November 2019 - openSUSE Kubic - openSUSE Mailing Lists

[opensuse-kubic] New MicroOS snapshot 20191116 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apparmor btrfsprogs (5.2.2 -> 5.3.1) cni-plugins (0.8.2 -> 0.8.3) kernel-source (5.3.9 -> 5.3.11) setools (4.2.1 -> 4.2.2) suse-module-tools (15.2.5 -> 15.2.7) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor - add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657) ==== btrfsprogs ==== Version update (5.2.2 -> 5.3.1) Subpackages: btrfsprogs-udev-rules libbtrfs0 - Update to 5.3.1: * libbtrfs: fix link breakage due to missing symbols - Updaet to 5.3: * mkfs: * new option to specify checksum algorithm (only crc32c) * fix xattr enumeration * dump-tree: BFS (breadth-first) traversal now default * libbtrfsutil: remove stale BTRFS_DEV_REPLACE_ITEM_STATE_x defines * ci: add support for gitlab * other: * preparatory work for more checksum algorithms * docs update * switch to docbook5 backend for asciidoc * fix build on uClibc due to missing backtrace() * lots of printf format fixups ==== cni-plugins ==== Version update (0.8.2 -> 0.8.3) - Update to version 0.8.3: * Enhancements: * static: prioritize the input sources for IPs (#400). * tuning: send gratuitous ARP in case of MAC address update (#403). * bandwidth: use uint64 for Bandwidth value (#389). * ptp: only override DNS conf if DNS settings provided (#388). * loopback: When prevResults are not supplied to loopback plugin, create results to return (#383). * loopback support CNI CHECK and result cache (#374). * Better input validation: * vlan: add MTU validation to loadNetConf (#405). * macvlan: add MTU validation to loadNetConf (#404). * bridge: check vlan id when loading net conf (#394). * Bugfixes: * bugfix: defer after err check, or it may panic (#391). * portmap: Fix dual-stack support (#379). * firewall: don't return error in DEL if prevResult is not found (#390). * bump up libcni back to v0.7.1 (#377). * Tests: * integration: fix ip address collision in integration tests (#409). * testutils: newNS() works in a rootless user namespace (#401). * Bump Go version (#386). * Cleanup netns after test suite (#375). * Docs: * contributing doc: revise test script name to run (#396). * contributing doc: describe cnitool installation (#397). ==== kernel-source ==== Version update (5.3.9 -> 5.3.11) - Linux 5.3.11 (bnc#1151927). - bonding: fix state transition issue in link monitoring (bnc#1151927). - CDC-NCM: handle incomplete transfer of MTU (bnc#1151927). - ipv4: Fix table id reference in fib_sync_down_addr (bnc#1151927). - net: ethernet: octeon_mgmt: Account for second possible VLAN header (bnc#1151927). - net: fix data-race in neigh_event_send() (bnc#1151927). - net: qualcomm: rmnet: Fix potential UAF when unregistering (bnc#1151927). - net/tls: fix sk_msg trim on fallback to copy mode (bnc#1151927). - net: usb: qmi_wwan: add support for DW5821e with eSIM support (bnc#1151927). - NFC: fdp: fix incorrect free object (bnc#1151927). - nfc: netlink: fix double device reference drop (bnc#1151927). - NFC: st21nfca: fix double free (bnc#1151927). - qede: fix NULL pointer deref in __qede_remove() (bnc#1151927). - net: mscc: ocelot: don't handle netdev events for other netdevs (bnc#1151927). - net: mscc: ocelot: fix NULL pointer on LAG slave removal (bnc#1151927). - net/tls: don't pay attention to sk_write_pending when pushing partial records (bnc#1151927). - net/tls: add a TX lock (bnc#1151927). - selftests/tls: add test for concurrent recv and send (bnc#1151927). - ipv6: fixes rt6_probe() and fib6_nh->last_probe init (bnc#1151927). - net: hns: Fix the stray netpoll locks causing deadlock in NAPI path (bnc#1151927). - net: prevent load/store tearing on sk->sk_stamp (bnc#1151927). - net: sched: prevent duplicate flower rules from tcf_proto destroy race (bnc#1151927). - net/smc: fix ethernet interface refcounting (bnc#1151927). - vsock/virtio: fix sock refcnt holding during the shutdown (bnc#1151927). - r8169: fix page read in r8168g_mdio_read (bnc#1151927). - ALSA: timer: Fix incorrectly assigned timer instance (bnc#1151927). - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (bnc#1151927). - mm: memcontrol: fix NULL-ptr deref in percpu stats flush (bnc#1151927). - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges (bnc#1151927). - mm, meminit: recalculate pcpu batch and high limits after init completes (bnc#1151927). - mm: thp: handle page cache THP correctly in PageTransCompoundMap (bnc#1151927). - mm, vmstat: hide /proc/pagetypeinfo from normal users (bnc#1151927). - dump_stack: avoid the livelock of the dump_lock (bnc#1151927). - mm: slab: make page_cgroup_ino() to recognize non-compound slab pages properly (bnc#1151927). - btrfs: Consider system chunk array size for new SYSTEM chunks (bnc#1151927). - btrfs: tree-checker: Fix wrong check on max devid (bnc#1151927). - btrfs: save i_size to avoid double evaluation of i_size_read in compress_file_range (bnc#1151927). - tools: gpio: Use !building_out_of_srctree to determine srctree (bnc#1151927). - pinctrl: intel: Avoid potential glitches if pin is in GPIO mode (bnc#1151927). - perf tools: Fix time sorting (bnc#1151927). - perf map: Use zalloc for map_groups (bnc#1151927). - drm/radeon: fix si_enable_smc_cac() failed issue (bnc#1151927). - HID: wacom: generic: Treat serial number and related fields as unsigned (bnc#1151927). - mm/khugepaged: fix might_sleep() warn with CONFIG_HIGHPTE=y (bnc#1151927). - soundwire: depend on ACPI (bnc#1151927). - soundwire: depend on ACPI || OF (bnc#1151927). - soundwire: bus: set initial value to port_status (bnc#1151927). - blkcg: make blkcg_print_stat() print stats only for online blkgs (bnc#1151927). - arm64: Do not mask out PTE_RDONLY in pte_same() (bnc#1151927). - ASoC: rsnd: dma: fix SSI9 4/5/6/7 busif dma address (bnc#1151927). - ceph: fix use-after-free in __ceph_remove_cap() (bnc#1151927). - ceph: fix RCU case handling in ceph_d_revalidate() (bnc#1151927). - ceph: add missing check in d_revalidate snapdir handling (bnc#1151927). - ceph: don't try to handle hashed dentries in non-O_CREAT atomic_open (bnc#1151927). - ceph: don't allow copy_file_range when stripe_count != 1 (bnc#1151927). - iio: adc: stm32-adc: fix stopping dma (bnc#1151927). - iio: imu: adis16480: make sure provided frequency is positive (bnc#1151927). - iio: imu: inv_mpu6050: fix no data on MPU6050 (bnc#1151927). - iio: srf04: fix wrong limitation in distance measuring (bnc#1151927). - ARM: sunxi: Fix CPU powerdown on A83T (bnc#1151927). - ARM: dts: imx6-logicpd: Re-enable SNVS power key (bnc#1151927). - cpufreq: intel_pstate: Fix invalid EPB setting (bnc#1151927). - clone3: validate stack arguments (bnc#1151927). - netfilter: nf_tables: Align nft_expr private data to 64-bit (bnc#1151927). - netfilter: ipset: Fix an error code in ip_set_sockfn_get() (bnc#1151927). - intel_th: gth: Fix the window switching sequence (bnc#1151927). - intel_th: pci: Add Comet Lake PCH support (bnc#1151927). - intel_th: pci: Add Jasper Lake PCH support (bnc#1151927). - x86/dumpstack/64: Don't evaluate exception stacks before setup (bnc#1151927). - x86/apic/32: Avoid bogus LDR warnings (bnc#1151927). - SMB3: Fix persistent handles reconnect (bnc#1151927). - can: usb_8dev: fix use-after-free on disconnect (bnc#1151927). - can: flexcan: disable completely the ECC mechanism (bnc#1151927). - can: c_can: c_can_poll(): only read status register after status IRQ (bnc#1151927). - can: peak_usb: fix a potential out-of-sync while decoding packets (bnc#1151927). - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (bnc#1151927). - can: gs_usb: gs_can_open(): prevent memory leak (bnc#1151927). - can: dev: add missing of_node_put() after calling of_get_child_by_name() (bnc#1151927). - can: mcba_usb: fix use-after-free on disconnect (bnc#1151927). - can: peak_usb: fix slab info leak (bnc#1151927). - configfs: fix a deadlock in configfs_symlink() (bnc#1151927). - ALSA: usb-audio: More validations of descriptor units (bnc#1151927). - ALSA: usb-audio: Simplify parse_audio_unit() (bnc#1151927). - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects (bnc#1151927). - ALSA: usb-audio: Remove superfluous bLength checks (bnc#1151927). - ALSA: usb-audio: Clean up check_input_term() (bnc#1151927). - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() (bnc#1151927). - ALSA: usb-audio: remove some dead code (bnc#1151927). - ALSA: usb-audio: Fix copy&paste error in the validator (bnc#1151927). - usbip: Implement SG support to vhci-hcd and stub driver (bnc#1151927). - HID: google: add magnemite/masterball USB ids (bnc#1151927). - dmaengine: sprd: Fix the link-list pointer register configuration issue (bnc#1151927). - bpf: lwtunnel: Fix reroute supplying invalid dst (bnc#1151927). - dmaengine: xilinx_dma: Fix 64-bit simple AXIDMA transfer (bnc#1151927). - dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config (bnc#1151927). - dmaengine: sprd: Fix the possible memory leak issue (bnc#1151927). - HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() (bnc#1151927). - powerpc/32s: fix allow/prevent_user_access() when crossing segment boundaries (bnc#1151927). - RDMA/mlx5: Clear old rate limit when closing QP (bnc#1151927). - iw_cxgb4: fix ECN check on the passive accept (bnc#1151927). - RDMA/siw: free siw_base_qp in kref release routine (bnc#1151927). - RDMA/qedr: Fix reported firmware version (bnc#1151927). - IB/core: Use rdma_read_gid_l2_fields to compare GID L2 fields (bnc#1151927). - net/mlx5e: Tx, Fix assumption of single WQEBB of NOP in cleanup flow (bnc#1151927). - net/mlx5e: kTLS, Release reference on DUMPed fragments in shutdown flow (bnc#1151927). - net/mlx5e: TX, Fix consumer index of error cqe dump (bnc#1151927). - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (bnc#1151927). - net/mlx5: fix memory leak in mlx5_fw_fatal_reporter_dump (bnc#1151927). - selftests/bpf: More compatible nc options in test_tc_edt (bnc#1151927). - scsi: qla2xxx: fixup incorrect usage of host_byte (bnc#1151927). - scsi: lpfc: Check queue pointer before use (bnc#1151927). - scsi: ufs-bsg: Wake the device before sending raw upiu commands (bnc#1151927). - ARC: [plat-hsdk]: Enable on-board SPI NOR flash IC (bnc#1151927). - RDMA/uverbs: Prevent potential underflow (bnc#1151927). - bpf: Fix use after free in subprog's jited symbol removal (bnc#1151927). - net: stmmac: Fix the problem of tso_xmit (bnc#1151927). - net: openvswitch: free vport unless register_netdevice() succeeds (bnc#1151927). - scsi: lpfc: Honor module parameter lpfc_use_adisc (bnc#1151927). - scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bnc#1151927). - bpf: Fix use after free in bpf_get_prog_name (bnc#1151927). - iwlwifi: pcie: fix PCI ID 0x2720 configs that should be soc (bnc#1151927). - iwlwifi: pcie: fix all 9460 entries for qnj (bnc#1151927). - iwlwifi: pcie: 0x2720 is qu and 0x30DC is not (bnc#1151927). - netfilter: nf_flow_table: set timeout before insertion into hashes (bnc#1151927). - drm/v3d: Fix memory leak in v3d_submit_cl_ioctl (bnc#1151927). - xsk: Fix registration of Rx-only sockets (bnc#1151927). - net: phy: smsc: LAN8740: add PHY_RST_AFTER_CLK_EN flag (bnc#1151927). - ipvs: don't ignore errors in case refcounting ip_vs module fails (bnc#1151927). - ipvs: move old_secure_tcp into struct netns_ipvs (bnc#1151927). - netfilter: nft_payload: fix missing check for matching length in offloads (bnc#1151927). - RDMA/nldev: Skip counter if port doesn't match (bnc#1151927). - bonding: fix unexpected IFF_BONDING bit unset (bnc#1151927). - bonding: use dynamic lockdep key instead of subclass (bnc#1151927). - macsec: fix refcnt leak in module exit routine (bnc#1151927). - virt_wifi: fix refcnt leak in module exit routine (bnc#1151927). - scsi: sd: define variable dif as unsigned int instead of bool (bnc#1151927). - usb: dwc3: select CONFIG_REGMAP_MMIO (bnc#1151927). - usb: fsl: Check memory resource before releasing it (bnc#1151927). - usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode (bnc#1151927). - usb: gadget: composite: Fix possible double free memory bug (bnc#1151927). - usb: gadget: configfs: fix concurrent issue between composite APIs (bnc#1151927). - usb: dwc3: remove the call trace of USBx_GFLADJ (bnc#1151927). - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity (bnc#1151927). - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) (bnc#1151927). - perf/x86/uncore: Fix event group support (bnc#1151927). - USB: Skip endpoints with 0 maxpacket length (bnc#1151927). - USB: ldusb: use unsigned size format specifiers (bnc#1151927). - usbip: tools: Fix read_usb_vudc_device() error path handling (bnc#1151927). - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bnc#1151927). - RDMA/hns: Prevent memory leaks of eq->buf_list (bnc#1151927). - hwmon: (ina3221) Fix read timeout issue (bnc#1151927). - scsi: qla2xxx: stop timer in shutdown path (bnc#1151927). - sched/topology: Don't try to build empty sched domains (bnc#1151927). - sched/topology: Allow sched_asym_cpucapacity to be disabled (bnc#1151927). - nvme-multipath: fix possible io hang after ctrl reconnect (bnc#1151927). - net: hisilicon: Fix "Trying to free already-free IRQ" (bnc#1151927). - wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle (bnc#1151927). - net: mscc: ocelot: fix vlan_filtering when enslaving to bridge before link is up (bnc#1151927). - net: mscc: ocelot: refuse to overwrite the port's native vlan (bnc#1151927). - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bnc#1151927). - mt76: dma: fix buffer unmap with non-linear skbs (bnc#1151927). - drm/amdgpu/sdma5: do not execute 0-sized IBs (v2) (bnc#1151927). - drm/sched: Set error to s_fence if HW job submission failed (bnc#1151927). - drm/amdgpu: If amdgpu_ib_schedule fails return back the error (bnc#1151927). - drm/amd/display: do not synchronize "drr" displays (bnc#1151927). - drm/amd/display: add 50us buffer as WA for pstate switch in active (bnc#1151927). - drm/amd/display: Passive DP->HDMI dongle detection fix (bnc#1151927). - dc.c:use kzalloc without test (bnc#1151927). - SUNRPC: The TCP back channel mustn't disappear while requests are outstanding (bnc#1151927). - SUNRPC: The RDMA back channel mustn't disappear while requests are outstanding (bnc#1151927). - SUNRPC: Destroy the back channel when we destroy the host transport (bnc#1151927). - hv_netvsc: Fix error handling in netvsc_attach() (bnc#1151927). - efi/tpm: Return -EINVAL when determining tpm final events log size fails (bnc#1151927). - efi: libstub/arm: Account for firmware reserved memory at the base of RAM (bnc#1151927). - x86, efi: Never relocate kernel below lowest acceptable address (bnc#1151927). - arm64: cpufeature: Enable Qualcomm Falkor errata 1009 for Kryo (bnc#1151927). - usb: dwc3: gadget: fix race when disabling ep with cancelled xfers (bnc#1151927). - arm64: apply ARM64_ERRATUM_845719 workaround for Brahma-B53 core (bnc#1151927). - arm64: Brahma-B53 is SSB and spectre v2 safe (bnc#1151927). - arm64: apply ARM64_ERRATUM_843419 workaround for Brahma-B53 core (bnc#1151927). - NFSv4: Don't allow a cached open with a revoked delegation (bnc#1151927). - net: ethernet: arc: add the missed clk_disable_unprepare (bnc#1151927). - igb: Fix constant media auto sense switching when no cable is connected (bnc#1151927). - e1000: fix memory leaks (bnc#1151927). - gve: Fixes DMA synchronization (bnc#1151927). - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (bnc#1151927). - pinctrl: cherryview: Fix irq_valid_mask calculation (bnc#1151927). - clk: imx8m: Use SYS_PLL1_800M as intermediate parent of CLK_ARM (bnc#1151927). - timekeeping/vsyscall: Update VDSO data unconditionally (bnc#1151927). - mm/filemap.c: don't initiate writeback if mapping has no dirty pages (bnc#1151927). - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead (bnc#1151927). - ARM: dts: stm32: change joystick pinctrl definition on stm32mp157c-ev1 (bnc#1151927). - ASoC: SOF: Intel: hda-stream: fix the CONFIG_ prefix missing (bnc#1151927). - usbip: Fix free of unallocated memory in vhci tx (bnc#1151927). - bonding: fix using uninitialized mode_lock (bnc#1151927). - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets (bnc#1151927). - arm64: errata: Update stale comment (bnc#1151927). - net/ibmvnic: unlock rtnl_lock in reset so linkwatch_event can run (bnc#1151927). - drm/i915: Rename gen7 cmdparser tables (bnc#1151927). - drm/i915: Disable Secure Batches for gen6+ (bnc#1151927). - drm/i915: Remove Master tables from cmdparser (bnc#1151927). - drm/i915: Add support for mandatory cmdparsing (bnc#1151927). - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bnc#1151927). - drm/i915: Allow parsing of unsized batches (bnc#1151927). - drm/i915: Add gen9 BCS cmdparsing (bnc#1151927). - drm/i915/cmdparser: Use explicit goto for error paths (bnc#1151927). - drm/i915/cmdparser: Add support for backward jumps (bnc#1151927). - drm/i915/cmdparser: Ignore Length operands during command matching (bnc#1151927). - drm/i915: Lower RM timeout to avoid DSI hard hangs (bnc#1151927). - drm/i915/gen8+: Add RC6 CTX corruption WA (bnc#1151927). - drm/i915/cmdparser: Fix jump whitelist clearing (bnc#1151927). - x86/msr: Add the IA32_TSX_CTRL MSR (bnc#1151927). - x86/cpu: Add a helper function x86_read_arch_cap_msr() (bnc#1151927). - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default (bnc#1151927). - x86/speculation/taa: Add mitigation for TSX Async Abort (bnc#1151927). - x86/speculation/taa: Add sysfs reporting for TSX Async Abort (bnc#1151927). - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (bnc#1151927). - x86/tsx: Add "auto" option to the tsx= cmdline parameter (bnc#1151927). - x86/speculation/taa: Add documentation for TSX Async Abort (bnc#1151927). - x86/tsx: Add config options to set tsx=on|off|auto (bnc#1151927). - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bnc#1151927). - x86/bugs: Add ITLB_MULTIHIT bug infrastructure (bnc#1151927). - x86/cpu: Add Tremont to the cpu vulnerability whitelist (bnc#1151927). - cpu/speculation: Uninline and export CPU mitigations helpers (bnc#1151927). - Documentation: Add ITLB_MULTIHIT documentation (bnc#1151927). - kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bnc#1151927). - kvm: mmu: ITLB_MULTIHIT mitigation (bnc#1151927). - kvm: Add helper function for creating VM worker threads (bnc#1151927). - kvm: x86: mmu: Recovery of shattered NX large pages (bnc#1151927). - Update config files. Set X86_INTEL_TSX_MODE_OFF=y (the default) - commit 0a195a8 - usb: dwc3: pci: prevent memory leak in dwc3_pci_probe (CVE-2019-18813,bsc#1156278). - ASoC: SOF: Fix memory leak in sof_dfsentry_write (CVE-2019-18812,bsc#1156277). - commit 8a126f1 - Refresh patches.suse/stacktrace-don-t-skip-first-entry-on-noncurrent-task.patch. Update upstream status. - commit baac78a - Linux 5.3.10 (bnc#1151927). - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails (bnc#1151927). - arm64: dts: ti: k3-am65-main: Fix gic-its node unit-address (bnc#1151927). - ASoC: pcm3168a: The codec does not support S32_LE (bnc#1151927). - selftests/powerpc: Fix compile error on tlbie_test due to newer gcc (bnc#1151927). - selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue (bnc#1151927). - CIFS: Fix retry mid list corruption on reconnects (bnc#1151927). - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table (bnc#1151927). - net/flow_dissector: switch to siphash (bnc#1151927). - net: bcmgenet: reset 40nm EPHY on energy detect (bnc#1151927). - net: phy: bcm7xxx: define soft_reset for 40nm EPHY (bnc#1151927). - net: netem: correct the parent's backlog when corrupted packet was dropped (bnc#1151927). - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (bnc#1151927). - net: usb: lan78xx: Connect PHY before registering MAC (bnc#1151927). - net: reorder 'struct net' fields to avoid false sharing (bnc#1151927). - net: netem: fix error path for corrupted GSO frames (bnc#1151927). - net: hns3: fix mis-counting IRQ vector numbers issue (bnc#1151927). - net: ensure correct skb->tstamp in various fragmenters (bnc#1151927). - net: dsa: fix switch tree list (bnc#1151927). - net: dsa: b53: Do not clear existing mirrored port mask (bnc#1151927). - net: bcmgenet: don't set phydev->link from MAC (bnc#1151927). - ipv4: fix IPSKB_FRAG_PMTU handling with fragmentation (bnc#1151927). - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (bnc#1151927). - net/mlx5e: Fix ethtool self test: link speed (bnc#1151927). - r8169: fix wrong PHY ID issue with RTL8168dp (bnc#1151927). - mlxsw: core: Unpublish devlink parameters during reload (bnc#1151927). - net/mlx5: Fix rtable reference leak (bnc#1151927). - net/smc: fix refcounting for non-blocking connect() (bnc#1151927). - net/mlx5: Fix flow counter list auto bits struct (bnc#1151927). - net/mlx5e: Initialize on stack link modes bitmap (bnc#1151927). - net/mlx5e: Remove incorrect match criteria assignment line (bnc#1151927). - net/mlx5e: Determine source port properly for vlan push action (bnc#1151927). - rxrpc: Fix handling of last subpacket of jumbo packet (bnc#1151927). - net: phylink: Fix phylink_dbg() macro (bnc#1151927). - keys: Fix memory leak in copy_net_ns (bnc#1151927). - net/smc: keep vlan_id for SMC-R in smc_listen_work() (bnc#1151927). - net/smc: fix closing of fallback SMC sockets (bnc#1151927). - selftests: fib_tests: add more tests for metric update (bnc#1151927). - ipv4: fix route update on metric change (bnc#1151927). - net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (bnc#1151927). - net: use skb_queue_empty_lockless() in busy poll contexts (bnc#1151927). - net: use skb_queue_empty_lockless() in poll() handlers (bnc#1151927). - udp: use skb_queue_empty_lockless() (bnc#1151927). - net: add skb_queue_empty_lockless() (bnc#1151927). - vxlan: check tun_info options_len properly (bnc#1151927). - udp: fix data-race in udp_set_dev_scratch() (bnc#1151927). - selftests: net: reuseport_dualstack: fix uninitalized parameter (bnc#1151927). - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (bnc#1151927). - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() (bnc#1151927). - net: rtnetlink: fix a typo fbd -> fdb (bnc#1151927). - netns: fix GFP flags in rtnl_net_notifyid() (bnc#1151927). - net/mlx4_core: Dynamically set guaranteed amount of counters per VF (bnc#1151927). - net: hisilicon: Fix ping latency when deal with high throughput (bnc#1151927). - net: fix sk_page_frag() recursion from memory reclaim (bnc#1151927). - net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (bnc#1151927). - net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (bnc#1151927). - net: annotate lockless accesses to sk->sk_napi_id (bnc#1151927). - net: annotate accesses to sk->sk_incoming_cpu (bnc#1151927). - inet: stop leaking jiffies on the wire (bnc#1151927). - erspan: fix the tun_info options_len check for erspan (bnc#1151927). - dccp: do not leak jiffies on the wire (bnc#1151927). - cxgb4: request the TX CIDX updates to status page (bnc#1151927). - cxgb4: fix panic when attaching to ULD fail (bnc#1151927). - nbd: handle racing with error'ed out commands (bnc#1151927). - nbd: protect cmd->status with cmd->lock (bnc#1151927). - irqchip/sifive-plic: Skip contexts except supervisor in plic_init() (bnc#1151927). - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bnc#1151927). - i2c: stm32f7: remove warning when compiling with W=1 (bnc#1151927). - i2c: stm32f7: fix a race in slave mode with arbitration loss irq (bnc#1151927). - i2c: stm32f7: fix first byte to send in slave mode (bnc#1151927). - i2c: mt65xx: fix NULL ptr dereference (bnc#1151927). - irqchip/gic-v3-its: Use the exact ITSList for VMOVP (bnc#1151927). - MIPS: bmips: mark exception vectors as char arrays (bnc#1151927). - of: unittest: fix memory leak in unittest_data_add (bnc#1151927). - ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bnc#1151927). - selftests: kvm: fix sync_regs_test with newer gccs (bnc#1151927). - selftests: kvm: vmx_set_nested_state_test: don't check for VMX support twice (bnc#1151927). - ARM: 8926/1: v7m: remove register save to stack before svc (bnc#1151927). - drm/komeda: Don't flush inactive pipes (bnc#1151927). - i2c: aspeed: fix master pending state handling (bnc#1151927). - ARM: dts: bcm2837-rpi-cm3: Avoid leds-gpio probing issue (bnc#1151927). - tracing: Fix "gfp_t" format for synthetic events (bnc#1151927). - ASoC: SOF: control: return true when kcontrol values change (bnc#1151927). - ASoC: Intel: sof-rt5682: add a check for devm_clk_get (bnc#1151927). - scsi: hpsa: add missing hunks in reset-patch (bnc#1151927). - scsi: target: core: Do not overwrite CDB byte 1 (bnc#1151927). - drm/amdgpu: fix error handling in amdgpu_bo_list_create (bnc#1151927). - drm/amdgpu: fix potential VM faults (bnc#1151927). - ARM: davinci: dm365: Fix McBSP dma_slave_map entry (bnc#1151927). - perf kmem: Fix memory leak in compact_gfp_flags() (bnc#1151927). - 8250-men-mcb: fix error checking when get_num_ports returns - ENODEV (bnc#1151927). - perf c2c: Fix memory leak in build_cl_output() (bnc#1151927). - perf tools: Fix resource leak of closedir() on the error paths (bnc#1151927). - arm64: dts: imx8mm: Use correct clock for usdhc's ipg clk (bnc#1151927). - arm64: dts: imx8mq: Use correct clock for usdhc's ipg clk (bnc#1151927). - ARM: dts: imx7s: Correct GPT's ipg clock source (bnc#1151927). - ARM: dts: vf610-zii-scu4-aib: Specify 'i2c-mux-idle-disconnect' (bnc#1151927). - ARM: dts: imx6q-logicpd: Re-Enable SNVS power key (bnc#1151927). - arm64: dts: lx2160a: Correct CPU core idle state name (bnc#1151927). - arm64: dts: rockchip: Fix usb-c on Hugsun X99 TV Box (bnc#1151927). - arm64: dts: rockchip: fix RockPro64 sdmmc settings (bnc#1151927). - ARM: 8914/1: NOMMU: Fix exc_ret for XIP (bnc#1151927). - ARM: 8908/1: add __always_inline to functions called from __get_user_check() (bnc#1151927). - scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE (bnc#1151927). - scsi: sni_53c710: fix compilation error (bnc#1151927). - scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions (bnc#1151927). - scsi: qla2xxx: fix a potential NULL pointer dereference (bnc#1151927). - ARM: mm: fix alignment handler faults under memory pressure (bnc#1151927). - ARM: dts: Use level interrupt for omap4 & 5 wlcore (bnc#1151927). - ASoC: simple_card_utils.h: Fix potential multiple redefinition error (bnc#1151927). - ASoC: msm8916-wcd-digital: add missing MIX2 path for RX1/2 (bnc#1151927). - ARM: dts: am3874-iceboard: Fix 'i2c-mux-idle-disconnect' usage (bnc#1151927). - arm64: dts: zii-ultra: fix ARM regulator states (bnc#1151927). - pinctrl: stmfx: fix null pointer on remove (bnc#1151927). - pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable() (bnc#1151927). - arm64: dts: rockchip: fix RockPro64 sdhci settings (bnc#1151927). - arm64: dts: rockchip: fix RockPro64 vdd-log regulator settings (bnc#1151927). - ARM: dts: logicpd-torpedo-som: Remove twl_keypad (bnc#1151927). - arm64: dts: rockchip: fix Rockpro64 RK808 interrupt line (bnc#1151927). - ASoc: rockchip: i2s: Fix RPM imbalance (bnc#1151927). - ASoC: wm_adsp: Don't generate kcontrols without READ flags (bnc#1151927). - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized (bnc#1151927). - ASoC: intel: bytcr_rt5651: add null check to support_button_press (bnc#1151927). - ASoC: intel: sof_rt5682: add remove function to disable jack (bnc#1151927). - ASoC: rt5682: add NULL handler to set_jack function (bnc#1151927). - ASoC: SOF: Intel: hda: Disable DMI L1 entry during capture (bnc#1151927). - Update config files. CONFIG_SND_SOC_SOF_HDA_ALWAYS_ENABLE_DMI_L1=n as per default. - ASoC: SOF: Intel: initialise and verify FW crash dump data (bnc#1151927). - ASoC: SOF: Intel: hda: fix warnings during FW load (bnc#1151927). - ASoC: SOF: topology: fix parse fail issue for byte/bool tuple types (bnc#1151927). - ASoC: SOF: loader: fix kernel oops on firmware boot failure (bnc#1151927). - pinctrl: intel: Allocate IRQ chip dynamic (bnc#1151927). - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone (bnc#1151927). - arm64: dts: Fix gpio to pinmux mapping (bnc#1151927). - arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay (bnc#1151927). - arm64: dts: allwinner: a64: Drop PMU node (bnc#1151927). - arm64: dts: allwinner: a64: pine64-plus: Add PHY regulator delay (bnc#1151927). - ASoC: topology: Fix a signedness bug in soc_tplg_dapm_widget_create() (bnc#1151927). - regulator: da9062: fix suspend_enable/disable preparation (bnc#1151927). - ASoC: wm8994: Do not register inapplicable controls for WM1811 (bnc#1151927). - ASoC: samsung: arndale: Add missing OF node dereferencing (bnc#1151927). - regulator: of: fix suspend-min/max-voltage parsing (bnc#1151927). - commit eedf3c5 - fjes: Handle workqueue allocation failure (CVE-2019-16231,bsc#1150466). - commit 3bf0c5a ==== setools ==== Version update (4.2.1 -> 4.2.2) - Add python3.8-compat.patch to allow build with Python 3.8 Still doesn't work though because of gh#SELinuxProject/setools#31 - Update to the upstream version 4.2.2: - Remove source policy references from man pages, as loading source policies is no longer supported. - Fixed a performance regression in alias loading after alias dereferencing fixes in 4.2.1. ==== suse-module-tools ==== Version update (15.2.5 -> 15.2.7) - Update to version 15.2.7: * spec file: avoid %{_libexecdir} - Update to version 15.2.6: * modprobe.conf: add dependency of papr_scm on libnvdimm (bsc#1142152, ltc#176292, FATE#327775). -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] New Kubic snapshot 20191116 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: apparmor btrfsprogs (5.2.2 -> 5.3.1) cni-plugins (0.8.2 -> 0.8.3) cri-o (1.15.2 -> 1.16.0) kernel-source (5.3.9 -> 5.3.11) rdma-core setools (4.2.1 -> 4.2.2) suse-module-tools (15.2.5 -> 15.2.7) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor - add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657) ==== btrfsprogs ==== Version update (5.2.2 -> 5.3.1) Subpackages: btrfsprogs-udev-rules libbtrfs0 - Update to 5.3.1: * libbtrfs: fix link breakage due to missing symbols - Updaet to 5.3: * mkfs: * new option to specify checksum algorithm (only crc32c) * fix xattr enumeration * dump-tree: BFS (breadth-first) traversal now default * libbtrfsutil: remove stale BTRFS_DEV_REPLACE_ITEM_STATE_x defines * ci: add support for gitlab * other: * preparatory work for more checksum algorithms * docs update * switch to docbook5 backend for asciidoc * fix build on uClibc due to missing backtrace() * lots of printf format fixups ==== cni-plugins ==== Version update (0.8.2 -> 0.8.3) - Update to version 0.8.3: * Enhancements: * static: prioritize the input sources for IPs (#400). * tuning: send gratuitous ARP in case of MAC address update (#403). * bandwidth: use uint64 for Bandwidth value (#389). * ptp: only override DNS conf if DNS settings provided (#388). * loopback: When prevResults are not supplied to loopback plugin, create results to return (#383). * loopback support CNI CHECK and result cache (#374). * Better input validation: * vlan: add MTU validation to loadNetConf (#405). * macvlan: add MTU validation to loadNetConf (#404). * bridge: check vlan id when loading net conf (#394). * Bugfixes: * bugfix: defer after err check, or it may panic (#391). * portmap: Fix dual-stack support (#379). * firewall: don't return error in DEL if prevResult is not found (#390). * bump up libcni back to v0.7.1 (#377). * Tests: * integration: fix ip address collision in integration tests (#409). * testutils: newNS() works in a rootless user namespace (#401). * Bump Go version (#386). * Cleanup netns after test suite (#375). * Docs: * contributing doc: revise test script name to run (#396). * contributing doc: describe cnitool installation (#397). ==== cri-o ==== Version update (1.15.2 -> 1.16.0) Subpackages: cri-o-kubeadm-criconfig - Use single service macro invocation - Add shell completions directories to files - Add crio and crio-status shell completions - Add crio-wipe and crio-shutdown services - Update kubelet verbosity to `-v=2` - Update conmon cgroup to `system.slice` - Update crio.conf to match latest version - Update to v1.16.0: * Major Changes * Add support for manifest lists * Dual stack IPv6 support * HUP reload of SystemRegistries * file_locking is no longer a supported option in the configuration file * Hooks are no longer found implicitally. * conmon now lives in a separate repository and must be downloaded separately. * Minor * All OCI mounts are mounted as rw when a pod is privileged * CRI-O can now run on a cgroupv2 system (only with the runtime crun) * Add environment variables to CLI flags * Add crio-status client to conveniently query status of crio or a container * Conmon is now found in $PATH if a path isn't specified or is empty * Add metrics to configuration file * Bandwidth burst can only be 4GB * If another container manager shares CRI-O's storage (like podman), CRI-O no longer attempts to restore them * Increase validation for log_dir and runtime_type in configuration * Allow usage of short container ID in ContainerStats * Make image volumes writeable by the container user * Various man page fixes * The crio-wipe script is now included in the crio binary (as crio wipe), and only removes CRI-O containers and images. * Set some previously public packages as internal (client, lib, oci, pkg, tools, version) * infra container now spawned as not privileged ==== kernel-source ==== Version update (5.3.9 -> 5.3.11) - Linux 5.3.11 (bnc#1151927). - bonding: fix state transition issue in link monitoring (bnc#1151927). - CDC-NCM: handle incomplete transfer of MTU (bnc#1151927). - ipv4: Fix table id reference in fib_sync_down_addr (bnc#1151927). - net: ethernet: octeon_mgmt: Account for second possible VLAN header (bnc#1151927). - net: fix data-race in neigh_event_send() (bnc#1151927). - net: qualcomm: rmnet: Fix potential UAF when unregistering (bnc#1151927). - net/tls: fix sk_msg trim on fallback to copy mode (bnc#1151927). - net: usb: qmi_wwan: add support for DW5821e with eSIM support (bnc#1151927). - NFC: fdp: fix incorrect free object (bnc#1151927). - nfc: netlink: fix double device reference drop (bnc#1151927). - NFC: st21nfca: fix double free (bnc#1151927). - qede: fix NULL pointer deref in __qede_remove() (bnc#1151927). - net: mscc: ocelot: don't handle netdev events for other netdevs (bnc#1151927). - net: mscc: ocelot: fix NULL pointer on LAG slave removal (bnc#1151927). - net/tls: don't pay attention to sk_write_pending when pushing partial records (bnc#1151927). - net/tls: add a TX lock (bnc#1151927). - selftests/tls: add test for concurrent recv and send (bnc#1151927). - ipv6: fixes rt6_probe() and fib6_nh->last_probe init (bnc#1151927). - net: hns: Fix the stray netpoll locks causing deadlock in NAPI path (bnc#1151927). - net: prevent load/store tearing on sk->sk_stamp (bnc#1151927). - net: sched: prevent duplicate flower rules from tcf_proto destroy race (bnc#1151927). - net/smc: fix ethernet interface refcounting (bnc#1151927). - vsock/virtio: fix sock refcnt holding during the shutdown (bnc#1151927). - r8169: fix page read in r8168g_mdio_read (bnc#1151927). - ALSA: timer: Fix incorrectly assigned timer instance (bnc#1151927). - ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (bnc#1151927). - mm: memcontrol: fix NULL-ptr deref in percpu stats flush (bnc#1151927). - mm: memcontrol: fix network errors from failing __GFP_ATOMIC charges (bnc#1151927). - mm, meminit: recalculate pcpu batch and high limits after init completes (bnc#1151927). - mm: thp: handle page cache THP correctly in PageTransCompoundMap (bnc#1151927). - mm, vmstat: hide /proc/pagetypeinfo from normal users (bnc#1151927). - dump_stack: avoid the livelock of the dump_lock (bnc#1151927). - mm: slab: make page_cgroup_ino() to recognize non-compound slab pages properly (bnc#1151927). - btrfs: Consider system chunk array size for new SYSTEM chunks (bnc#1151927). - btrfs: tree-checker: Fix wrong check on max devid (bnc#1151927). - btrfs: save i_size to avoid double evaluation of i_size_read in compress_file_range (bnc#1151927). - tools: gpio: Use !building_out_of_srctree to determine srctree (bnc#1151927). - pinctrl: intel: Avoid potential glitches if pin is in GPIO mode (bnc#1151927). - perf tools: Fix time sorting (bnc#1151927). - perf map: Use zalloc for map_groups (bnc#1151927). - drm/radeon: fix si_enable_smc_cac() failed issue (bnc#1151927). - HID: wacom: generic: Treat serial number and related fields as unsigned (bnc#1151927). - mm/khugepaged: fix might_sleep() warn with CONFIG_HIGHPTE=y (bnc#1151927). - soundwire: depend on ACPI (bnc#1151927). - soundwire: depend on ACPI || OF (bnc#1151927). - soundwire: bus: set initial value to port_status (bnc#1151927). - blkcg: make blkcg_print_stat() print stats only for online blkgs (bnc#1151927). - arm64: Do not mask out PTE_RDONLY in pte_same() (bnc#1151927). - ASoC: rsnd: dma: fix SSI9 4/5/6/7 busif dma address (bnc#1151927). - ceph: fix use-after-free in __ceph_remove_cap() (bnc#1151927). - ceph: fix RCU case handling in ceph_d_revalidate() (bnc#1151927). - ceph: add missing check in d_revalidate snapdir handling (bnc#1151927). - ceph: don't try to handle hashed dentries in non-O_CREAT atomic_open (bnc#1151927). - ceph: don't allow copy_file_range when stripe_count != 1 (bnc#1151927). - iio: adc: stm32-adc: fix stopping dma (bnc#1151927). - iio: imu: adis16480: make sure provided frequency is positive (bnc#1151927). - iio: imu: inv_mpu6050: fix no data on MPU6050 (bnc#1151927). - iio: srf04: fix wrong limitation in distance measuring (bnc#1151927). - ARM: sunxi: Fix CPU powerdown on A83T (bnc#1151927). - ARM: dts: imx6-logicpd: Re-enable SNVS power key (bnc#1151927). - cpufreq: intel_pstate: Fix invalid EPB setting (bnc#1151927). - clone3: validate stack arguments (bnc#1151927). - netfilter: nf_tables: Align nft_expr private data to 64-bit (bnc#1151927). - netfilter: ipset: Fix an error code in ip_set_sockfn_get() (bnc#1151927). - intel_th: gth: Fix the window switching sequence (bnc#1151927). - intel_th: pci: Add Comet Lake PCH support (bnc#1151927). - intel_th: pci: Add Jasper Lake PCH support (bnc#1151927). - x86/dumpstack/64: Don't evaluate exception stacks before setup (bnc#1151927). - x86/apic/32: Avoid bogus LDR warnings (bnc#1151927). - SMB3: Fix persistent handles reconnect (bnc#1151927). - can: usb_8dev: fix use-after-free on disconnect (bnc#1151927). - can: flexcan: disable completely the ECC mechanism (bnc#1151927). - can: c_can: c_can_poll(): only read status register after status IRQ (bnc#1151927). - can: peak_usb: fix a potential out-of-sync while decoding packets (bnc#1151927). - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling, avoid skb mem leak (bnc#1151927). - can: gs_usb: gs_can_open(): prevent memory leak (bnc#1151927). - can: dev: add missing of_node_put() after calling of_get_child_by_name() (bnc#1151927). - can: mcba_usb: fix use-after-free on disconnect (bnc#1151927). - can: peak_usb: fix slab info leak (bnc#1151927). - configfs: fix a deadlock in configfs_symlink() (bnc#1151927). - ALSA: usb-audio: More validations of descriptor units (bnc#1151927). - ALSA: usb-audio: Simplify parse_audio_unit() (bnc#1151927). - ALSA: usb-audio: Unify the release of usb_mixer_elem_info objects (bnc#1151927). - ALSA: usb-audio: Remove superfluous bLength checks (bnc#1151927). - ALSA: usb-audio: Clean up check_input_term() (bnc#1151927). - ALSA: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() (bnc#1151927). - ALSA: usb-audio: remove some dead code (bnc#1151927). - ALSA: usb-audio: Fix copy&paste error in the validator (bnc#1151927). - usbip: Implement SG support to vhci-hcd and stub driver (bnc#1151927). - HID: google: add magnemite/masterball USB ids (bnc#1151927). - dmaengine: sprd: Fix the link-list pointer register configuration issue (bnc#1151927). - bpf: lwtunnel: Fix reroute supplying invalid dst (bnc#1151927). - dmaengine: xilinx_dma: Fix 64-bit simple AXIDMA transfer (bnc#1151927). - dmaengine: xilinx_dma: Fix control reg update in vdma_channel_set_config (bnc#1151927). - dmaengine: sprd: Fix the possible memory leak issue (bnc#1151927). - HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() (bnc#1151927). - powerpc/32s: fix allow/prevent_user_access() when crossing segment boundaries (bnc#1151927). - RDMA/mlx5: Clear old rate limit when closing QP (bnc#1151927). - iw_cxgb4: fix ECN check on the passive accept (bnc#1151927). - RDMA/siw: free siw_base_qp in kref release routine (bnc#1151927). - RDMA/qedr: Fix reported firmware version (bnc#1151927). - IB/core: Use rdma_read_gid_l2_fields to compare GID L2 fields (bnc#1151927). - net/mlx5e: Tx, Fix assumption of single WQEBB of NOP in cleanup flow (bnc#1151927). - net/mlx5e: kTLS, Release reference on DUMPed fragments in shutdown flow (bnc#1151927). - net/mlx5e: TX, Fix consumer index of error cqe dump (bnc#1151927). - net/mlx5: prevent memory leak in mlx5_fpga_conn_create_cq (bnc#1151927). - net/mlx5: fix memory leak in mlx5_fw_fatal_reporter_dump (bnc#1151927). - selftests/bpf: More compatible nc options in test_tc_edt (bnc#1151927). - scsi: qla2xxx: fixup incorrect usage of host_byte (bnc#1151927). - scsi: lpfc: Check queue pointer before use (bnc#1151927). - scsi: ufs-bsg: Wake the device before sending raw upiu commands (bnc#1151927). - ARC: [plat-hsdk]: Enable on-board SPI NOR flash IC (bnc#1151927). - RDMA/uverbs: Prevent potential underflow (bnc#1151927). - bpf: Fix use after free in subprog's jited symbol removal (bnc#1151927). - net: stmmac: Fix the problem of tso_xmit (bnc#1151927). - net: openvswitch: free vport unless register_netdevice() succeeds (bnc#1151927). - scsi: lpfc: Honor module parameter lpfc_use_adisc (bnc#1151927). - scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bnc#1151927). - bpf: Fix use after free in bpf_get_prog_name (bnc#1151927). - iwlwifi: pcie: fix PCI ID 0x2720 configs that should be soc (bnc#1151927). - iwlwifi: pcie: fix all 9460 entries for qnj (bnc#1151927). - iwlwifi: pcie: 0x2720 is qu and 0x30DC is not (bnc#1151927). - netfilter: nf_flow_table: set timeout before insertion into hashes (bnc#1151927). - drm/v3d: Fix memory leak in v3d_submit_cl_ioctl (bnc#1151927). - xsk: Fix registration of Rx-only sockets (bnc#1151927). - net: phy: smsc: LAN8740: add PHY_RST_AFTER_CLK_EN flag (bnc#1151927). - ipvs: don't ignore errors in case refcounting ip_vs module fails (bnc#1151927). - ipvs: move old_secure_tcp into struct netns_ipvs (bnc#1151927). - netfilter: nft_payload: fix missing check for matching length in offloads (bnc#1151927). - RDMA/nldev: Skip counter if port doesn't match (bnc#1151927). - bonding: fix unexpected IFF_BONDING bit unset (bnc#1151927). - bonding: use dynamic lockdep key instead of subclass (bnc#1151927). - macsec: fix refcnt leak in module exit routine (bnc#1151927). - virt_wifi: fix refcnt leak in module exit routine (bnc#1151927). - scsi: sd: define variable dif as unsigned int instead of bool (bnc#1151927). - usb: dwc3: select CONFIG_REGMAP_MMIO (bnc#1151927). - usb: fsl: Check memory resource before releasing it (bnc#1151927). - usb: gadget: udc: atmel: Fix interrupt storm in FIFO mode (bnc#1151927). - usb: gadget: composite: Fix possible double free memory bug (bnc#1151927). - usb: gadget: configfs: fix concurrent issue between composite APIs (bnc#1151927). - usb: dwc3: remove the call trace of USBx_GFLADJ (bnc#1151927). - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity (bnc#1151927). - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) (bnc#1151927). - perf/x86/uncore: Fix event group support (bnc#1151927). - USB: Skip endpoints with 0 maxpacket length (bnc#1151927). - USB: ldusb: use unsigned size format specifiers (bnc#1151927). - usbip: tools: Fix read_usb_vudc_device() error path handling (bnc#1151927). - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bnc#1151927). - RDMA/hns: Prevent memory leaks of eq->buf_list (bnc#1151927). - hwmon: (ina3221) Fix read timeout issue (bnc#1151927). - scsi: qla2xxx: stop timer in shutdown path (bnc#1151927). - sched/topology: Don't try to build empty sched domains (bnc#1151927). - sched/topology: Allow sched_asym_cpucapacity to be disabled (bnc#1151927). - nvme-multipath: fix possible io hang after ctrl reconnect (bnc#1151927). - net: hisilicon: Fix "Trying to free already-free IRQ" (bnc#1151927). - wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle (bnc#1151927). - net: mscc: ocelot: fix vlan_filtering when enslaving to bridge before link is up (bnc#1151927). - net: mscc: ocelot: refuse to overwrite the port's native vlan (bnc#1151927). - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bnc#1151927). - mt76: dma: fix buffer unmap with non-linear skbs (bnc#1151927). - drm/amdgpu/sdma5: do not execute 0-sized IBs (v2) (bnc#1151927). - drm/sched: Set error to s_fence if HW job submission failed (bnc#1151927). - drm/amdgpu: If amdgpu_ib_schedule fails return back the error (bnc#1151927). - drm/amd/display: do not synchronize "drr" displays (bnc#1151927). - drm/amd/display: add 50us buffer as WA for pstate switch in active (bnc#1151927). - drm/amd/display: Passive DP->HDMI dongle detection fix (bnc#1151927). - dc.c:use kzalloc without test (bnc#1151927). - SUNRPC: The TCP back channel mustn't disappear while requests are outstanding (bnc#1151927). - SUNRPC: The RDMA back channel mustn't disappear while requests are outstanding (bnc#1151927). - SUNRPC: Destroy the back channel when we destroy the host transport (bnc#1151927). - hv_netvsc: Fix error handling in netvsc_attach() (bnc#1151927). - efi/tpm: Return -EINVAL when determining tpm final events log size fails (bnc#1151927). - efi: libstub/arm: Account for firmware reserved memory at the base of RAM (bnc#1151927). - x86, efi: Never relocate kernel below lowest acceptable address (bnc#1151927). - arm64: cpufeature: Enable Qualcomm Falkor errata 1009 for Kryo (bnc#1151927). - usb: dwc3: gadget: fix race when disabling ep with cancelled xfers (bnc#1151927). - arm64: apply ARM64_ERRATUM_845719 workaround for Brahma-B53 core (bnc#1151927). - arm64: Brahma-B53 is SSB and spectre v2 safe (bnc#1151927). - arm64: apply ARM64_ERRATUM_843419 workaround for Brahma-B53 core (bnc#1151927). - NFSv4: Don't allow a cached open with a revoked delegation (bnc#1151927). - net: ethernet: arc: add the missed clk_disable_unprepare (bnc#1151927). - igb: Fix constant media auto sense switching when no cable is connected (bnc#1151927). - e1000: fix memory leaks (bnc#1151927). - gve: Fixes DMA synchronization (bnc#1151927). - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (bnc#1151927). - pinctrl: cherryview: Fix irq_valid_mask calculation (bnc#1151927). - clk: imx8m: Use SYS_PLL1_800M as intermediate parent of CLK_ARM (bnc#1151927). - timekeeping/vsyscall: Update VDSO data unconditionally (bnc#1151927). - mm/filemap.c: don't initiate writeback if mapping has no dirty pages (bnc#1151927). - cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead (bnc#1151927). - ARM: dts: stm32: change joystick pinctrl definition on stm32mp157c-ev1 (bnc#1151927). - ASoC: SOF: Intel: hda-stream: fix the CONFIG_ prefix missing (bnc#1151927). - usbip: Fix free of unallocated memory in vhci tx (bnc#1151927). - bonding: fix using uninitialized mode_lock (bnc#1151927). - netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets (bnc#1151927). - arm64: errata: Update stale comment (bnc#1151927). - net/ibmvnic: unlock rtnl_lock in reset so linkwatch_event can run (bnc#1151927). - drm/i915: Rename gen7 cmdparser tables (bnc#1151927). - drm/i915: Disable Secure Batches for gen6+ (bnc#1151927). - drm/i915: Remove Master tables from cmdparser (bnc#1151927). - drm/i915: Add support for mandatory cmdparsing (bnc#1151927). - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bnc#1151927). - drm/i915: Allow parsing of unsized batches (bnc#1151927). - drm/i915: Add gen9 BCS cmdparsing (bnc#1151927). - drm/i915/cmdparser: Use explicit goto for error paths (bnc#1151927). - drm/i915/cmdparser: Add support for backward jumps (bnc#1151927). - drm/i915/cmdparser: Ignore Length operands during command matching (bnc#1151927). - drm/i915: Lower RM timeout to avoid DSI hard hangs (bnc#1151927). - drm/i915/gen8+: Add RC6 CTX corruption WA (bnc#1151927). - drm/i915/cmdparser: Fix jump whitelist clearing (bnc#1151927). - x86/msr: Add the IA32_TSX_CTRL MSR (bnc#1151927). - x86/cpu: Add a helper function x86_read_arch_cap_msr() (bnc#1151927). - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default (bnc#1151927). - x86/speculation/taa: Add mitigation for TSX Async Abort (bnc#1151927). - x86/speculation/taa: Add sysfs reporting for TSX Async Abort (bnc#1151927). - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (bnc#1151927). - x86/tsx: Add "auto" option to the tsx= cmdline parameter (bnc#1151927). - x86/speculation/taa: Add documentation for TSX Async Abort (bnc#1151927). - x86/tsx: Add config options to set tsx=on|off|auto (bnc#1151927). - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (bnc#1151927). - x86/bugs: Add ITLB_MULTIHIT bug infrastructure (bnc#1151927). - x86/cpu: Add Tremont to the cpu vulnerability whitelist (bnc#1151927). - cpu/speculation: Uninline and export CPU mitigations helpers (bnc#1151927). - Documentation: Add ITLB_MULTIHIT documentation (bnc#1151927). - kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bnc#1151927). - kvm: mmu: ITLB_MULTIHIT mitigation (bnc#1151927). - kvm: Add helper function for creating VM worker threads (bnc#1151927). - kvm: x86: mmu: Recovery of shattered NX large pages (bnc#1151927). - Update config files. Set X86_INTEL_TSX_MODE_OFF=y (the default) - commit 0a195a8 - usb: dwc3: pci: prevent memory leak in dwc3_pci_probe (CVE-2019-18813,bsc#1156278). - ASoC: SOF: Fix memory leak in sof_dfsentry_write (CVE-2019-18812,bsc#1156277). - commit 8a126f1 - Refresh patches.suse/stacktrace-don-t-skip-first-entry-on-noncurrent-task.patch. Update upstream status. - commit baac78a - Linux 5.3.10 (bnc#1151927). - usb: gadget: udc: core: Fix segfault if udc_bind_to_driver() for pending driver fails (bnc#1151927). - arm64: dts: ti: k3-am65-main: Fix gic-its node unit-address (bnc#1151927). - ASoC: pcm3168a: The codec does not support S32_LE (bnc#1151927). - selftests/powerpc: Fix compile error on tlbie_test due to newer gcc (bnc#1151927). - selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue (bnc#1151927). - CIFS: Fix retry mid list corruption on reconnects (bnc#1151927). - platform/x86: pmc_atom: Add Siemens SIMATIC IPC227E to critclk_systems DMI table (bnc#1151927). - net/flow_dissector: switch to siphash (bnc#1151927). - net: bcmgenet: reset 40nm EPHY on energy detect (bnc#1151927). - net: phy: bcm7xxx: define soft_reset for 40nm EPHY (bnc#1151927). - net: netem: correct the parent's backlog when corrupted packet was dropped (bnc#1151927). - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2 (bnc#1151927). - net: usb: lan78xx: Connect PHY before registering MAC (bnc#1151927). - net: reorder 'struct net' fields to avoid false sharing (bnc#1151927). - net: netem: fix error path for corrupted GSO frames (bnc#1151927). - net: hns3: fix mis-counting IRQ vector numbers issue (bnc#1151927). - net: ensure correct skb->tstamp in various fragmenters (bnc#1151927). - net: dsa: fix switch tree list (bnc#1151927). - net: dsa: b53: Do not clear existing mirrored port mask (bnc#1151927). - net: bcmgenet: don't set phydev->link from MAC (bnc#1151927). - ipv4: fix IPSKB_FRAG_PMTU handling with fragmentation (bnc#1151927). - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (bnc#1151927). - net/mlx5e: Fix ethtool self test: link speed (bnc#1151927). - r8169: fix wrong PHY ID issue with RTL8168dp (bnc#1151927). - mlxsw: core: Unpublish devlink parameters during reload (bnc#1151927). - net/mlx5: Fix rtable reference leak (bnc#1151927). - net/smc: fix refcounting for non-blocking connect() (bnc#1151927). - net/mlx5: Fix flow counter list auto bits struct (bnc#1151927). - net/mlx5e: Initialize on stack link modes bitmap (bnc#1151927). - net/mlx5e: Remove incorrect match criteria assignment line (bnc#1151927). - net/mlx5e: Determine source port properly for vlan push action (bnc#1151927). - rxrpc: Fix handling of last subpacket of jumbo packet (bnc#1151927). - net: phylink: Fix phylink_dbg() macro (bnc#1151927). - keys: Fix memory leak in copy_net_ns (bnc#1151927). - net/smc: keep vlan_id for SMC-R in smc_listen_work() (bnc#1151927). - net/smc: fix closing of fallback SMC sockets (bnc#1151927). - selftests: fib_tests: add more tests for metric update (bnc#1151927). - ipv4: fix route update on metric change (bnc#1151927). - net: add READ_ONCE() annotation in __skb_wait_for_more_packets() (bnc#1151927). - net: use skb_queue_empty_lockless() in busy poll contexts (bnc#1151927). - net: use skb_queue_empty_lockless() in poll() handlers (bnc#1151927). - udp: use skb_queue_empty_lockless() (bnc#1151927). - net: add skb_queue_empty_lockless() (bnc#1151927). - vxlan: check tun_info options_len properly (bnc#1151927). - udp: fix data-race in udp_set_dev_scratch() (bnc#1151927). - selftests: net: reuseport_dualstack: fix uninitalized parameter (bnc#1151927). - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol() (bnc#1151927). - net: usb: lan78xx: Disable interrupts before calling generic_handle_irq() (bnc#1151927). - net: rtnetlink: fix a typo fbd -> fdb (bnc#1151927). - netns: fix GFP flags in rtnl_net_notifyid() (bnc#1151927). - net/mlx4_core: Dynamically set guaranteed amount of counters per VF (bnc#1151927). - net: hisilicon: Fix ping latency when deal with high throughput (bnc#1151927). - net: fix sk_page_frag() recursion from memory reclaim (bnc#1151927). - net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum (bnc#1151927). - net: dsa: bcm_sf2: Fix IMP setup for port different than 8 (bnc#1151927). - net: annotate lockless accesses to sk->sk_napi_id (bnc#1151927). - net: annotate accesses to sk->sk_incoming_cpu (bnc#1151927). - inet: stop leaking jiffies on the wire (bnc#1151927). - erspan: fix the tun_info options_len check for erspan (bnc#1151927). - dccp: do not leak jiffies on the wire (bnc#1151927). - cxgb4: request the TX CIDX updates to status page (bnc#1151927). - cxgb4: fix panic when attaching to ULD fail (bnc#1151927). - nbd: handle racing with error'ed out commands (bnc#1151927). - nbd: protect cmd->status with cmd->lock (bnc#1151927). - irqchip/sifive-plic: Skip contexts except supervisor in plic_init() (bnc#1151927). - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bnc#1151927). - i2c: stm32f7: remove warning when compiling with W=1 (bnc#1151927). - i2c: stm32f7: fix a race in slave mode with arbitration loss irq (bnc#1151927). - i2c: stm32f7: fix first byte to send in slave mode (bnc#1151927). - i2c: mt65xx: fix NULL ptr dereference (bnc#1151927). - irqchip/gic-v3-its: Use the exact ITSList for VMOVP (bnc#1151927). - MIPS: bmips: mark exception vectors as char arrays (bnc#1151927). - of: unittest: fix memory leak in unittest_data_add (bnc#1151927). - ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bnc#1151927). - selftests: kvm: fix sync_regs_test with newer gccs (bnc#1151927). - selftests: kvm: vmx_set_nested_state_test: don't check for VMX support twice (bnc#1151927). - ARM: 8926/1: v7m: remove register save to stack before svc (bnc#1151927). - drm/komeda: Don't flush inactive pipes (bnc#1151927). - i2c: aspeed: fix master pending state handling (bnc#1151927). - ARM: dts: bcm2837-rpi-cm3: Avoid leds-gpio probing issue (bnc#1151927). - tracing: Fix "gfp_t" format for synthetic events (bnc#1151927). - ASoC: SOF: control: return true when kcontrol values change (bnc#1151927). - ASoC: Intel: sof-rt5682: add a check for devm_clk_get (bnc#1151927). - scsi: hpsa: add missing hunks in reset-patch (bnc#1151927). - scsi: target: core: Do not overwrite CDB byte 1 (bnc#1151927). - drm/amdgpu: fix error handling in amdgpu_bo_list_create (bnc#1151927). - drm/amdgpu: fix potential VM faults (bnc#1151927). - ARM: davinci: dm365: Fix McBSP dma_slave_map entry (bnc#1151927). - perf kmem: Fix memory leak in compact_gfp_flags() (bnc#1151927). - 8250-men-mcb: fix error checking when get_num_ports returns - ENODEV (bnc#1151927). - perf c2c: Fix memory leak in build_cl_output() (bnc#1151927). - perf tools: Fix resource leak of closedir() on the error paths (bnc#1151927). - arm64: dts: imx8mm: Use correct clock for usdhc's ipg clk (bnc#1151927). - arm64: dts: imx8mq: Use correct clock for usdhc's ipg clk (bnc#1151927). - ARM: dts: imx7s: Correct GPT's ipg clock source (bnc#1151927). - ARM: dts: vf610-zii-scu4-aib: Specify 'i2c-mux-idle-disconnect' (bnc#1151927). - ARM: dts: imx6q-logicpd: Re-Enable SNVS power key (bnc#1151927). - arm64: dts: lx2160a: Correct CPU core idle state name (bnc#1151927). - arm64: dts: rockchip: Fix usb-c on Hugsun X99 TV Box (bnc#1151927). - arm64: dts: rockchip: fix RockPro64 sdmmc settings (bnc#1151927). - ARM: 8914/1: NOMMU: Fix exc_ret for XIP (bnc#1151927). - ARM: 8908/1: add __always_inline to functions called from __get_user_check() (bnc#1151927). - scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE (bnc#1151927). - scsi: sni_53c710: fix compilation error (bnc#1151927). - scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions (bnc#1151927). - scsi: qla2xxx: fix a potential NULL pointer dereference (bnc#1151927). - ARM: mm: fix alignment handler faults under memory pressure (bnc#1151927). - ARM: dts: Use level interrupt for omap4 & 5 wlcore (bnc#1151927). - ASoC: simple_card_utils.h: Fix potential multiple redefinition error (bnc#1151927). - ASoC: msm8916-wcd-digital: add missing MIX2 path for RX1/2 (bnc#1151927). - ARM: dts: am3874-iceboard: Fix 'i2c-mux-idle-disconnect' usage (bnc#1151927). - arm64: dts: zii-ultra: fix ARM regulator states (bnc#1151927). - pinctrl: stmfx: fix null pointer on remove (bnc#1151927). - pinctrl: ns2: Fix off by one bugs in ns2_pinmux_enable() (bnc#1151927). - arm64: dts: rockchip: fix RockPro64 sdhci settings (bnc#1151927). - arm64: dts: rockchip: fix RockPro64 vdd-log regulator settings (bnc#1151927). - ARM: dts: logicpd-torpedo-som: Remove twl_keypad (bnc#1151927). - arm64: dts: rockchip: fix Rockpro64 RK808 interrupt line (bnc#1151927). - ASoc: rockchip: i2s: Fix RPM imbalance (bnc#1151927). - ASoC: wm_adsp: Don't generate kcontrols without READ flags (bnc#1151927). - regulator: pfuze100-regulator: Variable "val" in pfuze100_regulator_probe() could be uninitialized (bnc#1151927). - ASoC: intel: bytcr_rt5651: add null check to support_button_press (bnc#1151927). - ASoC: intel: sof_rt5682: add remove function to disable jack (bnc#1151927). - ASoC: rt5682: add NULL handler to set_jack function (bnc#1151927). - ASoC: SOF: Intel: hda: Disable DMI L1 entry during capture (bnc#1151927). - Update config files. CONFIG_SND_SOC_SOF_HDA_ALWAYS_ENABLE_DMI_L1=n as per default. - ASoC: SOF: Intel: initialise and verify FW crash dump data (bnc#1151927). - ASoC: SOF: Intel: hda: fix warnings during FW load (bnc#1151927). - ASoC: SOF: topology: fix parse fail issue for byte/bool tuple types (bnc#1151927). - ASoC: SOF: loader: fix kernel oops on firmware boot failure (bnc#1151927). - pinctrl: intel: Allocate IRQ chip dynamic (bnc#1151927). - regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone (bnc#1151927). - arm64: dts: Fix gpio to pinmux mapping (bnc#1151927). - arm64: dts: allwinner: a64: sopine-baseboard: Add PHY regulator delay (bnc#1151927). - arm64: dts: allwinner: a64: Drop PMU node (bnc#1151927). - arm64: dts: allwinner: a64: pine64-plus: Add PHY regulator delay (bnc#1151927). - ASoC: topology: Fix a signedness bug in soc_tplg_dapm_widget_create() (bnc#1151927). - regulator: da9062: fix suspend_enable/disable preparation (bnc#1151927). - ASoC: wm8994: Do not register inapplicable controls for WM1811 (bnc#1151927). - ASoC: samsung: arndale: Add missing OF node dereferencing (bnc#1151927). - regulator: of: fix suspend-min/max-voltage parsing (bnc#1151927). - commit eedf3c5 - fjes: Handle workqueue allocation failure (CVE-2019-16231,bsc#1150466). - commit 3bf0c5a ==== rdma-core ==== Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1 - Add libefa1 to baselibs.conf - Fix baselibs.conf - BuildRequire valgrind-client-headers instead of full valgrind-devel where available. ==== setools ==== Version update (4.2.1 -> 4.2.2) - Add python3.8-compat.patch to allow build with Python 3.8 Still doesn't work though because of gh#SELinuxProject/setools#31 - Update to the upstream version 4.2.2: - Remove source policy references from man pages, as loading source policies is no longer supported. - Fixed a performance regression in alias loading after alias dereferencing fixes in 4.2.1. ==== suse-module-tools ==== Version update (15.2.5 -> 15.2.7) - Update to version 15.2.7: * spec file: avoid %{_libexecdir} - Update to version 15.2.6: * modprobe.conf: add dependency of papr_scm on libnvdimm (bsc#1142152, ltc#176292, FATE#327775). -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] New MicroOS snapshot 20191112 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: podman (1.6.1 -> 1.6.2) === Details === ==== podman ==== Version update (1.6.1 -> 1.6.2) Subpackages: podman-cni-config - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] New Kubic snapshot 20191112 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: cri-o kubernetes kubic-control podman (1.6.1 -> 1.6.2) weave (2.5.2 -> 2.6.0) === Details === ==== cri-o ==== Subpackages: cri-o-kubeadm-criconfig - Switch to `systemd` cgroup driver in kubelet config also - Switch to `systemd` cgroup manager in replacement for `cgroupfs` - Remove obsolete Groups tag (fate#326485) ==== kubernetes ==== Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet - Ensure that BPPFS is mounted before starting kubelet (bsc#1146991) ==== kubic-control ==== Subpackages: kubicctl kubicd - Fix path of /usr/etc/kubicd ==== podman ==== Version update (1.6.1 -> 1.6.2) Subpackages: podman-cni-config - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 ==== weave ==== Version update (2.5.2 -> 2.6.0) - Update weave to 2.6.0 - Fix a race condition in Kubernetes addon when reclaiming IP addresses after node deletion #3724, #3716 - Buffer events so Docker won't drop them, and Weave Net can clean up after dead containers #3432, #3705 - Weave reconnect occasionally fails after network interface disconnect #3666, #3669, #3676 - Ingress NetworkPolicy would accepts all traffic when specifying both IPBlock and port #3653, #3654 - Support both podSelector and namespaceSelector in NetworkPolicy #3312, #3647 - Only add default-drop egress rule if network policies are in use #3639 - Manifests use 'apps/v1' rather than deprecated 'apps/v1beta1' #3660 - Avoid Weave Net pods being evicted by setting priorityClassName: system-node-critical #3697 - Manifests use recommended DNS policy ClusterFirstWithHostNet #3692 - Weave Net now tolerates 'NoExecute' taint #3655 - Allow extra arguments to NetworkPolicy controller to be set in an environment variable #3683 - Stop reporting a failure to connect to self #3454, #3585 - Minor reduction in log noise when reclaiming IPs #3710 - Update weave.yaml for kubernetes 1.16 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] New MicroOS snapshot 20191112 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: podman (1.6.1 -> 1.6.2) === Details === ==== podman ==== Version update (1.6.1 -> 1.6.2) Subpackages: podman-cni-config - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] New Kubic snapshot 20191112 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: cri-o kubernetes kubic-control podman (1.6.1 -> 1.6.2) weave (2.5.2 -> 2.6.0) === Details === ==== cri-o ==== Subpackages: cri-o-kubeadm-criconfig - Switch to `systemd` cgroup driver in kubelet config also - Switch to `systemd` cgroup manager in replacement for `cgroupfs` - Remove obsolete Groups tag (fate#326485) ==== kubernetes ==== Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet - Ensure that BPPFS is mounted before starting kubelet (bsc#1146991) ==== kubic-control ==== Subpackages: kubicctl kubicd - Fix path of /usr/etc/kubicd ==== podman ==== Version update (1.6.1 -> 1.6.2) Subpackages: podman-cni-config - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 ==== weave ==== Version update (2.5.2 -> 2.6.0) - Update weave to 2.6.0 - Fix a race condition in Kubernetes addon when reclaiming IP addresses after node deletion #3724, #3716 - Buffer events so Docker won't drop them, and Weave Net can clean up after dead containers #3432, #3705 - Weave reconnect occasionally fails after network interface disconnect #3666, #3669, #3676 - Ingress NetworkPolicy would accepts all traffic when specifying both IPBlock and port #3653, #3654 - Support both podSelector and namespaceSelector in NetworkPolicy #3312, #3647 - Only add default-drop egress rule if network policies are in use #3639 - Manifests use 'apps/v1' rather than deprecated 'apps/v1beta1' #3660 - Avoid Weave Net pods being evicted by setting priorityClassName: system-node-critical #3697 - Manifests use recommended DNS policy ClusterFirstWithHostNet #3692 - Weave Net now tolerates 'NoExecute' taint #3655 - Allow extra arguments to NetworkPolicy controller to be set in an environment variable #3683 - Stop reporting a failure to connect to self #3454, #3585 - Minor reduction in log noise when reclaiming IPs #3710 - Update weave.yaml for kubernetes 1.16 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] Can we have vagrant boxes for kubic and MicroOS?

by Johannes Kastl

Hi all, I just had a chat with Dan Čermák because I think it would be great to not only have Tumbleweed and (hopefully soon) Leap vagrant boxes, but rather all of our "products". So, can we have official vagrant boxes for Kubic and MicroOS? Kind Regards, Johannes -- Johannes Kastl Linux Consultant & Trainer Tel.: +49 (0) 151 2372 5802 Mail: kastl(a)b1-systems.de B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg http://www.b1-systems.de GF: Ralph Dehner Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537

1 year, 10 months

4
8
0 0

[opensuse-kubic] New MicroOS snapshot 20191112 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: podman (1.6.1 -> 1.6.2) === Details === ==== podman ==== Version update (1.6.1 -> 1.6.2) Subpackages: podman-cni-config - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] New Kubic snapshot 20191112 released!

by Richard Brown

Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T… https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com… Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: cri-o kubernetes kubic-control podman (1.6.1 -> 1.6.2) weave (2.5.2 -> 2.6.0) === Details === ==== cri-o ==== Subpackages: cri-o-kubeadm-criconfig - Switch to `systemd` cgroup driver in kubelet config also - Switch to `systemd` cgroup manager in replacement for `cgroupfs` - Remove obsolete Groups tag (fate#326485) ==== kubernetes ==== Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet - Ensure that BPPFS is mounted before starting kubelet (bsc#1146991) ==== kubic-control ==== Subpackages: kubicctl kubicd - Fix path of /usr/etc/kubicd ==== podman ==== Version update (1.6.1 -> 1.6.2) Subpackages: podman-cni-config - Add container-start-fix.patch to correct output of container-start to show container_name, not _id. - Update podman to v1.6.2 * Features - Added a --runtime flag to podman system migrate to allow the OCI runtime for all containers to be reset, to ease transition to the crun runtime on CGroups V2 systems until runc gains full support - The podman rm command can now remove containers in broken states which previously could not be removed - The podman info command, when run without root, now shows information on UID and GID mappings in the rootless user namespace - Added podman build --squash-all flag, which squashes all layers (including those of the base image) into one layer - The --systemd flag to podman run and podman create now accepts a string argument and allows a new value, always, which forces systemd support without checking if the the container entrypoint is systemd * Bugfixes - Fixed a bug where the podman top command did not work on systems using CGroups V2 (#4192) - Fixed a bug where rootless Podman could double-close a file, leading to a panic - Fixed a bug where rootless Podman could fail to retrieve some containers while refreshing the state - Fixed a bug where podman start --attach --sig-proxy=false would still proxy signals into the container - Fixed a bug where Podman would unconditionally use a non-default path for authentication credentials (auth.json), breaking podman login integration with skopeo and other tools using the containers/image library - Fixed a bug where podman ps --format=json and podman images - -format=json would display null when no results were returned, instead of valid JSON - Fixed a bug where podman build --squash was incorrectly squashing all layers into one, instead of only new layers - Fixed a bug where rootless Podman would allow volumes with options to be mounted (mounting volumes requires root), creating an inconsistent state where volumes reported as mounted but were not (#4248) - Fixed a bug where volumes which failed to unmount could not be removed (#4247) - Fixed a bug where Podman incorrectly handled some errors relating to unmounted or missing containers in containers/storage - Fixed a bug where podman stats was broken on systems running CGroups V2 when run rootless (#4268) - Fixed a bug where the podman start command would print the short container ID, instead of the full ID - Fixed a bug where containers created with an OCI runtime that is no longer available (uninstalled or removed from the config file) would not appear in podman ps and could not be removed via podman rm - Fixed a bug where containers restored via podman container restore --import would retain the CGroup path of the original container, even if their container ID changed; thus, multiple containers created from the same checkpoint would all share the same CGroup * Misc - The default PID limit for containers is now set to 4096. It can be adjusted back to the old default (unlimited) by passing - -pids-limit 0 to podman create and podman run - The podman start --attach command now automatically attaches STDIN if the container was created with -i - The podman network create command now validates network names using the same regular expression as container and pod names - The --systemd flag to podman run and podman create will now only enable systemd mode when the binary being run inside the container is /sbin/init, /usr/sbin/init, or ends in systemd (previously detected any path ending in init or systemd) - Updated vendored Buildah to 1.11.3 - Updated vendored containers/storage to 1.13.5 - Updated vendored containers/image to 4.0.1 ==== weave ==== Version update (2.5.2 -> 2.6.0) - Update weave to 2.6.0 - Fix a race condition in Kubernetes addon when reclaiming IP addresses after node deletion #3724, #3716 - Buffer events so Docker won't drop them, and Weave Net can clean up after dead containers #3432, #3705 - Weave reconnect occasionally fails after network interface disconnect #3666, #3669, #3676 - Ingress NetworkPolicy would accepts all traffic when specifying both IPBlock and port #3653, #3654 - Support both podSelector and namespaceSelector in NetworkPolicy #3312, #3647 - Only add default-drop egress rule if network policies are in use #3639 - Manifests use 'apps/v1' rather than deprecated 'apps/v1beta1' #3660 - Avoid Weave Net pods being evicted by setting priorityClassName: system-node-critical #3697 - Manifests use recommended DNS policy ClusterFirstWithHostNet #3692 - Weave Net now tolerates 'NoExecute' taint #3655 - Allow extra arguments to NetworkPolicy controller to be set in an environment variable #3683 - Stop reporting a failure to connect to self #3454, #3585 - Minor reduction in log noise when reclaiming IPs #3710 - Update weave.yaml for kubernetes 1.16 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org

1 year, 10 months

1
0
0 0

[opensuse-kubic] Explanation on the different Kubic and MicroOS images

by Johannes Kastl

Hi all, is there a explanation somewhere (that I did not find?) on what the heap of different images is? I was looking for e.g. a list of packages that are included in one image, but not in the other. In other words, what makes the kubeadm one a better choice than the "Tumbleweed kubic" image for my use case? What is either offering or missing, in comparison? When to choose one over the other? I could look into the kiwi templates, I guess, but I was hoping there was a wiki page or presentation or similar... ;-) Kind Regards, Johannes Taking OpenStack qcow2 images as example: openSUSE-MicroOS.x86_64-16.0.0-ContainerHost-OpenStack-Cloud-Snapshot20191110.qcow2 This would be "Tumbleweed Kubic - Multi-purpose Standalone & Kubernetes Container Operating System based on openSUSE MicroOS " openSUSE-MicroOS.x86_64-16.0.0-Kubic-kubeadm-OpenStack-Cloud-Snapshot20191110.qcow2 This would be "kubeadm Certified Kubernetes - Certified Kubernetes Distribution using kubeadm atop an openSUSE MicroOS base system" And then we have the plain MicroOS: openSUSE-MicroOS.x86_64-16.0.0-OpenStack-Cloud-Snapshot20191110.qcow2 -- Johannes Kastl Linux Consultant & Trainer Tel.: +49 (0) 151 2372 5802 Mail: kastl(a)b1-systems.de B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg http://www.b1-systems.de GF: Ralph Dehner Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537

1 year, 10 months

3
6
0 0

2021

2020

2019

2018

openSUSE Kubic November 2019