Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor
python-appdirs
python-cffi (1.13.0 -> 1.13.2)
python-pyasn1 (0.4.7 -> 0.4.8)
python-pyparsing (2.4.2 -> 2.4.5)
=== Details ===
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor
- Properly pull in full python3 interpreter
==== python-appdirs ====
- Format with spec-cleaner
==== python-cffi ====
Version update (1.13.0 -> 1.13.2)
- Update to 1.13.2:
* re-release because the Linux wheels came with an attached version of libffi that was very old and buggy
- Update to 1.13.1:
* deprecate the way to declare in cdef() a global variable with only void *foo;. You should always use a storage class, like extern void *foo; or maybe static void *foo;. These are all equivalent for the purposes of cdef(), but the reason for deprecating the bare version is that (as far as I know) it would always be mistake in a real C header.
* fix the regression RuntimeError: found a situation in which we try to build a type recursively.
* fixed issue #427 where a multithreading mistake in the embedding logic initialization code would cause deadlocks on CPython 3.7.
==== python-pyasn1 ====
Version update (0.4.7 -> 0.4.8)
- Update to 0.4.8:
* Added ability of combining `SingleValueConstraint` and
`PermittedAlphabetConstraint` objects into one for proper modeling
`FROM ... EXCEPT ...` ASN.1 clause.
==== python-pyparsing ====
Version update (2.4.2 -> 2.4.5)
- update to version 2.4.5:
* Fixed encoding when setup.py reads README.rst to include the
project long description when uploading to PyPI. A stray unicode
space in README.rst prevented the source install on systems whose
default encoding is not 'utf-8'.
- changes from version 2.4.4:
* Unresolved symbol reference in 2.4.3 release was masked by stdout
buffering in unit tests, thanks for the prompt heads-up, Ned
Batchelder!
- changes from version 2.4.3:
* Fixed a bug in ParserElement.__eq__ that would for some parsers
create a recursion error at parser definition time. Thanks to
Michael Clerx for the assist. (Addresses issue #123)
* Fixed bug in indentedBlock where a block that ended at the end of
the input string could cause pyaprsing to loop forever. Raised as
part of discussion on StackOverflow with geckos.
* Backports from pyparsing 3.0.0:
+ __diag__.enable_all_warnings()
+ Fixed bug in PrecededBy which caused infinite recursion, issue
[#127]
+ support for using regex-compiled RE to construct Regex
expressions
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor
python-PrettyTable
python-appdirs
python-cffi (1.13.0 -> 1.13.2)
python-psutil (5.6.3 -> 5.6.5)
python-pyasn1 (0.4.7 -> 0.4.8)
python-pycryptodome (3.9.0 -> 3.9.2)
python-pyparsing (2.4.2 -> 2.4.5)
python-pyzmq (18.1.0 -> 18.1.1)
=== Details ===
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor
- Properly pull in full python3 interpreter
==== python-PrettyTable ====
- Run through spec-cleaner
==== python-appdirs ====
- Format with spec-cleaner
==== python-cffi ====
Version update (1.13.0 -> 1.13.2)
- Update to 1.13.2:
* re-release because the Linux wheels came with an attached version of libffi that was very old and buggy
- Update to 1.13.1:
* deprecate the way to declare in cdef() a global variable with only void *foo;. You should always use a storage class, like extern void *foo; or maybe static void *foo;. These are all equivalent for the purposes of cdef(), but the reason for deprecating the bare version is that (as far as I know) it would always be mistake in a real C header.
* fix the regression RuntimeError: found a situation in which we try to build a type recursively.
* fixed issue #427 where a multithreading mistake in the embedding logic initialization code would cause deadlocks on CPython 3.7.
==== python-psutil ====
Version update (5.6.3 -> 5.6.5)
- update to version 5.6.5:
* Bug fixes
+ 1615: remove pyproject.toml as it was causing installation
issues.
- changes from version 5.6.4:
* Enhancements
+ 1527: [Linux] added Process.cpu_times().iowait counter, which is
the time spent waiting for blocking I/O to complete.
+ 1565: add PEP 517/8 build backend and requirements specification
for better pip integration. (patch by Bernát Gábor)
* Bug fixes
+ 875: [Windows] Process' cmdline(), environ() or cwd() may
occasionally fail with ERROR_PARTIAL_COPY which now gets
translated to AccessDenied.
+ 1126: [Linux] cpu_affinity() segfaults on CentOS 5 /
manylinux. cpu_affinity() support for CentOS 5 was removed.
+ 1528: [AIX] compilation error on AIX 7.2 due to 32 vs 64 bit
differences. (patch by Arnon Yaari)
+ 1535: 'type' and 'family' fields returned by net_connections()
are not always turned into enums.
+ 1536: [NetBSD] process cmdline() erroneously raise ZombieProcess
error if cmdline has non encodable chars.
+ 1546: usage percent may be rounded to 0 on Python 2.
+ 1552: [Windows] getloadavg() math for calculating 5 and 15 mins
values is incorrect.
+ 1568: [Linux] use CC compiler env var if defined.
+ 1570: [Windows] NtWow64* syscalls fail to raise the proper error
code
+ 1585: [OSX] calling close() (in C) on possible negative
integers. (patch by Athos Ribeiro)
+ 1606: [SunOS] compilation fails on SunOS 5.10. (patch by vser1)
==== python-pyasn1 ====
Version update (0.4.7 -> 0.4.8)
- Update to 0.4.8:
* Added ability of combining `SingleValueConstraint` and
`PermittedAlphabetConstraint` objects into one for proper modeling
`FROM ... EXCEPT ...` ASN.1 clause.
==== python-pycryptodome ====
Version update (3.9.0 -> 3.9.2)
- Update to 3.9.2 (10 November 2019):
+ New features
* Add Python 3.8 wheels for Mac.
+ Resolved issues
* GH#308: Avoid allocating arrays of __m128i on the stack, to
cope with buggy compilers.
* GH#322: Remove blanket -O3 optimization for gcc and clang, to
cope with buggy compilers.
* GH#337: Fix typing stubs for signatures.
* GH#338: Deal with gcc installations that don't have
x86intrin.h.
- Update to version 3.9.1 (1 November 2019):
+ New features
* Add Python 3.8 wheels for Linux and Windows.
+ Resolved issues
* GH#328: minor speed-up when importing RSA.
- Add export LC_ALL=en_US.UTF-8 to %build, %install and %check to
fix the build on older distros
(as done from Thomas Bechtold in python-pycryptodomex)
==== python-pyparsing ====
Version update (2.4.2 -> 2.4.5)
- update to version 2.4.5:
* Fixed encoding when setup.py reads README.rst to include the
project long description when uploading to PyPI. A stray unicode
space in README.rst prevented the source install on systems whose
default encoding is not 'utf-8'.
- changes from version 2.4.4:
* Unresolved symbol reference in 2.4.3 release was masked by stdout
buffering in unit tests, thanks for the prompt heads-up, Ned
Batchelder!
- changes from version 2.4.3:
* Fixed a bug in ParserElement.__eq__ that would for some parsers
create a recursion error at parser definition time. Thanks to
Michael Clerx for the assist. (Addresses issue #123)
* Fixed bug in indentedBlock where a block that ended at the end of
the input string could cause pyaprsing to loop forever. Raised as
part of discussion on StackOverflow with geckos.
* Backports from pyparsing 3.0.0:
+ __diag__.enable_all_warnings()
+ Fixed bug in PrecededBy which caused infinite recursion, issue
[#127]
+ support for using regex-compiled RE to construct Regex
expressions
==== python-pyzmq ====
Version update (18.1.0 -> 18.1.1)
- update to version 18.1.1:
* Fix race condition when shutting down ZAP thread while events are
still processing (only affects tests)
* Publish wheels for Python 3.8 on all platforms
* Stop publishing wheels for Python 3.4 on Windows
* Sources generated with Cython 0.29.14
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
elfutils
installation-images-MicroOS (14.443 -> 14.447)
ncurses
open-lldp (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3)
openssl (1.1.1c -> 1.1.1d)
openssl-1_1 (1.1.1c -> 1.1.1d)
ucode-intel (20191112 -> 20191115)
yast2 (4.2.30 -> 4.2.34)
=== Details ===
==== elfutils ====
Subpackages: libasm1 libdw1 libebl-plugins libelf1
- disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead
- dwelf_elf_e_machine_string.patch: Avoid spurious failure
==== installation-images-MicroOS ====
Version update (14.443 -> 14.447)
- merge gh#openSUSE/installation-images#343
- Revert "Include KacstOne font for Persian (boo#1092920)"
- Use Noto Naskh Arabic instead of KacstBook (boo#1092920)
- another attempt to fix fonts
- 14.447
- merge gh#openSUSE/installation-images#344
- Added linuxrc reboot_timeout option (bsc1122493)
- 14.446
- merge gh#openSUSE/installation-images#342
- Include KacstOne font for Persian (boo#1092920)
- 14.445
==== ncurses ====
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Do not add has size to linker flags of any pkg-config
- Add ncurses patch 20191109
+ add warning-check in tic for terminals with parm_dch vs parm_ich.
+ drop ich1 from rxvt-basic, Eterm and mlterm to improve compatibility
with old non-curses programs -TD
+ reviewed st 0.8.2, updated some details -TD
+ use ansi+rep several places -TD
+ corrected tic's check for ich1 (report by Sebastian J. Bronner,
cf: 20020901).
- Add ncurses patch 20191102
+ check parameter of set_escdelay, return ERR if negative.
+ check parameter of set_tabsize, return ERR if not greater than zero
(report/patch by Anthony Sottile).
+ revise CF_ADD_LIBS macro to prepend rather than append libraries.
+ add "xterm-mono" to help packagers (report by Sven Joachim) -TD
==== open-lldp ====
Version update (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3)
Subpackages: liblldp_clif1
- Update to version v1.0.1+102.4c7fcc3:
* l2_packet: Guard ETH_P_LLDP define
* lldp_mand: retrieve permanent mac address in get_mac()
* lldp_util: use netlink to fetch mac address
* lldp_util: drop get_macstr()
* linux/if_link.h: Update and add bonding netlink definitions
- Update to version v1.0.1+95.3168e11:
* Test with newer GCC 8 and 9 versions
* RPM build is broken, so skip
* Place the tarball in the right place
* A tarball needs to be built after bootstrap.sh for use with RPM
* Added missing steps for building an RPM
* Finish off with testing building the RPM
* Test package installation as well
* Test under multiple GCC releases
* Drop requirement for Travis CI testing with Clang
* Support checking build with Travis CI
* vdp-netlink: account for sizes properly
* qbg: avoid warning for extra parens
* qbg: port name is always a valid pointer
* dcbx-nl: drop run_cmd
* ecp: allow for failure to create
* lldp_util: allow for null ifa_addr element
* lldpad: Do not enable port if already enabled
* Silent -Werror=address-of-packed-member warnings.
* Come up with STRNCPY_TERMINATED (#25).
* vdptool: fixed compile error for getline()
* Fix #23 by off by one strncpy value.
* 8021qaz: Block lldptool set operations if read only mode is on
* 8021qaz: Add read only option for 8021qaz module
* lldp: Allow lldptool to modify optional TLV's content
* 8021qaz: Print dscp2prio map
* autoconf: Add systemd support in configure.ac
* rpm-spec: Add vdp22 man files to lldpad.spec.in
==== openssl ====
Version update (1.1.1c -> 1.1.1d)
- Update to 1.1.1d release
==== openssl-1_1 ====
Version update (1.1.1c -> 1.1.1d)
Subpackages: libopenssl1_1
- Merged upstream changes to allow NULL salt values in EVP_PBE_scrypt().
* Revealed by nodejs12 during bsc#1149572.
* Modified openssl-jsc-SLE-8789-backport_KDF.patch
- openssl-jsc-SLE-8789-backport_KDF.patch: retain old behaviour
of EVP_PBE_scrypt. When key output buffer is not provided,
only check if the input parameters are in valid range and
ignore passphrase/salt fields as they are only used in
the actual calculation.
- Update to 1.1.1d (bsc#1133925, jsc#SLE-6430)
* Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
number generator (RNG). This was intended to include protection in the
event of a fork() system call in order to ensure that the parent and child
processes did not share the same RNG state. However this protection was not
being used in the default case.
(bsc#1150247, CVE-2019-1549)
* Compute ECC cofactors if not provided during EC_GROUP construction. Before
this change, EC_GROUP_set_generator would accept order and/or cofactor as
NULL. After this change, only the cofactor parameter can be NULL.
(bsc#1150003, CVE-2019-1547)
* Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
(bsc#1150250, CVE-2019-1563)
* For built-in EC curves, ensure an EC_GROUP built from the curve name is
used even when parsing explicit parameters, when loading a serialized key
or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters().
* Early start up entropy quality from the DEVRANDOM seed source has been
improved for older Linux systems.
* Changed DH_check to accept parameters with order q and 2q subgroups.
With order 2q subgroups the bit 0 of the private key is not secret
but DH_generate_key works around that by clearing bit 0 of the
private key for those. This avoids leaking bit 0 of the private key.
* Significantly reduce secure memory usage by the randomness pools.
* Revert the DEVRANDOM_WAIT feature for Linux systems
- drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream)
- refresh patches
* openssl-1.1.0-no-html.patch
* openssl-jsc-SLE-8789-backport_KDF.patch
- To avoid seperate certification of openssh server / client
move the SSH KDF (Key Derivation Function) into openssl.
* jsc#SLE-8789
* Sourced from commit
8d76481b189b7195ef932e0fb8f0e23ab0120771#diff-a9562bc75317360a2e6b8b0748956e34
in openssl master (introduce the SSH KDF)
and commit 5a285addbf39f91d567f95f04b2b41764127950d
in openssl master (backport EVP/KDF API framework)
* added openssl-jsc-SLE-8789-backport_KDF.patch
==== ucode-intel ====
Version update (20191112 -> 20191115)
- Updated to 20191115 release (bsc#1157004)
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- updated platforms ------------------------------------
- SKL-U/Y D0 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile
- SKL-U23e K1 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile
- SKL-H/S/E3 N0/R0/S0 6-5e-3/36 000000d4->000000d6 Core Gen6
- AML-Y22 H0 6-8e-9/10 000000c6->000000ca Core Gen8 Mobile
- KBL-U/Y H0 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile
- KBL-U23e J1 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile
- CFL-U43e D0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile
- KBL-R U Y0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile
- WHL-U W0 6-8e-b/d0 000000c6->000000ca Core Gen8 Mobile
- AML-Y42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile
- WHL-U V0 6-8e-c/94 000000c6->000000ca Core Gen8 Mobile
- CML-U42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile
- KBL-G/H/S/X/E3 B0 6-9e-9/2a 000000c6->000000ca Core Gen7 Desktop, Mobile, Xeon E3 v6
- CFL-H/S/E3 U0 6-9e-a/22 000000c6->000000ca Core Gen8 Desktop, Mobile, Xeon E
- CFL-S B0 6-9e-b/02 000000c6->000000ca Core Gen8
- CFL-S P0 6-9e-c/22 000000c6->000000ca Core Gen9 Desktop
- CFL-H/S/E3 R0 6-9e-d/22 000000c6->000000ca Core Gen9 Desktop, Mobile, Xeon E
- CML-U62 A0 6-a6-0/80 000000c6->000000ca Core Gen10 Mobile
- Updated to 20191113 release
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- updated platforms ------------------------------------
- CFL-S P0 6-9e-c/22 000000a2->000000c6 Core Gen9 Desktop
==== yast2 ====
Version update (4.2.30 -> 4.2.34)
- Fix crash in upgrade caused by wrong parameter to snapper
(bsc#1156819)
- 4.2.34
- Use new snapper machine-readable output to retrieve snapshots
information (related to bsc#1149322).
- 4.2.33
- Add linuxrc option "reboot_timeout" to configure the timeout
before reboot (bsc#1122493)
- 4.2.32
- Network: During an installation, check which backend is in use
when Systemd is running. (bsc#1151291)
- 4.2.31
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
elfutils
haproxy (2.0.7+git0.1909aa1e -> 2.0.9+git6.26b7b800)
installation-images-MicroOS (14.443 -> 14.447)
ncurses
open-lldp (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3)
openssl (1.1.1c -> 1.1.1d)
openssl-1_1 (1.1.1c -> 1.1.1d)
ucode-intel (20191112 -> 20191115)
yast2 (4.2.30 -> 4.2.34)
=== Details ===
==== elfutils ====
Subpackages: libasm1 libdw1 libebl-plugins libelf1
- disable-tests-with-ptrace.patch: Remove, set XFAIL_TESTS instead
- dwelf_elf_e_machine_string.patch: Avoid spurious failure
==== haproxy ====
Version update (2.0.7+git0.1909aa1e -> 2.0.9+git6.26b7b800)
- Update to version 2.0.9+git6.26b7b800:
* BUG/MINOR: ssl: fix crt-list neg filter for openssl < 1.1.1
* BUG/MINOR: peers: Wrong null "server_name" data field handling.
* MINOR: peers: Add debugging information to "show peers".
* MINOR: peers: Add TX/RX heartbeat counters.
* MINOR: peers: Alway show the table info for disconnected peers.
- Update to version 2.0.9+git1.caf02113:
* BUG/MINOR: init: fix set-dumpable when using uid/gid
- Update to version 2.0.9+git0.efac87ee:
* [RELEASE] Released version 2.0.9
* BUG/MINOR: mux-h1: Don't set CS_FL_EOS on a read0 when receiving data to pipe
* BUG/MEDIUM: filters: Don't call TCP callbacks for HTX streams
* BUG/MINOR: log: limit the size of the startup-logs
* BUILD: contrib/da: remove an "unused" warning
* MINOR: memory: also poison the area on freeing
* CLEANUP: session: slightly simplify idle connection cleanup logic
* BUG/MEDIUM: Make sure we leave the session list in session_free().
* BUG/MEDIUM: listeners: always pause a listener on out-of-resource condition
* BUG/MINOR: queue/threads: make the queue unlinking atomic
* DOC: management: fix typo on "cache_lookups" stats output
* DOC: management: document cache_hits and cache_lookups in the CSV format
* DOC: management: document reuse and connect counters in the CSV format
* BUG: dns: timeout resolve not applied for valid resolutions
* BUG/MINOR: action: do-resolve now use cached response
* BUG/MEDIUM: stream: Be sure to release allocated captures for TCP streams
* MINOR: doc: http-reuse connection pool fix
* BUG/MEDIUM: stream: Be sure to support splicing at the mux level to enable it
* BUG/MEDIUM: mux-h1: Disable splicing for chunked messages
* BUG/MEDIUM: mux-h2: immediately report connection errors on streams
* BUG/MEDIUM: mux-h2: immediately remove a failed connection from the idle list
* BUG/MEDIUM: mux-h2: report no available stream on a connection having errors
* BUG/MINOR: config: Update cookie domain warn to RFC6265
* BUG/MEDIUM: servers: Only set SF_SRV_REUSED if the connection if fully ready.
* BUG/MEDIUM: stream_interface: Only use SI_ST_RDY when the mux is ready.
* MINOR: mux: Add a new method to get informations about a mux.
* BUG/MINOR: spoe: fix off-by-one length in UUID format string
* BUG/MAJOR: stream-int: Don't receive data from mux until SI_ST_EST is reached
* BUG/MINOR: mux-h2: Don't pretend mux buffers aren't full anymore if nothing sent
* BUG/MINOR: cli: don't call the kw->io_release if kw->parse failed
* MINOR: tcp: avoid confusion in time parsing init
* BUG/MINOR: mux-h2: do not emit logs on backend connections
* MINOR: config: warn on presence of "\n" in header values/replacements
- Update to version 2.0.8+git0.60e6020c:
* [RELEASE] Released version 2.0.8
* BUG/MEDIUM: pattern: make the pattern LRU cache thread-local and lockless
* BUG/MINOR: stick-table: fix an incorrect 32 to 64 bit key conversion
* BUG/MINOR: ssl: fix memcpy overlap without consequences.
* BUG/MEDIUM: http: unbreak redirects in legacy mode
* BUG/MINOR: mux-h2: also make sure blocked legacy connections may expire
* BUG/MINOR: sample: Make the `field` converter compatible with `-m found`
* BUG/MINOR: cache: alloc shctx after check config
* BUG/MINOR: stick-table: Never exceed (MAX_SESS_STKCTR-1) when fetching a stkctr
* BUG/MINOR: ssl: Fix fd leak on error path when a TLS ticket keys file is parsed
* BUG/MINOR: mworker/cli: reload fail with inherited FD
* BUG/MEDIUM: ssl: 'tune.ssl.default-dh-param' value ignored with openssl > 1.1.1
* CLEANUP: bind: handle warning label on bind keywords parsing.
* CLEANUP: ssl: make ssl_sock_load_dh_params handle errcode/warn
* CLEANUP: ssl: make ssl_sock_put_ckch_into_ctx handle errcode/warn
* CLEANUP: ssl: make ssl_sock_load_cert*() return real error codes
* REGTEST: mcli/mcli_show_info: launch a 'show info' on the master CLI
* BUG/MEDIUM: mux_pt: Only call the wake emthod if nobody subscribed to receive.
* BUG/MEDIUM: mux_pt: Don't destroy the connection if we have a stream attached.
* Revert e8826ded5fea3593d89da2be5c2d81c522070995.
* BUG/MAJOR: idle conns: schedule the cleanup task on the correct threads
* BUG/MEDIUM: mux_pt: Make sure we don't have a conn_stream before freeing.
* BUG/MINOR: tcp: Don't alter counters returned by tcp info fetchers
* BUG/MINOR: mworker/ssl: close openssl FDs unconditionally
* BUG/MINOR: http-htx: Properly set htx flags on error files to support keep-alive
* MINOR: version: make the version strings variables, not constants
* BUG/MINOR: WURFL: fix send_log() function arguments
* BUG/MINOR: mux-h1: Capture ignored parsing errors
* BUG/MINOR: mux-h1: Mark the output buffer as full when the xfer is interrupted
* BUG/MINOR: chunk: Fix tests on the chunk size in functions copying data
* BUG/MEDIUM: htx: Catch chunk_memcat() failures when HTX data are formatted to h1
* BUILD: ssl: wrong #ifdef for SSL engines code
* BUG/MINOR: ssl: abort on sni_keytypes allocation failure
* BUG/MINOR: ssl: free the sni_keytype nodes
* BUG/MINOR: ssl: abort on sni allocation failure
* BUG/MEDIUM: applet: always check a fast running applet's activity before killing
* MINOR: stats: mention in the help message support for "json" and "typed"
* DOC: fix typo in Prometheus exporter doc
* DOC: clarify some points around http-send-name-header's behavior
* BUG/MEDIUM: cache: make sure not to cache requests with absolute-uri
* BUG/MINOR: peers: crash on reload without local peer.
* BUG/MEDIUM: mux-h2: do not enforce timeout on long connections
* BUILD: ebtree: make eb_is_empty() and eb_is_dup() take a const
* MINOR: mux-h2: add a per-connection list of blocked streams
* BUG/MINOR: action: do-resolve does not yield on requests with body
* BUG/MEDIUM: lua: Store stick tables into the sample's `t` field
* BUG/MINOR: lua: Properly initialize the buffer's fields for string samples in hlua_lua2(smp|arg)
* BUG/MINOR: stats: Add a missing break in a switch statement
==== installation-images-MicroOS ====
Version update (14.443 -> 14.447)
- merge gh#openSUSE/installation-images#343
- Revert "Include KacstOne font for Persian (boo#1092920)"
- Use Noto Naskh Arabic instead of KacstBook (boo#1092920)
- another attempt to fix fonts
- 14.447
- merge gh#openSUSE/installation-images#344
- Added linuxrc reboot_timeout option (bsc1122493)
- 14.446
- merge gh#openSUSE/installation-images#342
- Include KacstOne font for Persian (boo#1092920)
- 14.445
==== ncurses ====
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Do not add has size to linker flags of any pkg-config
- Add ncurses patch 20191109
+ add warning-check in tic for terminals with parm_dch vs parm_ich.
+ drop ich1 from rxvt-basic, Eterm and mlterm to improve compatibility
with old non-curses programs -TD
+ reviewed st 0.8.2, updated some details -TD
+ use ansi+rep several places -TD
+ corrected tic's check for ich1 (report by Sebastian J. Bronner,
cf: 20020901).
- Add ncurses patch 20191102
+ check parameter of set_escdelay, return ERR if negative.
+ check parameter of set_tabsize, return ERR if not greater than zero
(report/patch by Anthony Sottile).
+ revise CF_ADD_LIBS macro to prepend rather than append libraries.
+ add "xterm-mono" to help packagers (report by Sven Joachim) -TD
==== open-lldp ====
Version update (1.0.1+56.cb81e95 -> 1.0.1+102.4c7fcc3)
Subpackages: liblldp_clif1
- Update to version v1.0.1+102.4c7fcc3:
* l2_packet: Guard ETH_P_LLDP define
* lldp_mand: retrieve permanent mac address in get_mac()
* lldp_util: use netlink to fetch mac address
* lldp_util: drop get_macstr()
* linux/if_link.h: Update and add bonding netlink definitions
- Update to version v1.0.1+95.3168e11:
* Test with newer GCC 8 and 9 versions
* RPM build is broken, so skip
* Place the tarball in the right place
* A tarball needs to be built after bootstrap.sh for use with RPM
* Added missing steps for building an RPM
* Finish off with testing building the RPM
* Test package installation as well
* Test under multiple GCC releases
* Drop requirement for Travis CI testing with Clang
* Support checking build with Travis CI
* vdp-netlink: account for sizes properly
* qbg: avoid warning for extra parens
* qbg: port name is always a valid pointer
* dcbx-nl: drop run_cmd
* ecp: allow for failure to create
* lldp_util: allow for null ifa_addr element
* lldpad: Do not enable port if already enabled
* Silent -Werror=address-of-packed-member warnings.
* Come up with STRNCPY_TERMINATED (#25).
* vdptool: fixed compile error for getline()
* Fix #23 by off by one strncpy value.
* 8021qaz: Block lldptool set operations if read only mode is on
* 8021qaz: Add read only option for 8021qaz module
* lldp: Allow lldptool to modify optional TLV's content
* 8021qaz: Print dscp2prio map
* autoconf: Add systemd support in configure.ac
* rpm-spec: Add vdp22 man files to lldpad.spec.in
==== openssl ====
Version update (1.1.1c -> 1.1.1d)
- Update to 1.1.1d release
==== openssl-1_1 ====
Version update (1.1.1c -> 1.1.1d)
Subpackages: libopenssl1_1
- Merged upstream changes to allow NULL salt values in EVP_PBE_scrypt().
* Revealed by nodejs12 during bsc#1149572.
* Modified openssl-jsc-SLE-8789-backport_KDF.patch
- openssl-jsc-SLE-8789-backport_KDF.patch: retain old behaviour
of EVP_PBE_scrypt. When key output buffer is not provided,
only check if the input parameters are in valid range and
ignore passphrase/salt fields as they are only used in
the actual calculation.
- Update to 1.1.1d (bsc#1133925, jsc#SLE-6430)
* Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
number generator (RNG). This was intended to include protection in the
event of a fork() system call in order to ensure that the parent and child
processes did not share the same RNG state. However this protection was not
being used in the default case.
(bsc#1150247, CVE-2019-1549)
* Compute ECC cofactors if not provided during EC_GROUP construction. Before
this change, EC_GROUP_set_generator would accept order and/or cofactor as
NULL. After this change, only the cofactor parameter can be NULL.
(bsc#1150003, CVE-2019-1547)
* Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
(bsc#1150250, CVE-2019-1563)
* For built-in EC curves, ensure an EC_GROUP built from the curve name is
used even when parsing explicit parameters, when loading a serialized key
or calling EC_GROUP_new_from_ecpkparameters()/EC_GROUP_new_from_ecparameters().
* Early start up entropy quality from the DEVRANDOM seed source has been
improved for older Linux systems.
* Changed DH_check to accept parameters with order q and 2q subgroups.
With order 2q subgroups the bit 0 of the private key is not secret
but DH_generate_key works around that by clearing bit 0 of the
private key for those. This avoids leaking bit 0 of the private key.
* Significantly reduce secure memory usage by the randomness pools.
* Revert the DEVRANDOM_WAIT feature for Linux systems
- drop 0001-build_SYS_str_reasons-Fix-a-crash-caused-by-overlong.patch (upstream)
- refresh patches
* openssl-1.1.0-no-html.patch
* openssl-jsc-SLE-8789-backport_KDF.patch
- To avoid seperate certification of openssh server / client
move the SSH KDF (Key Derivation Function) into openssl.
* jsc#SLE-8789
* Sourced from commit
8d76481b189b7195ef932e0fb8f0e23ab0120771#diff-a9562bc75317360a2e6b8b0748956e34
in openssl master (introduce the SSH KDF)
and commit 5a285addbf39f91d567f95f04b2b41764127950d
in openssl master (backport EVP/KDF API framework)
* added openssl-jsc-SLE-8789-backport_KDF.patch
==== ucode-intel ====
Version update (20191112 -> 20191115)
- Updated to 20191115 release (bsc#1157004)
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- updated platforms ------------------------------------
- SKL-U/Y D0 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile
- SKL-U23e K1 6-4e-3/c0 000000d4->000000d6 Core Gen6 Mobile
- SKL-H/S/E3 N0/R0/S0 6-5e-3/36 000000d4->000000d6 Core Gen6
- AML-Y22 H0 6-8e-9/10 000000c6->000000ca Core Gen8 Mobile
- KBL-U/Y H0 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile
- KBL-U23e J1 6-8e-9/c0 000000c6->000000ca Core Gen7 Mobile
- CFL-U43e D0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile
- KBL-R U Y0 6-8e-a/c0 000000c6->000000ca Core Gen8 Mobile
- WHL-U W0 6-8e-b/d0 000000c6->000000ca Core Gen8 Mobile
- AML-Y42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile
- WHL-U V0 6-8e-c/94 000000c6->000000ca Core Gen8 Mobile
- CML-U42 V0 6-8e-c/94 000000c6->000000ca Core Gen10 Mobile
- KBL-G/H/S/X/E3 B0 6-9e-9/2a 000000c6->000000ca Core Gen7 Desktop, Mobile, Xeon E3 v6
- CFL-H/S/E3 U0 6-9e-a/22 000000c6->000000ca Core Gen8 Desktop, Mobile, Xeon E
- CFL-S B0 6-9e-b/02 000000c6->000000ca Core Gen8
- CFL-S P0 6-9e-c/22 000000c6->000000ca Core Gen9 Desktop
- CFL-H/S/E3 R0 6-9e-d/22 000000c6->000000ca Core Gen9 Desktop, Mobile, Xeon E
- CML-U62 A0 6-a6-0/80 000000c6->000000ca Core Gen10 Mobile
- Updated to 20191113 release
- Processor Identifier Version Products
- Model Stepping F-MO-S/PI Old->New
- ---- updated platforms ------------------------------------
- CFL-S P0 6-9e-c/22 000000a2->000000c6 Core Gen9 Desktop
==== yast2 ====
Version update (4.2.30 -> 4.2.34)
- Fix crash in upgrade caused by wrong parameter to snapper
(bsc#1156819)
- 4.2.34
- Use new snapper machine-readable output to retrieve snapshots
information (related to bsc#1149322).
- 4.2.33
- Add linuxrc option "reboot_timeout" to configure the timeout
before reboot (bsc#1122493)
- 4.2.32
- Network: During an installation, check which backend is in use
when Systemd is running. (bsc#1151291)
- 4.2.31
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor
boost-base
btrfsprogs (5.2.2 -> 5.3.1)
kernel-firmware (20191023 -> 20191108)
podman (1.6.1 -> 1.6.2)
read-only-root-fs (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e)
rpm-config-SUSE (0.g42 -> 0.g45)
=== Details ===
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-profiles apparmor-utils
- add libapparmor-python3.8.diff to fix building the libapparmor python
bindings (deb#943657)
==== boost-base ====
- Make sure openmpi-macros-devel is not required for base flavor --
consolidate build_mpi/mpi macro into just one.
- Remove BuildArch guards, no longer relevant since SuSE 11.2
==== btrfsprogs ====
Version update (5.2.2 -> 5.3.1)
- Update to 5.3.1:
* libbtrfs: fix link breakage due to missing symbols
- Updaet to 5.3:
* mkfs:
* new option to specify checksum algorithm (only crc32c)
* fix xattr enumeration
* dump-tree: BFS (breadth-first) traversal now default
* libbtrfsutil: remove stale BTRFS_DEV_REPLACE_ITEM_STATE_x defines
* ci: add support for gitlab
* other:
* preparatory work for more checksum algorithms
* docs update
* switch to docbook5 backend for asciidoc
* fix build on uClibc due to missing backtrace()
* lots of printf format fixups
==== kernel-firmware ====
Version update (20191023 -> 20191108)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20191108 (git commit f1100ddf581f):
* i915: Add HuC firmware v7.0.3 for TGL
* i915: Add GuC firmware v35.2.0 for TGL
* i915: Add HuC firmware v9.0.0 for EHL
* i915: Add GuC firmware v33.0.4 for EHL
* rtw88: RTL8723D: add firmware file v48
* qed: Add firmware 8.40.33.0
* amdgpu: add new navi14 wks gfx firmware for 19.30
* amdgpu: update navi14 firmware for 19.30
* amdgpu: update raven firmware for 19.30
* linux-firmware: Add firmware file for Intel Bluetooth AX201
==== podman ====
Version update (1.6.1 -> 1.6.2)
- Add container-start-fix.patch to correct output of container-start to show container_name, not _id.
- Update podman to v1.6.2
* Features
- Added a --runtime flag to podman system migrate to allow the
OCI runtime for all containers to be reset, to ease transition
to the crun runtime on CGroups V2 systems until runc gains full
support
- The podman rm command can now remove containers in broken
states which previously could not be removed
- The podman info command, when run without root, now shows
information on UID and GID mappings in the rootless user
namespace
- Added podman build --squash-all flag, which squashes all layers
(including those of the base image) into one layer
- The --systemd flag to podman run and podman create now accepts
a string argument and allows a new value, always, which forces
systemd support without checking if the the container
entrypoint is systemd
* Bugfixes
- Fixed a bug where the podman top command did not work on
systems using CGroups V2 (#4192)
- Fixed a bug where rootless Podman could double-close a file,
leading to a panic
- Fixed a bug where rootless Podman could fail to retrieve some
containers while refreshing the state
- Fixed a bug where podman start --attach --sig-proxy=false would
still proxy signals into the container
- Fixed a bug where Podman would unconditionally use a
non-default path for authentication credentials (auth.json),
breaking podman login integration with skopeo and other tools
using the containers/image library
- Fixed a bug where podman ps --format=json and podman images
- -format=json would display null when no results were returned,
instead of valid JSON
- Fixed a bug where podman build --squash was incorrectly
squashing all layers into one, instead of only new layers
- Fixed a bug where rootless Podman would allow volumes with
options to be mounted (mounting volumes requires root),
creating an inconsistent state where volumes reported as
mounted but were not (#4248)
- Fixed a bug where volumes which failed to unmount could not be
removed (#4247)
- Fixed a bug where Podman incorrectly handled some errors
relating to unmounted or missing containers in
containers/storage
- Fixed a bug where podman stats was broken on systems running
CGroups V2 when run rootless (#4268)
- Fixed a bug where the podman start command would print the
short container ID, instead of the full ID
- Fixed a bug where containers created with an OCI runtime that
is no longer available (uninstalled or removed from the config
file) would not appear in podman ps and could not be removed
via podman rm
- Fixed a bug where containers restored via podman container
restore --import would retain the CGroup path of the original
container, even if their container ID changed; thus, multiple
containers created from the same checkpoint would all share the
same CGroup
* Misc
- The default PID limit for containers is now set to 4096. It can
be adjusted back to the old default (unlimited) by passing
- -pids-limit 0 to podman create and podman run
- The podman start --attach command now automatically attaches
STDIN if the container was created with -i
- The podman network create command now validates network names
using the same regular expression as container and pod names
- The --systemd flag to podman run and podman create will now
only enable systemd mode when the binary being run inside the
container is /sbin/init, /usr/sbin/init, or ends in systemd
(previously detected any path ending in init or systemd)
- Updated vendored Buildah to 1.11.3
- Updated vendored containers/storage to 1.13.5
- Updated vendored containers/image to 4.0.1
==== read-only-root-fs ====
Version update (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e)
- Update to version 1.0+git20191112.42add9e:
* Add RequiresMountsFor=/etc override for systemd-udevd.service
==== rpm-config-SUSE ====
Version update (0.g42 -> 0.g45)
- Update to version 0.g45:
* Use -flto=auto for _lto_cflags for now
- Update to version 0.g44:
* Sync specfile changes
* Add _lto_cflags to suse_macros for now
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor
boost-base
btrfsprogs (5.2.2 -> 5.3.1)
hello-kubic (1.1 -> 1.2)
kernel-firmware (20191023 -> 20191108)
podman (1.6.1 -> 1.6.2)
read-only-root-fs (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e)
rook (1.1.1+git0.g9a2641a6 -> 1.1.6+git0.g91d6f635)
rpm-config-SUSE (0.g42 -> 0.g45)
weave (2.5.2 -> 2.6.0)
=== Details ===
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-profiles apparmor-utils
- add libapparmor-python3.8.diff to fix building the libapparmor python
bindings (deb#943657)
==== boost-base ====
- Make sure openmpi-macros-devel is not required for base flavor --
consolidate build_mpi/mpi macro into just one.
- Remove BuildArch guards, no longer relevant since SuSE 11.2
==== btrfsprogs ====
Version update (5.2.2 -> 5.3.1)
- Update to 5.3.1:
* libbtrfs: fix link breakage due to missing symbols
- Updaet to 5.3:
* mkfs:
* new option to specify checksum algorithm (only crc32c)
* fix xattr enumeration
* dump-tree: BFS (breadth-first) traversal now default
* libbtrfsutil: remove stale BTRFS_DEV_REPLACE_ITEM_STATE_x defines
* ci: add support for gitlab
* other:
* preparatory work for more checksum algorithms
* docs update
* switch to docbook5 backend for asciidoc
* fix build on uClibc due to missing backtrace()
* lots of printf format fixups
==== hello-kubic ====
Version update (1.1 -> 1.2)
- Update to version 1.2
- use official openSUSE container image
==== kernel-firmware ====
Version update (20191023 -> 20191108)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20191108 (git commit f1100ddf581f):
* i915: Add HuC firmware v7.0.3 for TGL
* i915: Add GuC firmware v35.2.0 for TGL
* i915: Add HuC firmware v9.0.0 for EHL
* i915: Add GuC firmware v33.0.4 for EHL
* rtw88: RTL8723D: add firmware file v48
* qed: Add firmware 8.40.33.0
* amdgpu: add new navi14 wks gfx firmware for 19.30
* amdgpu: update navi14 firmware for 19.30
* amdgpu: update raven firmware for 19.30
* linux-firmware: Add firmware file for Intel Bluetooth AX201
==== podman ====
Version update (1.6.1 -> 1.6.2)
- Add container-start-fix.patch to correct output of container-start to show container_name, not _id.
- Update podman to v1.6.2
* Features
- Added a --runtime flag to podman system migrate to allow the
OCI runtime for all containers to be reset, to ease transition
to the crun runtime on CGroups V2 systems until runc gains full
support
- The podman rm command can now remove containers in broken
states which previously could not be removed
- The podman info command, when run without root, now shows
information on UID and GID mappings in the rootless user
namespace
- Added podman build --squash-all flag, which squashes all layers
(including those of the base image) into one layer
- The --systemd flag to podman run and podman create now accepts
a string argument and allows a new value, always, which forces
systemd support without checking if the the container
entrypoint is systemd
* Bugfixes
- Fixed a bug where the podman top command did not work on
systems using CGroups V2 (#4192)
- Fixed a bug where rootless Podman could double-close a file,
leading to a panic
- Fixed a bug where rootless Podman could fail to retrieve some
containers while refreshing the state
- Fixed a bug where podman start --attach --sig-proxy=false would
still proxy signals into the container
- Fixed a bug where Podman would unconditionally use a
non-default path for authentication credentials (auth.json),
breaking podman login integration with skopeo and other tools
using the containers/image library
- Fixed a bug where podman ps --format=json and podman images
- -format=json would display null when no results were returned,
instead of valid JSON
- Fixed a bug where podman build --squash was incorrectly
squashing all layers into one, instead of only new layers
- Fixed a bug where rootless Podman would allow volumes with
options to be mounted (mounting volumes requires root),
creating an inconsistent state where volumes reported as
mounted but were not (#4248)
- Fixed a bug where volumes which failed to unmount could not be
removed (#4247)
- Fixed a bug where Podman incorrectly handled some errors
relating to unmounted or missing containers in
containers/storage
- Fixed a bug where podman stats was broken on systems running
CGroups V2 when run rootless (#4268)
- Fixed a bug where the podman start command would print the
short container ID, instead of the full ID
- Fixed a bug where containers created with an OCI runtime that
is no longer available (uninstalled or removed from the config
file) would not appear in podman ps and could not be removed
via podman rm
- Fixed a bug where containers restored via podman container
restore --import would retain the CGroup path of the original
container, even if their container ID changed; thus, multiple
containers created from the same checkpoint would all share the
same CGroup
* Misc
- The default PID limit for containers is now set to 4096. It can
be adjusted back to the old default (unlimited) by passing
- -pids-limit 0 to podman create and podman run
- The podman start --attach command now automatically attaches
STDIN if the container was created with -i
- The podman network create command now validates network names
using the same regular expression as container and pod names
- The --systemd flag to podman run and podman create will now
only enable systemd mode when the binary being run inside the
container is /sbin/init, /usr/sbin/init, or ends in systemd
(previously detected any path ending in init or systemd)
- Updated vendored Buildah to 1.11.3
- Updated vendored containers/storage to 1.13.5
- Updated vendored containers/image to 4.0.1
==== read-only-root-fs ====
Version update (1.0+git20190607.11f8587 -> 1.0+git20191112.42add9e)
- Update to version 1.0+git20191112.42add9e:
* Add RequiresMountsFor=/etc override for systemd-udevd.service
==== rook ====
Version update (1.1.1+git0.g9a2641a6 -> 1.1.6+git0.g91d6f635)
- Update rook to v1.1.6:
* Flex driver should not allow attach before detach on a different node (#3582)
* Properly set the ceph-mgr annotations (#4195)
* Only trigger an orchestration if the cluster CR changed (#4252)
* Fix setting rbdGrpcMetricsPort in the helm chart (#4202)
* Document all helm chart settings (#4202)
* Support all layers of CRUSH map with node labels (#4236)
* Skip orchestration restart on device config map update for osd on pvc (#4124)
* Deduplicate tolerations collected for the drain canary pods (#4220)
* Role bindings are missing for pod security policies (#3851)
* Continue with orchestration if a single mon pod fails to start (#4146)
* OSDs cannot call 'restorecon' when selinux is enabled (#4214)
* Use the rook image for drain canary pods (#4213)
* Allow setting of osd prepare resource limits (#4182)
* Documentation for object bucket provisioning (#3882)
- Update rook to v1.1.4:
* OSD config overrides were ignored for some upgraded OSDs (#4161)
* Enable restoring a cluster after disaster recovery (#4021)
* Enable upgrade of OSDs configured on PVCs (#3996)
* Automatically removing OSDs requires setting: removeOSDsIfOutAndSafeToRemove(#4116)
* Rework csi keys and secrets to use minimal privileges (#4086)
* Expose OSD prepare pod resource limits (#4083)
* Minimum K8s version for running OSDs on PVCs is 1.13 (#4009)
* Add 'rgw.buckets.non-ec' to list of RGW metadataPools (#4087)
* Hide wrong error for clusterdisruption controller (#4094)
* Multiple integration test fixes to improve CI stability (#4098)
* Detect mount fstype more accurately in the flex driver (#4109)
* Do not override mgr annotations (#4110)
* Add OSDs to proper buckets in crush hierarchy with topology awareness (#4099)
* More robust removal of cluster finalizer (#4090)
* Take activeStandby into account for the CephFileSystem disruption budget (#4075)
* Update the CSI CephFS registration directory name (#4070)
* Fix incorrect Ceph CSI doc links (#4081)
* Remove decimal places for osdMemoryTargetValue monitoring setting (#4046)
* Relax pre-requisites for external cluster to allow connections to Luminous (#4025)
* Avoid nodes getting stuck in OrchestrationStatusStarting during OSD config (#3817)
* Make metrics and liveness port configurable (#4005)
* Correct system namespace for CSI driver settings during upgrade (#4040)
- Update csi-dummy-images.patch
- Update csi-template-paths.patch
- Update 0001-bsc-1152690-ceph-csi-Driver-will-fail-with-error.patch
==== rpm-config-SUSE ====
Version update (0.g42 -> 0.g45)
- Update to version 0.g45:
* Use -flto=auto for _lto_cflags for now
- Update to version 0.g44:
* Sync specfile changes
* Add _lto_cflags to suse_macros for now
==== weave ====
Version update (2.5.2 -> 2.6.0)
- Update weave to 2.6.0
- Fix a race condition in Kubernetes addon when reclaiming IP addresses after node deletion #3724, #3716
- Buffer events so Docker won't drop them, and Weave Net can clean up after dead containers #3432, #3705
- Weave reconnect occasionally fails after network interface disconnect #3666, #3669, #3676
- Ingress NetworkPolicy would accepts all traffic when specifying both IPBlock and port #3653, #3654
- Support both podSelector and namespaceSelector in NetworkPolicy #3312, #3647
- Only add default-drop egress rule if network policies are in use #3639
- Manifests use 'apps/v1' rather than deprecated 'apps/v1beta1' #3660
- Avoid Weave Net pods being evicted by setting priorityClassName: system-node-critical #3697
- Manifests use recommended DNS policy ClusterFirstWithHostNet #3692
- Weave Net now tolerates 'NoExecute' taint #3655
- Allow extra arguments to NetworkPolicy controller to be set in an environment variable #3683
- Stop reporting a failure to connect to self #3454, #3585
- Minor reduction in log noise when reclaiming IPs #3710
- Update weave.yaml for kubernetes 1.16
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
boost-base
=== Details ===
==== boost-base ====
Subpackages: boost-license1_71_0 libboost_thread1_71_0
- Make sure openmpi-macros-devel is not required for base flavor --
consolidate build_mpi/mpi macro into just one.
- Remove BuildArch guards, no longer relevant since SuSE 11.2
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
boost-base
=== Details ===
==== boost-base ====
Subpackages: boost-license1_71_0 libboost_thread1_71_0
- Make sure openmpi-macros-devel is not required for base flavor --
consolidate build_mpi/mpi macro into just one.
- Remove BuildArch guards, no longer relevant since SuSE 11.2
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org