes from version 2.4.3: * Fixed a bug in ParserElement.__eq__ that would for some parsers create a recursion error at parser definition time. Thanks to Michael Clerx for the assist. (Addresses issue #123) * Fixed bug in indentedBlock where a block that ended at the end of the input string could cause pyaprsing to loop forever. Raised as part of discussion on StackOverflow with geckos. * Backports from pyparsing 3.0.0: + __diag__.enable_all_warnings() + Fixed bug in PrecededBy which caused infinite recursion, issue [#127] + support for using regex-compiled RE to construct Regex expressions -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New Kubic snapshot 20191122 released!
by Richard Brown 23 Nov '19

23 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apparmor python-PrettyTable python-appdirs python-cffi (1.13.0 -> 1.13.2) python-psutil (5.6.3 -> 5.6.5) python-pyasn1 (0.4.7 -> 0.4.8) python-pycryptodome (3.9.0 -> 3.9.2) python-pyparsing (2.4.2 -> 2.4.5) python-pyzmq (18.1.0 -> 18.1.1) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor - Properly pull in full python3 interpreter ==== python-PrettyTable ==== - Run through spec-cleaner ==== python-appdirs ==== - Format with spec-cleaner ==== python-cffi ==== Version update (1.13.0 -> 1.13.2) - Update to 1.13.2: * re-release because the Linux wheels came with an attached version of libffi that was very old and buggy - Update to 1.13.1: * deprecate the way to declare in cdef() a global variable with only void *foo;. You should always use a storage class, like extern void *foo; or maybe static void *foo;. These are all equivalent for the purposes of cdef(), but the reason for deprecating the bare version is that (as far as I know) it would always be mistake in a real C header. * fix the regression RuntimeError: found a situation in which we try to build a type recursively. * fixed issue #427 where a multithreading mistake in the embedding logic initialization code would cause deadlocks on CPython 3.7. ==== python-psutil ==== Version update (5.6.3 -> 5.6.5) - update to version 5.6.5: * Bug fixes + 1615: remove pyproject.toml as it was causing installation issues. - changes from version 5.6.4: * Enhancements + 1527: [Linux] added Process.cpu_times().iowait counter, which is the time spent waiting for blocking I/O to complete. + 1565: add PEP 517/8 build backend and requirements specification for better pip integration. (patch by Bernát Gábor) * Bug fixes + 875: [Windows] Process' cmdline(), environ() or cwd() may occasionally fail with ERROR_PARTIAL_COPY which now gets translated to AccessDenied. + 1126: [Linux] cpu_affinity() segfaults on CentOS 5 / manylinux. cpu_affinity() support for CentOS 5 was removed. + 1528: [AIX] compilation error on AIX 7.2 due to 32 vs 64 bit differences. (patch by Arnon Yaari) + 1535: 'type' and 'family' fields returned by net_connections() are not always turned into enums. + 1536: [NetBSD] process cmdline() erroneously raise ZombieProcess error if cmdline has non encodable chars. + 1546: usage percent may be rounded to 0 on Python 2. + 1552: [Windows] getloadavg() math for calculating 5 and 15 mins values is incorrect. + 1568: [Linux] use CC compiler env var if defined. + 1570: [Windows] NtWow64* syscalls fail to raise the proper error code + 1585: [OSX] calling close() (in C) on possible negative integers. (patch by Athos Ribeiro) + 1606: [SunOS] compilation fails on SunOS 5.10. (patch by vser1) ==== python-pyasn1 ==== Version update (0.4.7 -> 0.4.8) - Update to 0.4.8: * Added ability of combining `SingleValueConstraint` and `PermittedAlphabetConstraint` objects into one for proper modeling `FROM ... EXCEPT ...` ASN.1 clause. ==== python-pycryptodome ==== Version update (3.9.0 -> 3.9.2) - Update to 3.9.2 (10 November 2019): + New features * Add Python 3.8 wheels for Mac. + Resolved issues * GH#308: Avoid allocating arrays of __m128i on the stack, to cope with buggy compilers. * GH#322: Remove blanket -O3 optimization for gcc and clang, to cope with buggy compilers. * GH#337: Fix typing stubs for signatures. * GH#338: Deal with gcc installations that don't have x86intrin.h. - Update to version 3.9.1 (1 November 2019): + New features * Add Python 3.8 wheels for Linux and Windows. + Resolved issues * GH#328: minor speed-up when importing RSA. - Add export LC_ALL=en_US.UTF-8 to %build, %install and %check to fix the build on older distros (as done from Thomas Bechtold in python-pycryptodomex) ==== python-pyparsing ==== Version update (2.4.2 -> 2.4.5) - update to version 2.4.5: * Fixed encoding when setup.py reads README.rst to include the project long description when uploading to PyPI. A stray unicode space in README.rst prevented the source install on systems whose default encoding is not 'utf-8'. - changes from version 2.4.4: * Unresolved symbol reference in 2.4.3 release was masked by stdout buffering in unit tests, thanks for the prompt heads-up, Ned Batchelder! - changes from version 2.4.3: * Fixed a bug in ParserElement.__eq__ that would for some parsers create a recursion error at parser definition time. Thanks to Michael Clerx for the assist. (Addresses issue #123) * Fixed bug in indentedBlock where a block that ended at the end of the input string could cause pyaprsing to loop forever. Raised as part of discussion on StackOverflow with geckos. * Backports from pyparsing 3.0.0: + __diag__.enable_all_warnings() + Fixed bug in PrecededBy which caused infinite recursion, issue [#127] + support for using regex-compiled RE to construct Regex expressions ==== python-pyzmq ==== Version update (18.1.0 -> 18.1.1) - update to version 18.1.1: * Fix race condition when shutting down ZAP thread while events are still processing (only affects tests) * Publish wheels for Python 3.8 on all platforms * Stop publishing wheels for Python 3.4 on Windows * Sources generated with Cython 0.29.14

1 0

[opensuse-kubic] New MicroOS snapshot 20191121 released!
by Richard Brown 23 Nov '19

23 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: elfutils installation-images-MicroOS (14.443 -> 14.447) ncurses open-lldp (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3) openssl (1.1.1c -> 1.1.1d) openssl-1_1 (1.1.1c -> 1.1.1d) ucode-intel (20191112 -> 20191115) yast2 (4.2.30 -> 4.2.34) === Details === ==== elfutils ==== Subpackages: libasm1 libdw1 libebl-plugins libelf1 - disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead - dwelf_elf_e_machine_string.patch: Avoid spurious failure ==== installation-images-MicroOS ==== Version update (14.443 -> 14.447) - merge gh#openSUSE/installation-images#343 - Revert "Include KacstOne font for Persian (boo#1092920)" - Use Noto Naskh Arabic instead of KacstBook (boo#1092920) - another attempt to fix fonts - 14.447 - merge gh#openSUSE/installation-images#344 - Added linuxrc reboot_timeout option (bsc1122493) - 14.446 - merge gh#openSUSE/installation-images#342 - Include KacstOne font for Persian (boo#1092920) - 14.445 ==== ncurses ==== Subpackages: libncurses6 ncurses-utils terminfo terminfo-base - Do not add has size to linker flags of any pkg-config - Add ncurses patch 20191109 + add warning-check in tic for terminals with parm_dch vs parm_ich. + drop ich1 from rxvt-basic, Eterm and mlterm to improve compatibility with old non-curses programs -TD + reviewed st 0.8.2, updated some details -TD + use ansi+rep several places -TD + corrected tic's check for ich1 (report by Sebastian J. Bronner, cf: 20020901). - Add ncurses patch 20191102 + check parameter of set_escdelay, return ERR if negative. + check parameter of set_tabsize, return ERR if not greater than zero (report/patch by Anthony Sottile). + revise CF_ADD_LIBS macro to prepend rather than append libraries. + add "xterm-mono" to help packagers (report by Sven Joachim) -TD ==== open-lldp ==== Version update (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3) Subpackages: liblldp_clif1 - Update to version v1.0.1+102.4c7fcc3: * l2_packet: Guard ETH_P_LLDP define * lldp_mand: retrieve permanent mac address in get_mac() * lldp_util: use netlink to fetch mac address * lldp_util: drop get_macstr() * linux/if_link.h: Update and add bonding netlink definitions - Update to version v1.0.1+95.3168e11: * Test with newer GCC 8 and 9 versions * RPM build is broken, so skip * Place the tarball in the right place * A tarball needs to be built after bootstrap.sh for use with RPM * Added missing steps for building an RPM * Finish off with testing building the RPM * Test package installation as well * Test under multiple GCC releases * Drop requirement for Travis CI testing with Clang * Support checking build with Travis CI * vdp-netlink: account for sizes properly * qbg: avoid warning for extra parens * qbg: port name is always a valid pointer * dcbx-nl: drop run_cmd * ecp: allow for failure to create * lldp_util: allow for null ifa_addr element * lldpad: Do not enable port if already enabled * Silent -Werror=address-of-packed-member warnings. * Come up with STRNCPY_TERMINATED (#25). * vdptool: fixed compile error for getline() * Fix #23 by off by one strncpy value. * 8021qaz: Block lldptool set operations if read only mode is on * 8021qaz: Add read only option for 8021qaz module * lldp: Allow lldptool to modify optional TLV's content * 8021qaz: Print dscp2prio map * autoconf: Add systemd support in configure.ac * rpm-spec: Add vdp22 man files to lldpad.spec.in ==== openssl ==== Version update (1.1.1c -> 1.1.1d) - Update to 1.1.1d release ==== openssl-1_1 ==== Version update (1.1.1c -> 1.1.1d) Subpackages: libopenssl1_1 - Merged upstream changes to allow NULL salt values in EVP_PBE_scrypt(). * Revealed by nodejs12 during bsc#1149572. * Modified openssl-jsc-SLE-8789-backport_KDF.patch - openssl-jsc-SLE-8789-backport_KDF.patch: retain old behaviour of EVP_PBE_scrypt. When key output buffer is not provided, only check if the input parameters are in valid range and ignore passphrase/salt fields as they are only used in the actual calculation. - Update to 1.1.1d (bsc#1133925, jsc#SLE-6430) * Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. (bsc#1150247, CVE-2019-1549) * Compute ECC cofactors if not provided during EC_GROUP construction. Before this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. (bsc#1150003, CVE-2019-1547) * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. (bsc#1150250, CVE-2019-1563) * For built-in EC curves, ensure an EC_GROUP built from the curve name is used even when parsing explicit parameters, when loading a serialized key or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters(). * Early start up entropy quality from the DEVRANDOM seed source has been improved for older Linux systems. * Changed DH_check to accept parameters with order q and 2q subgroups. With order 2q subgroups the bit 0 of the private key is not secret but DH_generate_key works around that by clearing bit 0 of the private key for those. This avoids leaking bit 0 of the private key. * Significantly reduce secure memory usage by the randomness pools. * Revert the DEVRANDOM_WAIT feature for Linux systems - drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream) - refresh patches * openssl-1.1.0-no-html.patch * openssl-jsc-SLE-8789-backport_KDF.patch - To avoid seperate certification of openssh server / client move the SSH KDF (Key Derivation Function) into openssl. * jsc#SLE-8789 * Sourced from commit 8d76481b189b7195ef932e0fb8f0e23ab0120771#diff-a9562bc75317360a2e6b8b0748956e34 in openssl master (introduce the SSH KDF) and commit 5a285addbf39f91d567f95f04b2b41764127950d in openssl master (backport EVP/KDF API framework) * added openssl-jsc-SLE-8789-backport_KDF.patch ==== ucode-intel ==== Version update (20191112 -> 20191115) - Updated to 20191115 release (bsc#1157004) - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- updated platforms ------------------------------------ - SKL-U/Y D0 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile - SKL-U23e K1 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile - SKL-H/S/E3 N0/R0/S0 6-5e-3/36 000000d4->000000d6 Core Gen6 - AML-Y22 H0 6-8e-9/10 000000c6->000000ca Core Gen8 Mobile - KBL-U/Y H0 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile - KBL-U23e J1 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile - KBL-R U Y0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000c6->000000ca Core Gen8 Mobile - AML-Y42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile - WHL-U V0 6-8e-c/94 000000c6->000000ca Core Gen8 Mobile - CML-U42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile - KBL-G/H/S/X/E3 B0 6-9e-9/2a 000000c6->000000ca Core Gen7 Desktop, Mobile, Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 000000c6->000000ca Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 000000c6->000000ca Core Gen8 - CFL-S P0 6-9e-c/22 000000c6->000000ca Core Gen9 Desktop - CFL-H/S/E3 R0 6-9e-d/22 000000c6->000000ca Core Gen9 Desktop, Mobile, Xeon E - CML-U62 A0 6-a6-0/80 000000c6->000000ca Core Gen10 Mobile - Updated to 20191113 release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- updated platforms ------------------------------------ - CFL-S P0 6-9e-c/22 000000a2->000000c6 Core Gen9 Desktop ==== yast2 ==== Version update (4.2.30 -> 4.2.34) - Fix crash in upgrade caused by wrong parameter to snapper (bsc#1156819) - 4.2.34 - Use new snapper machine-readable output to retrieve snapshots information (related to bsc#1149322). - 4.2.33 - Add linuxrc option "reboot_timeout" to configure the timeout before reboot (bsc#1122493) - 4.2.32 - Network: During an installation, check which backend is in use when Systemd is running. (bsc#1151291) - 4.2.31 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New Kubic snapshot 20191121 released!
by Richard Brown 23 Nov '19

23 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: elfutils haproxy (2.0.7+git0.1909aa1e -> 2.0.9+git6.26b7b800) installation-images-MicroOS (14.443 -> 14.447) ncurses open-lldp (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3) openssl (1.1.1c -> 1.1.1d) openssl-1_1 (1.1.1c -> 1.1.1d) ucode-intel (20191112 -> 20191115) yast2 (4.2.30 -> 4.2.34) === Details === ==== elfutils ==== Subpackages: libasm1 libdw1 libebl-plugins libelf1 - disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead - dwelf_elf_e_machine_string.patch: Avoid spurious failure ==== haproxy ==== Version update (2.0.7+git0.1909aa1e -> 2.0.9+git6.26b7b800) - Update to version 2.0.9+git6.26b7b800: * BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1 * BUG/MINOR: peers: Wrong null "server_name" data field handling. * MINOR: peers: Add debugging information to "show peers". * MINOR: peers: Add TX/RX heartbeat counters. * MINOR: peers: Alway show the table info for disconnected peers. - Update to version 2.0.9+git1.caf02113: * BUG/MINOR: init: fix set-dumpable when using uid/gid - Update to version 2.0.9+git0.efac87ee: * [RELEASE] Released version 2.0.9 * BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe * BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams * BUG/MINOR: log: limit the size of the startup-logs * BUILD: contrib/da: remove an "unused" warning * MINOR: memory: also poison the area on freeing * CLEANUP: session: slightly simplify idle connection cleanup logic * BUG/MEDIUM: Make sure we leave the session list in session_free(). * BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition * BUG/MINOR: queue/threads: make the queue unlinking atomic * DOC: management: fix typo on "cache_lookups" stats output * DOC: management: document cache_hits and cache_lookups in the CSV format * DOC: management: document reuse and connect counters in the CSV format * BUG: dns: timeout resolve not applied for valid resolutions * BUG/MINOR: action: do-resolve now use cached response * BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams * MINOR: doc: http-reuse connection pool fix * BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it * BUG/MEDIUM: mux-h1: Disable splicing for chunked messages * BUG/MEDIUM: mux-h2: immediately report connection errors on streams * BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list * BUG/MEDIUM: mux-h2: report no available stream on a connection having errors * BUG/MINOR: config: Update cookie domain warn to RFC6265 * BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready. * BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready. * MINOR: mux: Add a new method to get informations about a mux. * BUG/MINOR: spoe: fix off-by-one length in UUID format string * BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached * BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent * BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed * MINOR: tcp: avoid confusion in time parsing init * BUG/MINOR: mux-h2: do not emit logs on backend connections * MINOR: config: warn on presence of "\n" in header values/replacements - Update to version 2.0.8+git0.60e6020c: * [RELEASE] Released version 2.0.8 * BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless * BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion * BUG/MINOR: ssl: fix memcpy overlap without consequences. * BUG/MEDIUM: http: unbreak redirects in legacy mode * BUG/MINOR: mux-h2: also make sure blocked legacy connections may expire * BUG/MINOR: sample: Make the `field` converter compatible with `-m found` * BUG/MINOR: cache: alloc shctx after check config * BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr * BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed * BUG/MINOR: mworker/cli: reload fail with inherited FD * BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1 * CLEANUP: bind: handle warning label on bind keywords parsing. * CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn * CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn * CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes * REGTEST: mcli/mcli_show_info: launch a 'show info' on the master CLI * BUG/MEDIUM: mux_pt: Only call the wake emthod if nobody subscribed to receive. * BUG/MEDIUM: mux_pt: Don't destroy the connection if we have a stream attached. * Revert e8826ded5fea3593d89da2be5c2d81c522070995. * BUG/MAJOR: idle conns: schedule the cleanup task on the correct threads * BUG/MEDIUM: mux_pt: Make sure we don't have a conn_stream before freeing. * BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers * BUG/MINOR: mworker/ssl: close openssl FDs unconditionally * BUG/MINOR: http-htx: Properly set htx flags on error files to support keep-alive * MINOR: version: make the version strings variables, not constants * BUG/MINOR: WURFL: fix send_log() function arguments * BUG/MINOR: mux-h1: Capture ignored parsing errors * BUG/MINOR: mux-h1: Mark the output buffer as full when the xfer is interrupted * BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data * BUG/MEDIUM: htx: Catch chunk_memcat() failures when HTX data are formatted to h1 * BUILD: ssl: wrong #ifdef for SSL engines code * BUG/MINOR: ssl: abort on sni_keytypes allocation failure * BUG/MINOR: ssl: free the sni_keytype nodes * BUG/MINOR: ssl: abort on sni allocation failure * BUG/MEDIUM: applet: always check a fast running applet's activity before killing * MINOR: stats: mention in the help message support for "json" and "typed" * DOC: fix typo in Prometheus exporter doc * DOC: clarify some points around http-send-name-header's behavior * BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri * BUG/MINOR: peers: crash on reload without local peer. * BUG/MEDIUM: mux-h2: do not enforce timeout on long connections * BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const * MINOR: mux-h2: add a per-connection list of blocked streams * BUG/MINOR: action: do-resolve does not yield on requests with body * BUG/MEDIUM: lua: Store stick tables into the sample's `t` field * BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg) * BUG/MINOR: stats: Add a missing break in a switch statement ==== installation-images-MicroOS ==== Version update (14.443 -> 14.447) - merge gh#openSUSE/installation-images#343 - Revert "Include KacstOne font for Persian (boo#1092920)" - Use Noto Naskh Arabic instead of KacstBook (boo#1092920) - another attempt to fix fonts - 14.447 - merge gh#openSUSE/installation-images#344 - Added linuxrc reboot_timeout option (bsc1122493) - 14.446 - merge gh#openSUSE/installation-images#342 - Include KacstOne font for Persian (boo#1092920) - 14.445 ==== ncurses ==== Subpackages: libncurses6 ncurses-utils terminfo terminfo-base - Do not add has size to linker flags of any pkg-config - Add ncurses patch 20191109 + add warning-check in tic for terminals with parm_dch vs parm_ich. + drop ich1 from rxvt-basic, Eterm and mlterm to improve compatibility with old non-curses programs -TD + reviewed st 0.8.2, updated some details -TD + use ansi+rep several places -TD + corrected tic's check for ich1 (report by Sebastian J. Bronner, cf: 20020901). - Add ncurses patch 20191102 + check parameter of set_escdelay, return ERR if negative. + check parameter of set_tabsize, return ERR if not greater than zero (report/patch by Anthony Sottile). + revise CF_ADD_LIBS macro to prepend rather than append libraries. + add "xterm-mono" to help packagers (report by Sven Joachim) -TD ==== open-lldp ==== Version update (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3) Subpackages: liblldp_clif1 - Update to version v1.0.1+102.4c7fcc3: * l2_packet: Guard ETH_P_LLDP define * lldp_mand: retrieve permanent mac address in get_mac() * lldp_util: use netlink to fetch mac address * lldp_util: drop get_macstr() * linux/if_link.h: Update and add bonding netlink definitions - Update to version v1.0.1+95.3168e11: * Test with newer GCC 8 and 9 versions * RPM build is broken, so skip * Place the tarball in the right place * A tarball needs to be built after bootstrap.sh for use with RPM * Added missing steps for building an RPM * Finish off with testing building the RPM * Test package installation as well * Test under multiple GCC releases * Drop requirement for Travis CI testing with Clang * Support checking build with Travis CI * vdp-netlink: account for sizes properly * qbg: avoid warning for extra parens * qbg: port name is always a valid pointer * dcbx-nl: drop run_cmd * ecp: allow for failure to create * lldp_util: allow for null ifa_addr element * lldpad: Do not enable port if already enabled * Silent -Werror=address-of-packed-member warnings. * Come up with STRNCPY_TERMINATED (#25). * vdptool: fixed compile error for getline() * Fix #23 by off by one strncpy value. * 8021qaz: Block lldptool set operations if read only mode is on * 8021qaz: Add read only option for 8021qaz module * lldp: Allow lldptool to modify optional TLV's content * 8021qaz: Print dscp2prio map * autoconf: Add systemd support in configure.ac * rpm-spec: Add vdp22 man files to lldpad.spec.in ==== openssl ==== Version update (1.1.1c -> 1.1.1d) - Update to 1.1.1d release ==== openssl-1_1 ==== Version update (1.1.1c -> 1.1.1d) Subpackages: libopenssl1_1 - Merged upstream changes to allow NULL salt values in EVP_PBE_scrypt(). * Revealed by nodejs12 during bsc#1149572. * Modified openssl-jsc-SLE-8789-backport_KDF.patch - openssl-jsc-SLE-8789-backport_KDF.patch: retain old behaviour of EVP_PBE_scrypt. When key output buffer is not provided, only check if the input parameters are in valid range and ignore passphrase/salt fields as they are only used in the actual calculation. - Update to 1.1.1d (bsc#1133925, jsc#SLE-6430) * Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. (bsc#1150247, CVE-2019-1549) * Compute ECC cofactors if not provided during EC_GROUP construction. Before this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. (bsc#1150003, CVE-2019-1547) * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. (bsc#1150250, CVE-2019-1563) * For built-in EC curves, ensure an EC_GROUP built from the curve name is used even when parsing explicit parameters, when loading a serialized key or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters(). * Early start up entropy quality from the DEVRANDOM seed source has been improved for older Linux systems. * Changed DH_check to accept parameters with order q and 2q subgroups. With order 2q subgroups the bit 0 of the private key is not secret but DH_generate_key works around that by clearing bit 0 of the private key for those. This avoids leaking bit 0 of the private key. * Significantly reduce secure memory usage by the randomness pools. * Revert the DEVRANDOM_WAIT feature for Linux systems - drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream) - refresh patches * openssl-1.1.0-no-html.patch * openssl-jsc-SLE-8789-backport_KDF.patch - To avoid seperate certification of openssh server / client move the SSH KDF (Key Derivation Function) into openssl. * jsc#SLE-8789 * Sourced from commit 8d76481b189b7195ef932e0fb8f0e23ab0120771#diff-a9562bc75317360a2e6b8b0748956e34 in openssl master (introduce the SSH KDF) and commit 5a285addbf39f91d567f95f04b2b41764127950d in openssl master (backport EVP/KDF API framework) * added openssl-jsc-SLE-8789-backport_KDF.patch ==== ucode-intel ==== Version update (20191112 -> 20191115) - Updated to 20191115 release (bsc#1157004) - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- updated platforms ------------------------------------ - SKL-U/Y D0 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile - SKL-U23e K1 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile - SKL-H/S/E3 N0/R0/S0 6-5e-3/36 000000d4->000000d6 Core Gen6 - AML-Y22 H0 6-8e-9/10 000000c6->000000ca Core Gen8 Mobile - KBL-U/Y H0 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile - KBL-U23e J1 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile - KBL-R U Y0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000c6->000000ca Core Gen8 Mobile - AML-Y42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile - WHL-U V0 6-8e-c/94 000000c6->000000ca Core Gen8 Mobile - CML-U42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile - KBL-G/H/S/X/E3 B0 6-9e-9/2a 000000c6->000000ca Core Gen7 Desktop, Mobile, Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 000000c6->000000ca Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 000000c6->000000ca Core Gen8 - CFL-S P0 6-9e-c/22 000000c6->000000ca Core Gen9 Desktop - CFL-H/S/E3 R0 6-9e-d/22 000000c6->000000ca Core Gen9 Desktop, Mobile, Xeon E - CML-U62 A0 6-a6-0/80 000000c6->000000ca Core Gen10 Mobile - Updated to 20191113 release - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- updated platforms ------------------------------------ - CFL-S P0 6-9e-c/22 000000a2->000000c6 Core Gen9 Desktop ==== yast2 ==== Version update (4.2.30 -> 4.2.34) - Fix crash in upgrade caused by wrong parameter to snapper (bsc#1156819) - 4.2.34 - Use new snapper machine-readable output to retrieve snapshots information (related to bsc#1149322). - 4.2.33 - Add linuxrc option "reboot_timeout" to configure the timeout before reboot (bsc#1122493) - 4.2.32 - Network: During an installation, check which backend is in use when Systemd is running. (bsc#1151291) - 4.2.31 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New ARM MicroOS snapshot 20191119 released!
by Guillaume Gardet 21 Nov '19

21 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apparmor boost-base btrfsprogs (5.2.2 -> 5.3.1) kernel-firmware (20191023 -> 20191108) podman (1.6.1 -> 1.6.2) read-only-root-fs (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) rpm-config-SUSE (0.g42 -> 0.g45) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-profiles apparmor-utils - add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657) ==== boost-base ==== - Make sure openmpi-macros-devel is not required for base flavor -- consolidate build_mpi/mpi macro into just one. - Remove BuildArch guards, no longer relevant since SuSE 11.2 ==== btrfsprogs ==== Version update (5.2.2 -> 5.3.1) - Update to 5.3.1: * libbtrfs: fix link breakage due to missing symbols - Updaet to 5.3: * mkfs: * new option to specify checksum algorithm (only crc32c) * fix xattr enumeration * dump-tree: BFS (breadth-first) traversal now default * libbtrfsutil: remove stale BTRFS_DEV_REPLACE_ITEM_STATE_x defines * ci: add support for gitlab * other: * preparatory work for more checksum algorithms * docs update * switch to docbook5 backend for asciidoc * fix build on uClibc due to missing backtrace() * lots of printf format fixups ==== kernel-firmware ==== Version update (20191023 -> 20191108) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20191108 (git commit f1100ddf581f): * i915: Add HuC firmware v7.0.3 for TGL * i915: Add GuC firmware v35.2.0 for TGL * i915: Add HuC firmware v9.0.0 for EHL * i915: Add GuC firmware v33.0.4 for EHL * rtw88: RTL8723D: add firmware file v48 * qed: Add firmware 8.40.33.0 * amdgpu: add new navi14 wks gfx firmware for 19.30 * amdgpu: update navi14 firmware for 19.30 * amdgpu: update raven firmware for 19.30 * linux-firmware: Add firmware file for Intel Bluetooth AX201 ==== podman ==== Version update (1.6.1 -> 1.6.2) - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 ==== read-only-root-fs ==== Version update (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) - Update to version 1.0+git20191112.42add9e: * Add RequiresMountsFor=/etc override for systemd-udevd.service ==== rpm-config-SUSE ==== Version update (0.g42 -> 0.g45) - Update to version 0.g45: * Use -flto=auto for _lto_cflags for now - Update to version 0.g44: * Sync specfile changes * Add _lto_cflags to suse_macros for now -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New ARM Kubic snapshot 20191119 released!
by Guillaume Gardet 21 Nov '19

21 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apparmor boost-base btrfsprogs (5.2.2 -> 5.3.1) hello-kubic (1.1 -> 1.2) kernel-firmware (20191023 -> 20191108) podman (1.6.1 -> 1.6.2) read-only-root-fs (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) rook (1.1.1+git0.g9a2641a6 -> 1.1.6+git0.g91d6f635) rpm-config-SUSE (0.g42 -> 0.g45) weave (2.5.2 -> 2.6.0) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-profiles apparmor-utils - add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657) ==== boost-base ==== - Make sure openmpi-macros-devel is not required for base flavor -- consolidate build_mpi/mpi macro into just one. - Remove BuildArch guards, no longer relevant since SuSE 11.2 ==== btrfsprogs ==== Version update (5.2.2 -> 5.3.1) - Update to 5.3.1: * libbtrfs: fix link breakage due to missing symbols - Updaet to 5.3: * mkfs: * new option to specify checksum algorithm (only crc32c) * fix xattr enumeration * dump-tree: BFS (breadth-first) traversal now default * libbtrfsutil: remove stale BTRFS_DEV_REPLACE_ITEM_STATE_x defines * ci: add support for gitlab * other: * preparatory work for more checksum algorithms * docs update * switch to docbook5 backend for asciidoc * fix build on uClibc due to missing backtrace() * lots of printf format fixups ==== hello-kubic ==== Version update (1.1 -> 1.2) - Update to version 1.2 - use official openSUSE container image ==== kernel-firmware ==== Version update (20191023 -> 20191108) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20191108 (git commit f1100ddf581f): * i915: Add HuC firmware v7.0.3 for TGL * i915: Add GuC firmware v35.2.0 for TGL * i915: Add HuC firmware v9.0.0 for EHL * i915: Add GuC firmware v33.0.4 for EHL * rtw88: RTL8723D: add firmware file v48 * qed: Add firmware 8.40.33.0 * amdgpu: add new navi14 wks gfx firmware for 19.30 * amdgpu: update navi14 firmware for 19.30 * amdgpu: update raven firmware for 19.30 * linux-firmware: Add firmware file for Intel Bluetooth AX201 ==== podman ==== Version update (1.6.1 -> 1.6.2) - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 ==== read-only-root-fs ==== Version update (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) - Update to version 1.0+git20191112.42add9e: * Add RequiresMountsFor=/etc override for systemd-udevd.service ==== rook ==== Version update (1.1.1+git0.g9a2641a6 -> 1.1.6+git0.g91d6f635) - Update rook to v1.1.6: * Flex driver should not allow attach before detach on a different node (#3582) * Properly set the ceph-mgr annotations (#4195) * Only trigger an orchestration if the cluster CR changed (#4252) * Fix setting rbdGrpcMetricsPort in the helm chart (#4202) * Document all helm chart settings (#4202) * Support all layers of CRUSH map with node labels (#4236) * Skip orchestration restart on device config map update for osd on pvc (#4124) * Deduplicate tolerations collected for the drain canary pods (#4220) * Role bindings are missing for pod security policies (#3851) * Continue with orchestration if a single mon pod fails to start (#4146) * OSDs cannot call 'restorecon' when selinux is enabled (#4214) * Use the rook image for drain canary pods (#4213) * Allow setting of osd prepare resource limits (#4182) * Documentation for object bucket provisioning (#3882) - Update rook to v1.1.4: * OSD config overrides were ignored for some upgraded OSDs (#4161) * Enable restoring a cluster after disaster recovery (#4021) * Enable upgrade of OSDs configured on PVCs (#3996) * Automatically removing OSDs requires setting: removeOSDsIfOutAndSafeToRemove(#4116) * Rework csi keys and secrets to use minimal privileges (#4086) * Expose OSD prepare pod resource limits (#4083) * Minimum K8s version for running OSDs on PVCs is 1.13 (#4009) * Add 'rgw.buckets.non-ec' to list of RGW metadataPools (#4087) * Hide wrong error for clusterdisruption controller (#4094) * Multiple integration test fixes to improve CI stability (#4098) * Detect mount fstype more accurately in the flex driver (#4109) * Do not override mgr annotations (#4110) * Add OSDs to proper buckets in crush hierarchy with topology awareness (#4099) * More robust removal of cluster finalizer (#4090) * Take activeStandby into account for the CephFileSystem disruption budget (#4075) * Update the CSI CephFS registration directory name (#4070) * Fix incorrect Ceph CSI doc links (#4081) * Remove decimal places for osdMemoryTargetValue monitoring setting (#4046) * Relax pre-requisites for external cluster to allow connections to Luminous (#4025) * Avoid nodes getting stuck in OrchestrationStatusStarting during OSD config (#3817) * Make metrics and liveness port configurable (#4005) * Correct system namespace for CSI driver settings during upgrade (#4040) - Update csi-dummy-images.patch - Update csi-template-paths.patch - Update 0001-bsc-1152690-ceph-csi-Driver-will-fail-with-error.patch ==== rpm-config-SUSE ==== Version update (0.g42 -> 0.g45) - Update to version 0.g45: * Use -flto=auto for _lto_cflags for now - Update to version 0.g44: * Sync specfile changes * Add _lto_cflags to suse_macros for now ==== weave ==== Version update (2.5.2 -> 2.6.0) - Update weave to 2.6.0 - Fix a race condition in Kubernetes addon when reclaiming IP addresses after node deletion #3724, #3716 - Buffer events so Docker won't drop them, and Weave Net can clean up after dead containers #3432, #3705 - Weave reconnect occasionally fails after network interface disconnect #3666, #3669, #3676 - Ingress NetworkPolicy would accepts all traffic when specifying both IPBlock and port #3653, #3654 - Support both podSelector and namespaceSelector in NetworkPolicy #3312, #3647 - Only add default-drop egress rule if network policies are in use #3639 - Manifests use 'apps/v1' rather than deprecated 'apps/v1beta1' #3660 - Avoid Weave Net pods being evicted by setting priorityClassName: system-node-critical #3697 - Manifests use recommended DNS policy ClusterFirstWithHostNet #3692 - Weave Net now tolerates 'NoExecute' taint #3655 - Allow extra arguments to NetworkPolicy controller to be set in an environment variable #3683 - Stop reporting a failure to connect to self #3454, #3585 - Minor reduction in log noise when reclaiming IPs #3710 - Update weave.yaml for kubernetes 1.16 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New MicroOS snapshot 20191119 released!
by Richard Brown 20 Nov '19

20 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: boost-base === Details === ==== boost-base ==== Subpackages: boost-license1_71_0 libboost_thread1_71_0 - Make sure openmpi-macros-devel is not required for base flavor -- consolidate build_mpi/mpi macro into just one. - Remove BuildArch guards, no longer relevant since SuSE 11.2 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New Kubic snapshot 20191119 released!
by Richard Brown 20 Nov '19

20 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: boost-base === Details === ==== boost-base ==== Subpackages: boost-license1_71_0 libboost_thread1_71_0 - Make sure openmpi-macros-devel is not required for base flavor -- consolidate build_mpi/mpi macro into just one. - Remove BuildArch guards, no longer relevant since SuSE 11.2 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New MicroOS snapshot 20191118 released!
by Richard Brown 20 Nov '19

20 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: c-ares (1.15.0~20191108 -> 1.15.0+20191108) conmon (2.0.2 -> 2.0.3) curl kdump kernel-firmware (20191023 -> 20191108) libselinux libselinux-bindings libssh (0.9.0 -> 0.9.2) openssh patterns-microos read-only-root-fs (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) rpm-config-SUSE (0.g44 -> 0.g45) systemd ucode-intel (20190918 -> 20191112) xen (4.13.0_01 -> 4.13.0_02) === Details === ==== c-ares ==== Version update (1.15.0~20191108 -> 1.15.0+20191108) - Fix version number of the snapshot to not be downgrade: bsc#1156601 ==== conmon ==== Version update (2.0.2 -> 2.0.3) - Add log level trace - Separate handling of log reopen events and terminal resize events ==== curl ==== Subpackages: libcurl4 - Fix segfault in zypper ref: [bsc#1156481] * remove_handle: clear expire timers after multi_done() * Add patch curl-expire-clear.patch ==== kdump ==== - add kdump-savedump-search-also-for-vmlinux.xz.patch (bnc#1155921) ==== kernel-firmware ==== Version update (20191023 -> 20191108) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20191108 (git commit f1100ddf581f): * i915: Add HuC firmware v7.0.3 for TGL * i915: Add GuC firmware v35.2.0 for TGL * i915: Add HuC firmware v9.0.0 for EHL * i915: Add GuC firmware v33.0.4 for EHL * rtw88: RTL8723D: add firmware file v48 * qed: Add firmware 8.40.33.0 * amdgpu: add new navi14 wks gfx firmware for 19.30 * amdgpu: update navi14 firmware for 19.30 * amdgpu: update raven firmware for 19.30 * linux-firmware: Add firmware file for Intel Bluetooth AX201 ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Added Use-Python-distutils-to-install-SELinux.patch to use Python's distutils instead of building and installing python bindings manually ==== libselinux-bindings ==== - Add python3.8-compat.patch which makes build possible even with Python 3.8, which doesn?t automatically adds -lpython<ver> ==== libssh ==== Version update (0.9.0 -> 0.9.2) Subpackages: libssh-config libssh4 - Update to version 0.9.2 * Fixed libssh-config.cmake * Fixed issues with rsa algorithm negotiation (T191) * Fixed detection of OpenSSL ed25519 support (T197) - Update to version 0.9.1 * Added support for Ed25519 via OpenSSL * Added support for X25519 via OpenSSL * Added support for localuser in Match keyword * Fixed Match keyword to be case sensitive * Fixed compilation with LibreSSL * Fixed error report of channel open (T75) * Fixed sftp documentation (T137) * Fixed known_hosts parsing (T156) * Fixed build issue with MinGW (T157) * Fixed build with gcc 9 (T164) * Fixed deprecation issues (T165) * Fixed known_hosts directory creation (T166) ==== openssh ==== - Add openssh-8.1p1-seccomp-clock_nanosleep.patch, allow clock_nanosleep glibc master implements multiple functions using that syscall making the privsep sandbox kill the preauth process. ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap - Don't install open-iscsi by default [bsc#1156660] ==== read-only-root-fs ==== Version update (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) - Update to version 1.0+git20191112.42add9e: * Add RequiresMountsFor=/etc override for systemd-udevd.service ==== rpm-config-SUSE ==== Version update (0.g44 -> 0.g45) - Update to version 0.g45: * Use -flto=auto for _lto_cflags for now ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Import commit 0b715187a87907e18edf98eab9d0a50fced4a424 9dbdbc2f10 logind: fix (again) the race that might happen when logind restores VT (bsc#1101591 bsc#1140081) c848bec110 libblkid: open device in nonblock mode. (bsc#1084671) b70ad6c927 resolved: check for IP in certificate when using DoT with GnuTLS (bsc#1155539 CVE-2018-21029) bbedf3d557 resolved: require at least version 3.6.0 of GnuTLS for DNS-over-TLS eb732c2e29 resolved: fix connection failures with TLS 1.3 and GnuTLS 4e45084ac5 shared/install: failing with -ELOOP can be due to the use of an alias in install_error() 2e297f0d87 shared/install: fix error codes returned by install_context_apply() dd29d70d32 man: alias names can't be used with enable command - Fix %{_libexecdir} misuses of /usr/lib ==== ucode-intel ==== Version update (20190918 -> 20191112) - Updated to 20191112 security release (bsc#1155988) - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- new platforms ---------------------------------------- - AVN B0/C0 6-4d-8/01 0000012d Atom C2xxx - CNL-U D0 6-66-3/80 0000002a Core Gen8 Mobile - SKX-SP B1 6-55-3/97 01000151 Xeon Scalable - CLX-SP B0 6-55-6/bf 0400002c Xeon Scalable Gen2 - GLK-R R0 6-7a-8/01 00000016 Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 - ICL-U/Y D1 6-7e-5/80 00000046 Core Gen10 Mobile - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - ---- updated platforms ------------------------------------ - SKL-U/Y D0 6-4e-3/c0 000000cc->000000d4 Core Gen6 Mobile - SKX-SP H0/M0/U0 6-55-4/b7 02000064->02000065 Xeon Scalable - SKX-D M1 6-55-4/b7 02000064->02000065 Xeon D-21xx - CLX-SP B1 6-55-7/bf 0500002b->0500002c Xeon Scalable Gen2 - SKL-H/S/E3 R0/N0 6-5e-3/36 000000cc->000000d4 Core Gen6 - GLK B0 6-7a-1/01 0000002e->00000032 Pentium J5005/N5000, Celeron J4005/J4105/N4000/N4100 - AML-Y22 H0 6-8e-9/10 000000b4->000000c6 Core Gen8 Mobile - KBL-U/Y H0 6-8e-9/c0 000000b4->000000c6 Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 000000b4->000000c6 Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000b8->000000c6 Core Gen8 Mobile - AML-Y V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile - CML-U42 V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile - WHL-U V0 6-8e-c/94 000000b8->000000c6 Core Gen8 Mobile - KBL-G/X H0 6-9e-9/2a 000000b4->000000c6 Core Gen7/Gen8 - KBL-H/S/E3 B0 6-9e-9/2a 000000b4->000000c6 Core Gen7; Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 000000b4->000000c6 Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 000000b4->000000c6 Core Gen8 - CFL-H R0 6-9e-d/22 000000b8->000000c6 Core Gen9 Mobile - ---- removed platforms ------------------------------------ - CFL-H/S P0 6-9e-c/22 000000a2 Core Gen9 - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073) - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035) ==== xen ==== Version update (4.13.0_01 -> 4.13.0_02) - Update to Xen 4.13.0 RC2 release xen-4.13.0-testing-src.tar.bz2 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0

[opensuse-kubic] New Kubic snapshot 20191118 released!
by Richard Brown 20 Nov '19

20 Nov '19

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: c-ares (1.15.0~20191108 -> 1.15.0+20191108) conmon (2.0.2 -> 2.0.3) curl kdump kernel-firmware (20191023 -> 20191108) libselinux libselinux-bindings libssh (0.9.0 -> 0.9.2) openssh patterns-microos read-only-root-fs (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) rpm-config-SUSE (0.g44 -> 0.g45) systemd ucode-intel (20190918 -> 20191112) xen (4.13.0_01 -> 4.13.0_02) === Details === ==== c-ares ==== Version update (1.15.0~20191108 -> 1.15.0+20191108) - Fix version number of the snapshot to not be downgrade: bsc#1156601 ==== conmon ==== Version update (2.0.2 -> 2.0.3) - Add log level trace - Separate handling of log reopen events and terminal resize events ==== curl ==== Subpackages: libcurl4 - Fix segfault in zypper ref: [bsc#1156481] * remove_handle: clear expire timers after multi_done() * Add patch curl-expire-clear.patch ==== kdump ==== - add kdump-savedump-search-also-for-vmlinux.xz.patch (bnc#1155921) ==== kernel-firmware ==== Version update (20191023 -> 20191108) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20191108 (git commit f1100ddf581f): * i915: Add HuC firmware v7.0.3 for TGL * i915: Add GuC firmware v35.2.0 for TGL * i915: Add HuC firmware v9.0.0 for EHL * i915: Add GuC firmware v33.0.4 for EHL * rtw88: RTL8723D: add firmware file v48 * qed: Add firmware 8.40.33.0 * amdgpu: add new navi14 wks gfx firmware for 19.30 * amdgpu: update navi14 firmware for 19.30 * amdgpu: update raven firmware for 19.30 * linux-firmware: Add firmware file for Intel Bluetooth AX201 ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Added Use-Python-distutils-to-install-SELinux.patch to use Python's distutils instead of building and installing python bindings manually ==== libselinux-bindings ==== - Add python3.8-compat.patch which makes build possible even with Python 3.8, which doesn?t automatically adds -lpython<ver> ==== libssh ==== Version update (0.9.0 -> 0.9.2) Subpackages: libssh-config libssh4 - Update to version 0.9.2 * Fixed libssh-config.cmake * Fixed issues with rsa algorithm negotiation (T191) * Fixed detection of OpenSSL ed25519 support (T197) - Update to version 0.9.1 * Added support for Ed25519 via OpenSSL * Added support for X25519 via OpenSSL * Added support for localuser in Match keyword * Fixed Match keyword to be case sensitive * Fixed compilation with LibreSSL * Fixed error report of channel open (T75) * Fixed sftp documentation (T137) * Fixed known_hosts parsing (T156) * Fixed build issue with MinGW (T157) * Fixed build with gcc 9 (T164) * Fixed deprecation issues (T165) * Fixed known_hosts directory creation (T166) ==== openssh ==== - Add openssh-8.1p1-seccomp-clock_nanosleep.patch, allow clock_nanosleep glibc master implements multiple functions using that syscall making the privsep sandbox kill the preauth process. ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap - Don't install open-iscsi by default [bsc#1156660] ==== read-only-root-fs ==== Version update (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e) - Update to version 1.0+git20191112.42add9e: * Add RequiresMountsFor=/etc override for systemd-udevd.service ==== rpm-config-SUSE ==== Version update (0.g44 -> 0.g45) - Update to version 0.g45: * Use -flto=auto for _lto_cflags for now ==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Import commit 0b715187a87907e18edf98eab9d0a50fced4a424 9dbdbc2f10 logind: fix (again) the race that might happen when logind restores VT (bsc#1101591 bsc#1140081) c848bec110 libblkid: open device in nonblock mode. (bsc#1084671) b70ad6c927 resolved: check for IP in certificate when using DoT with GnuTLS (bsc#1155539 CVE-2018-21029) bbedf3d557 resolved: require at least version 3.6.0 of GnuTLS for DNS-over-TLS eb732c2e29 resolved: fix connection failures with TLS 1.3 and GnuTLS 4e45084ac5 shared/install: failing with -ELOOP can be due to the use of an alias in install_error() 2e297f0d87 shared/install: fix error codes returned by install_context_apply() dd29d70d32 man: alias names can't be used with enable command - Fix %{_libexecdir} misuses of /usr/lib ==== ucode-intel ==== Version update (20190918 -> 20191112) - Updated to 20191112 security release (bsc#1155988) - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- new platforms ---------------------------------------- - AVN B0/C0 6-4d-8/01 0000012d Atom C2xxx - CNL-U D0 6-66-3/80 0000002a Core Gen8 Mobile - SKX-SP B1 6-55-3/97 01000151 Xeon Scalable - CLX-SP B0 6-55-6/bf 0400002c Xeon Scalable Gen2 - GLK-R R0 6-7a-8/01 00000016 Pentium J5040/N5030, Celeron J4125/J4025/N4020/N4120 - ICL-U/Y D1 6-7e-5/80 00000046 Core Gen10 Mobile - CML-U62 A0 6-a6-0/80 000000c6 Core Gen10 Mobile - ---- updated platforms ------------------------------------ - SKL-U/Y D0 6-4e-3/c0 000000cc->000000d4 Core Gen6 Mobile - SKX-SP H0/M0/U0 6-55-4/b7 02000064->02000065 Xeon Scalable - SKX-D M1 6-55-4/b7 02000064->02000065 Xeon D-21xx - CLX-SP B1 6-55-7/bf 0500002b->0500002c Xeon Scalable Gen2 - SKL-H/S/E3 R0/N0 6-5e-3/36 000000cc->000000d4 Core Gen6 - GLK B0 6-7a-1/01 0000002e->00000032 Pentium J5005/N5000, Celeron J4005/J4105/N4000/N4100 - AML-Y22 H0 6-8e-9/10 000000b4->000000c6 Core Gen8 Mobile - KBL-U/Y H0 6-8e-9/c0 000000b4->000000c6 Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 000000b4->000000c6 Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000b8->000000c6 Core Gen8 Mobile - AML-Y V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile - CML-U42 V0 6-8e-c/94 000000b8->000000c6 Core Gen10 Mobile - WHL-U V0 6-8e-c/94 000000b8->000000c6 Core Gen8 Mobile - KBL-G/X H0 6-9e-9/2a 000000b4->000000c6 Core Gen7/Gen8 - KBL-H/S/E3 B0 6-9e-9/2a 000000b4->000000c6 Core Gen7; Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 000000b4->000000c6 Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 000000b4->000000c6 Core Gen8 - CFL-H R0 6-9e-d/22 000000b8->000000c6 Core Gen9 Mobile - ---- removed platforms ------------------------------------ - CFL-H/S P0 6-9e-c/22 000000a2 Core Gen9 - Includes security fixes for: - CVE-2019-11135: Added feature allowing to disable TSX RTM (bsc#1139073) - CVE-2019-11139: A CPU microcode only fix for Voltage modulation issues (bsc#1141035) ==== xen ==== Version update (4.13.0_01 -> 4.13.0_02) - Update to Xen 4.13.0 RC2 release xen-4.13.0-testing-src.tar.bz2 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 0