openSUSE Kubic
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
August 2019
- 5 participants
- 23 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bcache-tools (1.0.9 -> 1.0.8+suse5)
conmon
e2fsprogs (1.45.2 -> 1.45.3)
elfutils (0.176 -> 0.177)
gawk (4.2.1 -> 5.0.1)
gcc9 (9.1.1+r274111 -> 9.2.1+r274709)
installation-images-MicroOS (14.431 -> 14.432)
ipset (7.2 -> 7.3)
iputils
kernel-source (5.2.9 -> 5.2.10)
libgpg-error
libnftnl (1.1.3 -> 1.1.4)
metallb (0.8.0 -> 0.8.1)
mokutil (0.3.0 -> 0.4.0)
nghttp2 (1.39.1 -> 1.39.2)
openpgm
openssh
pam-config (1.1 -> 1.2)
patterns-containers
python-packaging (19.0 -> 19.1)
python-pyOpenSSL
python-pyzmq (18.0.2 -> 18.1.0)
python-setuptools (41.0.1 -> 41.2.0)
read-only-root-fs (1.0+git20190206.586e9f1 -> 1.0+git20190607.11f8587)
rook (1.0.0+git1862.ge9abbf48 -> 1.0.0+git1899.g69255322)
rpm-config-SUSE (0.g27 -> 0.g32)
sudo
suse-module-tools (15.2.4 -> 15.2.5)
util-linux (2.33.2 -> 2.34)
util-linux-systemd (2.33.2 -> 2.34)
yomi-formula (0.0.1+git.1565191883.64eabeb -> 0.0.1+git.1565868437.c6afdff)
=== Details ===
==== bcache-tools ====
Version update (1.0.9 -> 1.0.8+suse5)
- Add a _service file for the tarball from outer space.
- Shift the version number to 1.0.8+suse5 because there has never
been a 1.0.9 release.
==== conmon ====
- Upstream has an actual description, use it instead of just
duplicating the summary again.
==== e2fsprogs ====
Version update (1.45.2 -> 1.45.3)
Subpackages: libcom_err2 libext2fs2
- Update to 1.45.3:
* Whether or not automatic online scrubbing will be called is now controlled
in /etc/e2scrub.conf.
* Fix e2fsck handling of filesystems with large_dir and inline directories
* Fix e2scrub_all for encrypted LUKS partitions
* Fix e2scrub_all volume cleanup
* Regression tests cleanups and improvements
* Fixed compiler warnings
* Translation fixes and updates
==== elfutils ====
Version update (0.176 -> 0.177)
Subpackages: libasm1 libdw1 libebl-plugins libelf1
- Update to version 0.177:
elfclassify: New tool to analyze ELF objects.
readelf: Print DW_AT_data_member_location as decimal offset.
Decode DW_AT_discr_list block attributes.
libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias.
libdwelf: Add dwelf_elf_e_machine_string.
dwelf_elf_begin now only returns NULL when there is an error
reading or decompressing a file. If the file is not an ELF file
an ELF handle of type ELF_K_NONE is returned.
backends: Add support for C-SKY.
- remove fix-bsc-1110929.diff and gcc9-tests-Don-t-printf-a-known-NULL-symname.patch
- Use %make_build
==== gawk ====
Version update (4.2.1 -> 5.0.1)
- GNU awk 5.0.1:
* Sandbox mode now disallows assigning new filename values in
ARGV that were not there when gawk was invoked
* The new argument "no-ext" to --lint disables "XXX is a gawk
extension" lint warnings
- possibly incompatible changes in 5.0.0:
* Add support for the POSIX standard %a and %A printf formats
* Replace regex routines with those from GNULIB
* PROCINFO["platform"] yields a string indicating the platform for
which gawk was compiled.
* Writing to elements of SYMTAB that are not variable names now
causes a fatal error
* New comment handling in the pretty-printer
* Namespaces have been implemented. Files included with -i, read
with -f, and command line program segments must all be self-
contained syntactic units.
* now uses the locale settings for ignoring case in single byte
locales, instead of hardwiring in Latin-1
==== gcc9 ====
Version update (9.1.1+r274111 -> 9.2.1+r274709)
Subpackages: libgcc_s1 libstdc++6
- Update gcc9-add-flto=auto.patch by adding backport
of upstream revision r274849.
- Update to gcc-9-branch head (r274709).
- Add gcc9-pr91307.patch to make symbols for aggregated global
constructor names stable when using LTO.
- Update to gcc-9-branch head (r274311).
* Includes GCC 9.2 release. [jsc#SLE-6536, jsc#SLE-6533]
- Update nvptx-newlib.tar.xz to official newlib-3.1.0.tar.xz
since nvptx support is now upstream.
- Add gcc9-add-flto=auto.patch in order to support -flto=auto.
==== installation-images-MicroOS ====
Version update (14.431 -> 14.432)
- merge gh#openSUSE/installation-images#327
- add all gpio modules (bsc#1145777)
- 14.432
==== ipset ====
Version update (7.2 -> 7.3)
Subpackages: libipset13
- Update to new upstream release 7.3
* Fix rename concurrency with listing, which can result broken
list/save results.
* ipset: Copy the right MAC address in bitmap:ip,mac and
hash:ip,mac sets.
* ipset: Actually allow destination MAC address for hash:ip,mac
sets too.
==== iputils ====
- Fix arping -D problem (bsc#1146440)
* added arping-revert-partially-fix-sent-vs-received-package.patch
(upstream commit 18f14be)
==== kernel-source ====
Version update (5.2.9 -> 5.2.10)
Subpackages: kernel-debug kernel-default
- Linux 5.2.10 (bnc#1012628).
- KEYS: trusted: allow module init if TPM is inactive or
deactivated (bnc#1012628).
- sh: kernel: hw_breakpoint: Fix missing break in switch statement
(bnc#1012628).
- seq_file: fix problem when seeking mid-record (bnc#1012628).
- mm/hmm: fix bad subpage pointer in try_to_unmap_one
(bnc#1012628).
- mm: mempolicy: make the behavior consistent when MPOL_MF_MOVE*
and MPOL_MF_STRICT were specified (bnc#1012628).
- mm: mempolicy: handle vma with unmovable pages mapped correctly
in mbind (bnc#1012628).
- mm/z3fold.c: fix z3fold_destroy_pool() ordering (bnc#1012628).
- mm/z3fold.c: fix z3fold_destroy_pool() race condition
(bnc#1012628).
- mm/memcontrol.c: fix use after free in mem_cgroup_iter()
(bnc#1012628).
- mm/usercopy: use memory range to be accessed for wraparound
check (bnc#1012628).
- mm, vmscan: do not special-case slab reclaim when watermarks
are boosted (bnc#1012628).
- cpufreq: schedutil: Don't skip freq update when limits change
(bnc#1012628).
- drm/amdgpu: fix gfx9 soft recovery (bnc#1012628).
- drm/nouveau: Only recalculate PBN/VCPI on mode/connector changes
(bnc#1012628).
- xtensa: add missing isync to the cpu_reset TLB code
(bnc#1012628).
- arm64: ftrace: Ensure module ftrace trampoline is coherent
with I-side (bnc#1012628).
- ALSA: hda/realtek - Add quirk for HP Envy x360 (bnc#1012628).
- ALSA: usb-audio: Fix a stack buffer overflow bug in
check_input_term (bnc#1012628).
- ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
(bnc#1012628).
- ALSA: hda - Apply workaround for another AMD chip 1022:1487
(bnc#1012628).
- ALSA: hda - Fix a memory leak bug (bnc#1012628).
- ALSA: hda - Add a generic reboot_notify (bnc#1012628).
- ALSA: hda - Let all conexant codec enter D3 when rebooting
(bnc#1012628).
- HID: holtek: test for sanity of intfdata (bnc#1012628).
- HID: hiddev: avoid opening a disconnected device (bnc#1012628).
- HID: hiddev: do cleanup in failure of opening a device
(bnc#1012628).
- Input: kbtab - sanity check for endpoint type (bnc#1012628).
- Input: iforce - add sanity checks (bnc#1012628).
- net: usb: pegasus: fix improper read if get_registers() fail
(bnc#1012628).
- bpf: fix access to skb_shared_info->gso_segs (bnc#1012628).
- netfilter: ebtables: also count base chain policies
(bnc#1012628).
- riscv: Correct the initialized flow of FP register
(bnc#1012628).
- riscv: Make __fstate_clean() work correctly (bnc#1012628).
- Revert "i2c: imx: improve the error handling in
i2c_imx_dma_request()" (bnc#1012628).
- blk-mq: move cancel of requeue_work to the front of
blk_exit_queue (bnc#1012628).
- io_uring: fix manual setup of iov_iter for fixed buffers
(bnc#1012628).
- RDMA/hns: Fix sg offset non-zero issue (bnc#1012628).
- IB/mlx5: Replace kfree with kvfree (bnc#1012628).
- clk: at91: generated: Truncate divisor to GENERATED_MAX_DIV +
1 (bnc#1012628).
- clk: sprd: Select REGMAP_MMIO to avoid compile errors
(bnc#1012628).
- clk: renesas: cpg-mssr: Fix reset control race condition
(bnc#1012628).
- dma-mapping: check pfn validity in dma_common_{mmap,get_sgtable}
(bnc#1012628).
- platform/x86: pcengines-apuv2: Fix softdep statement
(bnc#1012628).
- platform/x86: intel_pmc_core: Add ICL-NNPI support to PMC Core
(bnc#1012628).
- mm/hmm: always return EBUSY for invalid ranges in
hmm_range_{fault,snapshot} (bnc#1012628).
- xen/pciback: remove set but not used variable 'old_state'
(bnc#1012628).
- irqchip/gic-v3-its: Free unused vpt_page when alloc vpe table
fail (bnc#1012628).
- irqchip/irq-imx-gpcv2: Forward irq type to parent (bnc#1012628).
- f2fs: fix to read source block before invalidating it
(bnc#1012628).
- tools perf beauty: Fix usbdevfs_ioctl table generator to handle
_IOC() (bnc#1012628).
- perf header: Fix divide by zero error if f_header.attr_size==0
(bnc#1012628).
- perf header: Fix use of unitialized value warning (bnc#1012628).
- RDMA/qedr: Fix the hca_type and hca_rev returned in device
attributes (bnc#1012628).
- ALSA: pcm: fix lost wakeup event scenarios in snd_pcm_drain
(bnc#1012628).
- libata: zpodd: Fix small read overflow in zpodd_get_mech_type()
(bnc#1012628).
- powerpc/nvdimm: Pick nearby online node if the device node is
not online (bnc#1012628).
- drm/bridge: lvds-encoder: Fix build error while
CONFIG_DRM_KMS_HELPER=m (bnc#1012628).
- drm/bridge: tc358764: Fix build error (bnc#1012628).
- Btrfs: fix deadlock between fiemap and transaction commits
(bnc#1012628).
- scsi: hpsa: correct scsi command status issue after reset
(bnc#1012628).
- scsi: qla2xxx: Fix possible fcport null-pointer dereferences
(bnc#1012628).
- tracing: Fix header include guards in trace event headers
(bnc#1012628).
- drm/amdkfd: Fix byte align on VegaM (bnc#1012628).
- drm/amd/powerplay: fix null pointer dereference around dpm
state relates (bnc#1012628).
- drm/amdgpu: fix error handling in amdgpu_cs_process_fence_dep
(bnc#1012628).
- drm/amdgpu: fix a potential information leaking bug
(bnc#1012628).
- ata: libahci: do not complain in case of deferred probe
(bnc#1012628).
- kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external
modules (bnc#1012628).
- kbuild: Check for unknown options with cc-option usage in
Kconfig and clang (bnc#1012628).
- arm64/efi: fix variable 'si' set but not used (bnc#1012628).
- riscv: Fix perf record without libelf support (bnc#1012628).
- arm64: Lower priority mask for GIC_PRIO_IRQON (bnc#1012628).
- arm64: unwind: Prohibit probing on return_address()
(bnc#1012628).
- arm64/mm: fix variable 'pud' set but not used (bnc#1012628).
- arm64/mm: fix variable 'tag' set but not used (bnc#1012628).
- IB/core: Add mitigation for Spectre V1 (bnc#1012628).
- IB/mlx5: Fix MR registration flow to use UMR properly
(bnc#1012628).
- RDMA/restrack: Track driver QP types in resource tracker
(bnc#1012628).
- IB/mad: Fix use-after-free in ib mad completion handling
(bnc#1012628).
- RDMA/mlx5: Release locks during notifier unregister
(bnc#1012628).
- drm: msm: Fix add_gpu_components (bnc#1012628).
- RDMA/hns: Fix error return code in hns_roce_v1_rsv_lp_qp()
(bnc#1012628).
- drm/exynos: fix missing decrement of retry counter
(bnc#1012628).
- arm64: kprobes: Recover pstate.D in single-step exception
handler (bnc#1012628).
- arm64: Make debug exception handlers visible from RCU
(bnc#1012628).
- Revert "kmemleak: allow to coexist with fault injection"
(bnc#1012628).
- ocfs2: remove set but not used variable 'last_hash'
(bnc#1012628).
- page flags: prioritize kasan bits over last-cpuid (bnc#1012628).
- asm-generic: fix -Wtype-limits compiler warnings (bnc#1012628).
- arm64: KVM: regmap: Fix unexpected switch fall-through
(bnc#1012628).
- staging: comedi: dt3000: Fix signed integer overflow 'divider *
base' (bnc#1012628).
- staging: comedi: dt3000: Fix rounding up of timer divisor
(bnc#1012628).
- iio: adc: max9611: Fix temperature reading in probe
(bnc#1012628).
- USB: core: Fix races in character device registration and
deregistraion (bnc#1012628).
- usb: gadget: udc: renesas_usb3: Fix sysfs interface of "role"
(bnc#1012628).
- usb: cdc-acm: make sure a refcount is taken early enough
(bnc#1012628).
- USB: CDC: fix sanity checks in CDC union parser (bnc#1012628).
- USB: serial: option: add D-Link DWM-222 device ID (bnc#1012628).
- USB: serial: option: Add support for ZTE MF871A (bnc#1012628).
- USB: serial: option: add the BroadMobi BM818 card (bnc#1012628).
- USB: serial: option: Add Motorola modem UARTs (bnc#1012628).
- usb: setup authorized_default attributes using usb_bus_notify
(bnc#1012628).
- netfilter: conntrack: Use consistent ct id hash calculation
(bnc#1012628).
- Input: psmouse - fix build error of multiple definition
(bnc#1012628).
- bnx2x: Fix VF's VLAN reconfiguration in reload (bnc#1012628).
- bonding: Add vlan tx offload to hw_enc_features (bnc#1012628).
- net: dsa: Check existence of .port_mdb_add callback before
calling it (bnc#1012628).
- net/mlx4_en: fix a memory leak bug (bnc#1012628).
- net/packet: fix race in tpacket_snd() (bnc#1012628).
- net: sched: sch_taprio: fix memleak in error path for sched
list parse (bnc#1012628).
- sctp: fix memleak in sctp_send_reset_streams (bnc#1012628).
- sctp: fix the transport error_count check (bnc#1012628).
- team: Add vlan tx offload to hw_enc_features (bnc#1012628).
- tipc: initialise addr_trail_end when setting node addresses
(bnc#1012628).
- xen/netback: Reset nr_frags before freeing skb (bnc#1012628).
- net/mlx5e: Only support tx/rx pause setting for port owner
(bnc#1012628).
- bnxt_en: Fix VNIC clearing logic for 57500 chips (bnc#1012628).
- bnxt_en: Improve RX doorbell sequence (bnc#1012628).
- bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
(bnc#1012628).
- bnxt_en: Suppress HWRM errors for HWRM_NVM_GET_VARIABLE command
(bnc#1012628).
- bnxt_en: Use correct src_fid to determine direction of the flow
(bnc#1012628).
- bnxt_en: Fix to include flow direction in L2 key (bnc#1012628).
- net sched: update skbedit action for batched events operations
(bnc#1012628).
- tc-testing: updated skbedit action tests with batch
create/delete (bnc#1012628).
- netdevsim: Restore per-network namespace accounting for fib
entries (bnc#1012628).
- net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg
off (bnc#1012628).
- net/mlx5e: Fix false negative indication on tx reporter CQE
recovery (bnc#1012628).
- net/mlx5e: Remove redundant check in CQE recovery flow of tx
reporter (bnc#1012628).
- net/mlx5e: Use flow keys dissector to parse packets for ARFS
(bnc#1012628).
- net/tls: prevent skb_orphan() from leaking TLS plain text with
offload (bnc#1012628).
- net: phy: consider AN_RESTART status when reading link status
(bnc#1012628).
- netlink: Fix nlmsg_parse as a wrapper for strict message parsing
(bnc#1012628).
- Refresh patches.suse/supported-flag.
- commit 5878ee6
- iwlwifi: Add support for SAR South Korea limitation
(bsc#1142128).
- commit 0100738
==== libgpg-error ====
- Add patch to fix buidling with gawk 5.0 and newer:
* gawk5.patch
==== libnftnl ====
Version update (1.1.3 -> 1.1.4)
- Update to new upstream release 1.1.4
* Add ct id support, add ct expectation support,
add synproxy support.
==== metallb ====
Version update (0.8.0 -> 0.8.1)
- Update to version 0.8.1
- Fix the apiGroup for PodSecurityPolicy, for compatibility with
Kubernetes 1.16. (#458).
- Fix speaker posting events with an empty string as the announcing
node name. (#456).
- Fix RBAC permissions on speaker, to allow it to post events to
all namespaces. (#455).
==== mokutil ====
Version update (0.3.0 -> 0.4.0)
- Update to 0.4.0
+ Rename export_moks as export_db_keys
+ Add support for exporting other keys
+ add new --mok argument
+ set list-enrolled command as default for some arguments
+ Add more info to --sb-state: show when we're in SetupMode or
with shim validation disabled
+ Correct help: --set-timeout is really --timeout
+ generate_hash() / generate_pw_hash(): don't use strlen() for
strncpy bounds
+ Add the type casting to silence the warning
+ Add a way for mokutil to configure a timeout for MokManager's
prompt
+ list_keys_in_var(): check errno correctly, not ret twice
+ Fix typo in error message when the system lacks Secure Boot
support
+ Add bash completion file
+ mokutil: be explicit about file modes in all cases
+ Make all efi_guid_t const
+ Don't allow sha1 on the mokutil command line
+ Build with -fshort-wchar so toggle passwords work right
+ Fix the 32bit signedness comparison
+ Fix the potential buffer overflow
- Add mokutil-remove-shebang-from-bash-completion-file.patch to
remove shebang from bash-completion/mokutil
- Drop upstreamed patches
+ mokutil-constify-efi-guid.patch
+ mokutil-fix-overflow.patch
+ mokutil-fshort-wchar.patch
+ mokutil-set-efi-variable-file-mode.patch
- Refresh mokutil-support-revoke-builtin-cert.patch
- Install bash-completion/mokutil
- Add modhash to calculate the hash of kernel module (SLE-5661)
+ Also add openssl to Requires since the script needs it
==== nghttp2 ====
Version update (1.39.1 -> 1.39.2)
- Require correct library from devel package - boo#1125689
- Update to version 1.39.2 (bsc#1146184, bsc#1146182):
* This release fixes CVE-2019-9511 ?Data Dribble? and CVE-2019-9513
?Resource Loop? vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2
frames cause Denial of Service by consuming CPU time. Check out
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-…
for details. For nghttpx, additionally limiting inbound traffic by
- -read-rate and --read-burst options is quite effective against
this kind of attack.
* Add nghttp2_option_set_max_outbound_ack API function
* nghttpx: Fix request stall
==== openpgm ====
- Add libpgm-5.2.122-configure-rdtsc-checking-chg.patch
same as https://github.com/steve-o/openpgm/pull/63
==== openssh ====
- don't install SuSEfirewall2 service on Factory, since SuSEfirewall2
has been replaced by firewalld, see [1].
[1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
==== pam-config ====
Version update (1.1 -> 1.2)
- Update to version 1.2:
- use /usr/etc as second fallback directory
==== patterns-containers ====
Subpackages: patterns-containers-container_runtime patterns-containers-container_runtime_kubernetes patterns-containers-kubeadm patterns-containers-kubernetes_utilities patterns-containers-kubic_admin patterns-containers-kubic_loadbalancer patterns-containers-kubic_worker
- Add hello-kubic-k8s-yaml to kubeadm pattern
==== python-packaging ====
Version update (19.0 -> 19.1)
- Remove dependency on attrs
Add: 0005-Drop-dependency-on-attrs.patch
this fixes bsc#1144506
- Fix a bit the multibuild conversion
- Remove the attrs from the deps as they are no longer needed
- Enable tests via _multibuild
Add patches from https://github.com/pypa/packaging/pull/176:
* 0001-Fix-test-failures-test_linux_platforms_manylinux-for.patch
* 0002-Fix-check-for-64-bit-OS.patch
* 0003-Add-additional-test-to-get-100-branch-coverage.patch
* 0004-Fix-test_macos_version_detection-failure-on-32-bit-L.patch
(these fix the tests on non-x86 platforms and can be dropped on the next
release)
- Add Requires:python-attrs as this is a new dependency
this fixes bsc#1144506
- update to 19.1:
* Add the ``packaging.tags`` module.
* Correctly handle two-digit versions in ``python_version``
==== python-pyOpenSSL ====
- Add fix-compilation-2020.patch to fix tests after 2020
==== python-pyzmq ====
Version update (18.0.2 -> 18.1.0)
- update to version 18.1.0:
* Compatibility with Python 3.8 release candidate by regenerating
Cython courses with Cython 0.29.13
* bump bundled libzmq to 4.3.2
* handle cancelled futures in asyncio
* make :meth:`zmq.Context.instance` fork-safe
* fix errors in :meth:`zmq.Context.destroy` when opening and closing
many sockets
==== python-setuptools ====
Version update (41.0.1 -> 41.2.0)
- Switch to multibuild to enable testsuite
- Update to 41.2.0:
* #479: Remove some usage of the deprecated imp module.
* #1565: Changed html_sidebars from string to list of string as per https://www.sphinx-doc.org/en/master/changes.html#id58
* #1697: Moved most of the constants from setup.py to setup.cfg
* #1756: Forse metadata-version >= 1.2. when project urls are present.
==== read-only-root-fs ====
Version update (1.0+git20190206.586e9f1 -> 1.0+git20190607.11f8587)
- Update to version 1.0+git20190607.11f8587:
* Determine /@ programmatically
- Update to version 1.0+git20190606.e1f756c:
* Mount writable /boot subvolume in GRUB environment
- Create /boot/writable subvolume to provide a place to store the
GRUB environment block or Ignition's firstboot flag on a ro root
device
==== rook ====
Version update (1.0.0+git1862.ge9abbf48 -> 1.0.0+git1899.g69255322)
- Make rook-k8s-yaml require the matching ceph version
- Update rook to commit 692553221d8b18fec8aa3ccdc5872e51f05ca372:
+ uncomment ROOK_CSI_CEPH_IMAGE var
- Trim redundant wording from description.
==== rpm-config-SUSE ====
Version update (0.g27 -> 0.g32)
- Update to version 0.g32:
* find-provides.ksyms, find-requires.ksyms: cleanup kernel version handling (bsc#1145601).
* find-requires.ksyms: fix matching of uninstalled files (bsc#1145601).
- Update to version 0.g29:
* find-requires.ksyms: Move modinfo and modprobe before the ksym dependency code.
==== sudo ====
- Correct typo in sudoers patch
==== suse-module-tools ====
Version update (15.2.4 -> 15.2.5)
- Update to version 15.2.5:
* remove 'modhash' - moved to mokutil package (jsc#SLE-6094)
==== util-linux ====
Version update (2.33.2 -> 2.34)
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- Issue a warning for outdated pam files
(bsc#1082293, boo#1081947#c68).
- Fix comments and unify look of PAM files (login.pamd,
remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd).
- Update to version 2.34:
* new command hardlink
* rewrite of lsblk, now supports --dedup
* support for FUSE in umount
* support for "--all -o remount" in mount
* su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH
over ENV_ROOTPATH (bsc#1121197), improved --pty
* unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd
* fstrim: do not suppress warnings unless --quiet is used
* lscpu: print 'Frequency boost' and 'Vulnerability' fields, add
- -caches
* logger: merge multiple MESSAGE= lines
* libblkid: do not depend on libuuid, supports DRBD9 detection
* libsmartcols: support N:M relationships in tree-like output
* fstrim and uuidd systemd services: hardening settings to
improve security and service isolation
* fstrim: trim root filesystem on --fstab, check for read-only
filesystems on --all and --fstab (boo#1106214).
* fstrim -A: properly de-duplicate sub-volumes (boo#1127701).
* Obsoletes util-linux-login_defs-priority1.patch,
util-linux-login_defs-priority2.patch and
util-linux-login_defs-SYS_UID.patch.
* Many Other fixes, see
https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes
- Provide and obsolete hardlink package.
- util-linux-login_defs-check.sh: Update checksum, login now
supports LASTLOG_UID_MAX.
- Fix /etc/default/su comments and create /etc/default/runuser
(bsc#1121197#31).
- Remove /etc/default/su migration from coreutils.
==== util-linux-systemd ====
Version update (2.33.2 -> 2.34)
- Issue a warning for outdated pam files
(bsc#1082293, boo#1081947#c68).
- Fix comments and unify look of PAM files (login.pamd,
remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd).
- Update to version 2.34:
* new command hardlink
* rewrite of lsblk, now supports --dedup
* support for FUSE in umount
* support for "--all -o remount" in mount
* su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH
over ENV_ROOTPATH (bsc#1121197), improved --pty
* unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd
* fstrim: do not suppress warnings unless --quiet is used
* lscpu: print 'Frequency boost' and 'Vulnerability' fields, add
- -caches
* logger: merge multiple MESSAGE= lines
* libblkid: do not depend on libuuid, supports DRBD9 detection
* libsmartcols: support N:M relationships in tree-like output
* fstrim and uuidd systemd services: hardening settings to
improve security and service isolation
* fstrim: trim root filesystem on --fstab, check for read-only
filesystems on --all and --fstab (boo#1106214).
* fstrim -A: properly de-duplicate sub-volumes (boo#1127701).
* Obsoletes util-linux-login_defs-priority1.patch,
util-linux-login_defs-priority2.patch and
util-linux-login_defs-SYS_UID.patch.
* Many Other fixes, see
https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes
- Provide and obsolete hardlink package.
- util-linux-login_defs-check.sh: Update checksum, login now
supports LASTLOG_UID_MAX.
- Fix /etc/default/su comments and create /etc/default/runuser
(bsc#1121197#31).
- Remove /etc/default/su migration from coreutils.
==== yomi-formula ====
Version update (0.0.1+git.1565191883.64eabeb -> 0.0.1+git.1565868437.c6afdff)
- Update to version 0.0.1+git.1565868437.c6afdff:
* devices.hwinfo: parse the hwinfo report
- Update to version 0.0.1+git.1565683297.a242917:
* pillar: make grub2_console persent in config
- Update to version 0.0.1+git.1565626987.fdda5d6:
* grub2_mkconfig: do not use gfxterm when in console mode
* docs: update links to Factory
* pillar: use better default pattern
- Update to version 0.0.1+git.1565607953.281fdae:
* bootloader: provides a default value to kernel
- Update to version 0.0.1+git.1565597137.7fbd398:
* devices.hwinfo provide a basic report module
* devices.wipe: remove GRUB signature
* bootloader: check for the second stage
* reboot: replace kexec config option with reboot
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bcache-tools (1.0.9 -> 1.0.8+suse5)
conmon
e2fsprogs (1.45.2 -> 1.45.3)
elfutils (0.176 -> 0.177)
gawk (4.2.1 -> 5.0.1)
gcc9 (9.1.1+r274111 -> 9.2.1+r274709)
installation-images-MicroOS (14.431 -> 14.432)
ipset (7.2 -> 7.3)
iputils
kernel-source (5.2.9 -> 5.2.10)
libgpg-error
libnftnl (1.1.3 -> 1.1.4)
mokutil (0.3.0 -> 0.4.0)
nghttp2 (1.39.1 -> 1.39.2)
openssh
pam-config (1.1 -> 1.2)
patterns-containers
python-packaging (19.0 -> 19.1)
python-pyOpenSSL
python-setuptools (41.0.1 -> 41.2.0)
read-only-root-fs (1.0+git20190206.586e9f1 -> 1.0+git20190607.11f8587)
rpm-config-SUSE (0.g27 -> 0.g32)
sudo
suse-module-tools (15.2.4 -> 15.2.5)
util-linux (2.33.2 -> 2.34)
util-linux-systemd (2.33.2 -> 2.34)
=== Details ===
==== bcache-tools ====
Version update (1.0.9 -> 1.0.8+suse5)
- Add a _service file for the tarball from outer space.
- Shift the version number to 1.0.8+suse5 because there has never
been a 1.0.9 release.
==== conmon ====
- Upstream has an actual description, use it instead of just
duplicating the summary again.
==== e2fsprogs ====
Version update (1.45.2 -> 1.45.3)
Subpackages: libcom_err2 libext2fs2
- Update to 1.45.3:
* Whether or not automatic online scrubbing will be called is now controlled
in /etc/e2scrub.conf.
* Fix e2fsck handling of filesystems with large_dir and inline directories
* Fix e2scrub_all for encrypted LUKS partitions
* Fix e2scrub_all volume cleanup
* Regression tests cleanups and improvements
* Fixed compiler warnings
* Translation fixes and updates
==== elfutils ====
Version update (0.176 -> 0.177)
Subpackages: libasm1 libdw1 libebl-plugins libelf1
- Update to version 0.177:
elfclassify: New tool to analyze ELF objects.
readelf: Print DW_AT_data_member_location as decimal offset.
Decode DW_AT_discr_list block attributes.
libdw: Add DW_AT_GNU_numerator, DW_AT_GNU_denominator and DW_AT_GNU_bias.
libdwelf: Add dwelf_elf_e_machine_string.
dwelf_elf_begin now only returns NULL when there is an error
reading or decompressing a file. If the file is not an ELF file
an ELF handle of type ELF_K_NONE is returned.
backends: Add support for C-SKY.
- remove fix-bsc-1110929.diff and gcc9-tests-Don-t-printf-a-known-NULL-symname.patch
- Use %make_build
==== gawk ====
Version update (4.2.1 -> 5.0.1)
- GNU awk 5.0.1:
* Sandbox mode now disallows assigning new filename values in
ARGV that were not there when gawk was invoked
* The new argument "no-ext" to --lint disables "XXX is a gawk
extension" lint warnings
- possibly incompatible changes in 5.0.0:
* Add support for the POSIX standard %a and %A printf formats
* Replace regex routines with those from GNULIB
* PROCINFO["platform"] yields a string indicating the platform for
which gawk was compiled.
* Writing to elements of SYMTAB that are not variable names now
causes a fatal error
* New comment handling in the pretty-printer
* Namespaces have been implemented. Files included with -i, read
with -f, and command line program segments must all be self-
contained syntactic units.
* now uses the locale settings for ignoring case in single byte
locales, instead of hardwiring in Latin-1
==== gcc9 ====
Version update (9.1.1+r274111 -> 9.2.1+r274709)
Subpackages: libgcc_s1 libstdc++6
- Update gcc9-add-flto=auto.patch by adding backport
of upstream revision r274849.
- Update to gcc-9-branch head (r274709).
- Add gcc9-pr91307.patch to make symbols for aggregated global
constructor names stable when using LTO.
- Update to gcc-9-branch head (r274311).
* Includes GCC 9.2 release. [jsc#SLE-6536, jsc#SLE-6533]
- Update nvptx-newlib.tar.xz to official newlib-3.1.0.tar.xz
since nvptx support is now upstream.
- Add gcc9-add-flto=auto.patch in order to support -flto=auto.
==== installation-images-MicroOS ====
Version update (14.431 -> 14.432)
- merge gh#openSUSE/installation-images#327
- add all gpio modules (bsc#1145777)
- 14.432
==== ipset ====
Version update (7.2 -> 7.3)
Subpackages: libipset13
- Update to new upstream release 7.3
* Fix rename concurrency with listing, which can result broken
list/save results.
* ipset: Copy the right MAC address in bitmap:ip,mac and
hash:ip,mac sets.
* ipset: Actually allow destination MAC address for hash:ip,mac
sets too.
==== iputils ====
- Fix arping -D problem (bsc#1146440)
* added arping-revert-partially-fix-sent-vs-received-package.patch
(upstream commit 18f14be)
==== kernel-source ====
Version update (5.2.9 -> 5.2.10)
Subpackages: kernel-debug kernel-default
- Linux 5.2.10 (bnc#1012628).
- KEYS: trusted: allow module init if TPM is inactive or
deactivated (bnc#1012628).
- sh: kernel: hw_breakpoint: Fix missing break in switch statement
(bnc#1012628).
- seq_file: fix problem when seeking mid-record (bnc#1012628).
- mm/hmm: fix bad subpage pointer in try_to_unmap_one
(bnc#1012628).
- mm: mempolicy: make the behavior consistent when MPOL_MF_MOVE*
and MPOL_MF_STRICT were specified (bnc#1012628).
- mm: mempolicy: handle vma with unmovable pages mapped correctly
in mbind (bnc#1012628).
- mm/z3fold.c: fix z3fold_destroy_pool() ordering (bnc#1012628).
- mm/z3fold.c: fix z3fold_destroy_pool() race condition
(bnc#1012628).
- mm/memcontrol.c: fix use after free in mem_cgroup_iter()
(bnc#1012628).
- mm/usercopy: use memory range to be accessed for wraparound
check (bnc#1012628).
- mm, vmscan: do not special-case slab reclaim when watermarks
are boosted (bnc#1012628).
- cpufreq: schedutil: Don't skip freq update when limits change
(bnc#1012628).
- drm/amdgpu: fix gfx9 soft recovery (bnc#1012628).
- drm/nouveau: Only recalculate PBN/VCPI on mode/connector changes
(bnc#1012628).
- xtensa: add missing isync to the cpu_reset TLB code
(bnc#1012628).
- arm64: ftrace: Ensure module ftrace trampoline is coherent
with I-side (bnc#1012628).
- ALSA: hda/realtek - Add quirk for HP Envy x360 (bnc#1012628).
- ALSA: usb-audio: Fix a stack buffer overflow bug in
check_input_term (bnc#1012628).
- ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
(bnc#1012628).
- ALSA: hda - Apply workaround for another AMD chip 1022:1487
(bnc#1012628).
- ALSA: hda - Fix a memory leak bug (bnc#1012628).
- ALSA: hda - Add a generic reboot_notify (bnc#1012628).
- ALSA: hda - Let all conexant codec enter D3 when rebooting
(bnc#1012628).
- HID: holtek: test for sanity of intfdata (bnc#1012628).
- HID: hiddev: avoid opening a disconnected device (bnc#1012628).
- HID: hiddev: do cleanup in failure of opening a device
(bnc#1012628).
- Input: kbtab - sanity check for endpoint type (bnc#1012628).
- Input: iforce - add sanity checks (bnc#1012628).
- net: usb: pegasus: fix improper read if get_registers() fail
(bnc#1012628).
- bpf: fix access to skb_shared_info->gso_segs (bnc#1012628).
- netfilter: ebtables: also count base chain policies
(bnc#1012628).
- riscv: Correct the initialized flow of FP register
(bnc#1012628).
- riscv: Make __fstate_clean() work correctly (bnc#1012628).
- Revert "i2c: imx: improve the error handling in
i2c_imx_dma_request()" (bnc#1012628).
- blk-mq: move cancel of requeue_work to the front of
blk_exit_queue (bnc#1012628).
- io_uring: fix manual setup of iov_iter for fixed buffers
(bnc#1012628).
- RDMA/hns: Fix sg offset non-zero issue (bnc#1012628).
- IB/mlx5: Replace kfree with kvfree (bnc#1012628).
- clk: at91: generated: Truncate divisor to GENERATED_MAX_DIV +
1 (bnc#1012628).
- clk: sprd: Select REGMAP_MMIO to avoid compile errors
(bnc#1012628).
- clk: renesas: cpg-mssr: Fix reset control race condition
(bnc#1012628).
- dma-mapping: check pfn validity in dma_common_{mmap,get_sgtable}
(bnc#1012628).
- platform/x86: pcengines-apuv2: Fix softdep statement
(bnc#1012628).
- platform/x86: intel_pmc_core: Add ICL-NNPI support to PMC Core
(bnc#1012628).
- mm/hmm: always return EBUSY for invalid ranges in
hmm_range_{fault,snapshot} (bnc#1012628).
- xen/pciback: remove set but not used variable 'old_state'
(bnc#1012628).
- irqchip/gic-v3-its: Free unused vpt_page when alloc vpe table
fail (bnc#1012628).
- irqchip/irq-imx-gpcv2: Forward irq type to parent (bnc#1012628).
- f2fs: fix to read source block before invalidating it
(bnc#1012628).
- tools perf beauty: Fix usbdevfs_ioctl table generator to handle
_IOC() (bnc#1012628).
- perf header: Fix divide by zero error if f_header.attr_size==0
(bnc#1012628).
- perf header: Fix use of unitialized value warning (bnc#1012628).
- RDMA/qedr: Fix the hca_type and hca_rev returned in device
attributes (bnc#1012628).
- ALSA: pcm: fix lost wakeup event scenarios in snd_pcm_drain
(bnc#1012628).
- libata: zpodd: Fix small read overflow in zpodd_get_mech_type()
(bnc#1012628).
- powerpc/nvdimm: Pick nearby online node if the device node is
not online (bnc#1012628).
- drm/bridge: lvds-encoder: Fix build error while
CONFIG_DRM_KMS_HELPER=m (bnc#1012628).
- drm/bridge: tc358764: Fix build error (bnc#1012628).
- Btrfs: fix deadlock between fiemap and transaction commits
(bnc#1012628).
- scsi: hpsa: correct scsi command status issue after reset
(bnc#1012628).
- scsi: qla2xxx: Fix possible fcport null-pointer dereferences
(bnc#1012628).
- tracing: Fix header include guards in trace event headers
(bnc#1012628).
- drm/amdkfd: Fix byte align on VegaM (bnc#1012628).
- drm/amd/powerplay: fix null pointer dereference around dpm
state relates (bnc#1012628).
- drm/amdgpu: fix error handling in amdgpu_cs_process_fence_dep
(bnc#1012628).
- drm/amdgpu: fix a potential information leaking bug
(bnc#1012628).
- ata: libahci: do not complain in case of deferred probe
(bnc#1012628).
- kbuild: modpost: handle KBUILD_EXTRA_SYMBOLS only for external
modules (bnc#1012628).
- kbuild: Check for unknown options with cc-option usage in
Kconfig and clang (bnc#1012628).
- arm64/efi: fix variable 'si' set but not used (bnc#1012628).
- riscv: Fix perf record without libelf support (bnc#1012628).
- arm64: Lower priority mask for GIC_PRIO_IRQON (bnc#1012628).
- arm64: unwind: Prohibit probing on return_address()
(bnc#1012628).
- arm64/mm: fix variable 'pud' set but not used (bnc#1012628).
- arm64/mm: fix variable 'tag' set but not used (bnc#1012628).
- IB/core: Add mitigation for Spectre V1 (bnc#1012628).
- IB/mlx5: Fix MR registration flow to use UMR properly
(bnc#1012628).
- RDMA/restrack: Track driver QP types in resource tracker
(bnc#1012628).
- IB/mad: Fix use-after-free in ib mad completion handling
(bnc#1012628).
- RDMA/mlx5: Release locks during notifier unregister
(bnc#1012628).
- drm: msm: Fix add_gpu_components (bnc#1012628).
- RDMA/hns: Fix error return code in hns_roce_v1_rsv_lp_qp()
(bnc#1012628).
- drm/exynos: fix missing decrement of retry counter
(bnc#1012628).
- arm64: kprobes: Recover pstate.D in single-step exception
handler (bnc#1012628).
- arm64: Make debug exception handlers visible from RCU
(bnc#1012628).
- Revert "kmemleak: allow to coexist with fault injection"
(bnc#1012628).
- ocfs2: remove set but not used variable 'last_hash'
(bnc#1012628).
- page flags: prioritize kasan bits over last-cpuid (bnc#1012628).
- asm-generic: fix -Wtype-limits compiler warnings (bnc#1012628).
- arm64: KVM: regmap: Fix unexpected switch fall-through
(bnc#1012628).
- staging: comedi: dt3000: Fix signed integer overflow 'divider *
base' (bnc#1012628).
- staging: comedi: dt3000: Fix rounding up of timer divisor
(bnc#1012628).
- iio: adc: max9611: Fix temperature reading in probe
(bnc#1012628).
- USB: core: Fix races in character device registration and
deregistraion (bnc#1012628).
- usb: gadget: udc: renesas_usb3: Fix sysfs interface of "role"
(bnc#1012628).
- usb: cdc-acm: make sure a refcount is taken early enough
(bnc#1012628).
- USB: CDC: fix sanity checks in CDC union parser (bnc#1012628).
- USB: serial: option: add D-Link DWM-222 device ID (bnc#1012628).
- USB: serial: option: Add support for ZTE MF871A (bnc#1012628).
- USB: serial: option: add the BroadMobi BM818 card (bnc#1012628).
- USB: serial: option: Add Motorola modem UARTs (bnc#1012628).
- usb: setup authorized_default attributes using usb_bus_notify
(bnc#1012628).
- netfilter: conntrack: Use consistent ct id hash calculation
(bnc#1012628).
- Input: psmouse - fix build error of multiple definition
(bnc#1012628).
- bnx2x: Fix VF's VLAN reconfiguration in reload (bnc#1012628).
- bonding: Add vlan tx offload to hw_enc_features (bnc#1012628).
- net: dsa: Check existence of .port_mdb_add callback before
calling it (bnc#1012628).
- net/mlx4_en: fix a memory leak bug (bnc#1012628).
- net/packet: fix race in tpacket_snd() (bnc#1012628).
- net: sched: sch_taprio: fix memleak in error path for sched
list parse (bnc#1012628).
- sctp: fix memleak in sctp_send_reset_streams (bnc#1012628).
- sctp: fix the transport error_count check (bnc#1012628).
- team: Add vlan tx offload to hw_enc_features (bnc#1012628).
- tipc: initialise addr_trail_end when setting node addresses
(bnc#1012628).
- xen/netback: Reset nr_frags before freeing skb (bnc#1012628).
- net/mlx5e: Only support tx/rx pause setting for port owner
(bnc#1012628).
- bnxt_en: Fix VNIC clearing logic for 57500 chips (bnc#1012628).
- bnxt_en: Improve RX doorbell sequence (bnc#1012628).
- bnxt_en: Fix handling FRAG_ERR when NVM_INSTALL_UPDATE cmd fails
(bnc#1012628).
- bnxt_en: Suppress HWRM errors for HWRM_NVM_GET_VARIABLE command
(bnc#1012628).
- bnxt_en: Use correct src_fid to determine direction of the flow
(bnc#1012628).
- bnxt_en: Fix to include flow direction in L2 key (bnc#1012628).
- net sched: update skbedit action for batched events operations
(bnc#1012628).
- tc-testing: updated skbedit action tests with batch
create/delete (bnc#1012628).
- netdevsim: Restore per-network namespace accounting for fib
entries (bnc#1012628).
- net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg
off (bnc#1012628).
- net/mlx5e: Fix false negative indication on tx reporter CQE
recovery (bnc#1012628).
- net/mlx5e: Remove redundant check in CQE recovery flow of tx
reporter (bnc#1012628).
- net/mlx5e: Use flow keys dissector to parse packets for ARFS
(bnc#1012628).
- net/tls: prevent skb_orphan() from leaking TLS plain text with
offload (bnc#1012628).
- net: phy: consider AN_RESTART status when reading link status
(bnc#1012628).
- netlink: Fix nlmsg_parse as a wrapper for strict message parsing
(bnc#1012628).
- Refresh patches.suse/supported-flag.
- commit 5878ee6
- iwlwifi: Add support for SAR South Korea limitation
(bsc#1142128).
- commit 0100738
==== libgpg-error ====
- Add patch to fix buidling with gawk 5.0 and newer:
* gawk5.patch
==== libnftnl ====
Version update (1.1.3 -> 1.1.4)
- Update to new upstream release 1.1.4
* Add ct id support, add ct expectation support,
add synproxy support.
==== mokutil ====
Version update (0.3.0 -> 0.4.0)
- Update to 0.4.0
+ Rename export_moks as export_db_keys
+ Add support for exporting other keys
+ add new --mok argument
+ set list-enrolled command as default for some arguments
+ Add more info to --sb-state: show when we're in SetupMode or
with shim validation disabled
+ Correct help: --set-timeout is really --timeout
+ generate_hash() / generate_pw_hash(): don't use strlen() for
strncpy bounds
+ Add the type casting to silence the warning
+ Add a way for mokutil to configure a timeout for MokManager's
prompt
+ list_keys_in_var(): check errno correctly, not ret twice
+ Fix typo in error message when the system lacks Secure Boot
support
+ Add bash completion file
+ mokutil: be explicit about file modes in all cases
+ Make all efi_guid_t const
+ Don't allow sha1 on the mokutil command line
+ Build with -fshort-wchar so toggle passwords work right
+ Fix the 32bit signedness comparison
+ Fix the potential buffer overflow
- Add mokutil-remove-shebang-from-bash-completion-file.patch to
remove shebang from bash-completion/mokutil
- Drop upstreamed patches
+ mokutil-constify-efi-guid.patch
+ mokutil-fix-overflow.patch
+ mokutil-fshort-wchar.patch
+ mokutil-set-efi-variable-file-mode.patch
- Refresh mokutil-support-revoke-builtin-cert.patch
- Install bash-completion/mokutil
- Add modhash to calculate the hash of kernel module (SLE-5661)
+ Also add openssl to Requires since the script needs it
==== nghttp2 ====
Version update (1.39.1 -> 1.39.2)
- Require correct library from devel package - boo#1125689
- Update to version 1.39.2 (bsc#1146184, bsc#1146182):
* This release fixes CVE-2019-9511 ?Data Dribble? and CVE-2019-9513
?Resource Loop? vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2
frames cause Denial of Service by consuming CPU time. Check out
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-…
for details. For nghttpx, additionally limiting inbound traffic by
- -read-rate and --read-burst options is quite effective against
this kind of attack.
* Add nghttp2_option_set_max_outbound_ack API function
* nghttpx: Fix request stall
==== openssh ====
- don't install SuSEfirewall2 service on Factory, since SuSEfirewall2
has been replaced by firewalld, see [1].
[1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
==== pam-config ====
Version update (1.1 -> 1.2)
- Update to version 1.2:
- use /usr/etc as second fallback directory
==== patterns-containers ====
- Add hello-kubic-k8s-yaml to kubeadm pattern
==== python-packaging ====
Version update (19.0 -> 19.1)
- Remove dependency on attrs
Add: 0005-Drop-dependency-on-attrs.patch
this fixes bsc#1144506
- Fix a bit the multibuild conversion
- Remove the attrs from the deps as they are no longer needed
- Enable tests via _multibuild
Add patches from https://github.com/pypa/packaging/pull/176:
* 0001-Fix-test-failures-test_linux_platforms_manylinux-for.patch
* 0002-Fix-check-for-64-bit-OS.patch
* 0003-Add-additional-test-to-get-100-branch-coverage.patch
* 0004-Fix-test_macos_version_detection-failure-on-32-bit-L.patch
(these fix the tests on non-x86 platforms and can be dropped on the next
release)
- Add Requires:python-attrs as this is a new dependency
this fixes bsc#1144506
- update to 19.1:
* Add the ``packaging.tags`` module.
* Correctly handle two-digit versions in ``python_version``
==== python-pyOpenSSL ====
- Add fix-compilation-2020.patch to fix tests after 2020
==== python-setuptools ====
Version update (41.0.1 -> 41.2.0)
- Switch to multibuild to enable testsuite
- Update to 41.2.0:
* #479: Remove some usage of the deprecated imp module.
* #1565: Changed html_sidebars from string to list of string as per https://www.sphinx-doc.org/en/master/changes.html#id58
* #1697: Moved most of the constants from setup.py to setup.cfg
* #1756: Forse metadata-version >= 1.2. when project urls are present.
==== read-only-root-fs ====
Version update (1.0+git20190206.586e9f1 -> 1.0+git20190607.11f8587)
- Update to version 1.0+git20190607.11f8587:
* Determine /@ programmatically
- Update to version 1.0+git20190606.e1f756c:
* Mount writable /boot subvolume in GRUB environment
- Create /boot/writable subvolume to provide a place to store the
GRUB environment block or Ignition's firstboot flag on a ro root
device
==== rpm-config-SUSE ====
Version update (0.g27 -> 0.g32)
- Update to version 0.g32:
* find-provides.ksyms, find-requires.ksyms: cleanup kernel version handling (bsc#1145601).
* find-requires.ksyms: fix matching of uninstalled files (bsc#1145601).
- Update to version 0.g29:
* find-requires.ksyms: Move modinfo and modprobe before the ksym dependency code.
==== sudo ====
- Correct typo in sudoers patch
==== suse-module-tools ====
Version update (15.2.4 -> 15.2.5)
- Update to version 15.2.5:
* remove 'modhash' - moved to mokutil package (jsc#SLE-6094)
==== util-linux ====
Version update (2.33.2 -> 2.34)
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- Issue a warning for outdated pam files
(bsc#1082293, boo#1081947#c68).
- Fix comments and unify look of PAM files (login.pamd,
remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd).
- Update to version 2.34:
* new command hardlink
* rewrite of lsblk, now supports --dedup
* support for FUSE in umount
* support for "--all -o remount" in mount
* su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH
over ENV_ROOTPATH (bsc#1121197), improved --pty
* unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd
* fstrim: do not suppress warnings unless --quiet is used
* lscpu: print 'Frequency boost' and 'Vulnerability' fields, add
- -caches
* logger: merge multiple MESSAGE= lines
* libblkid: do not depend on libuuid, supports DRBD9 detection
* libsmartcols: support N:M relationships in tree-like output
* fstrim and uuidd systemd services: hardening settings to
improve security and service isolation
* fstrim: trim root filesystem on --fstab, check for read-only
filesystems on --all and --fstab (boo#1106214).
* fstrim -A: properly de-duplicate sub-volumes (boo#1127701).
* Obsoletes util-linux-login_defs-priority1.patch,
util-linux-login_defs-priority2.patch and
util-linux-login_defs-SYS_UID.patch.
* Many Other fixes, see
https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes
- Provide and obsolete hardlink package.
- util-linux-login_defs-check.sh: Update checksum, login now
supports LASTLOG_UID_MAX.
- Fix /etc/default/su comments and create /etc/default/runuser
(bsc#1121197#31).
- Remove /etc/default/su migration from coreutils.
==== util-linux-systemd ====
Version update (2.33.2 -> 2.34)
- Issue a warning for outdated pam files
(bsc#1082293, boo#1081947#c68).
- Fix comments and unify look of PAM files (login.pamd,
remote.pamd, runuser-l.pamd, runuser.pamd, su-l.pamd, su.pamd).
- Update to version 2.34:
* new command hardlink
* rewrite of lsblk, now supports --dedup
* support for FUSE in umount
* support for "--all -o remount" in mount
* su: prefer /etc/default/su over /etc/login.defs and ENV_SUPATH
over ENV_ROOTPATH (bsc#1121197), improved --pty
* unshare: add -S/--setuid, -G/--setgid, -R/--root and -w/--wd
* fstrim: do not suppress warnings unless --quiet is used
* lscpu: print 'Frequency boost' and 'Vulnerability' fields, add
- -caches
* logger: merge multiple MESSAGE= lines
* libblkid: do not depend on libuuid, supports DRBD9 detection
* libsmartcols: support N:M relationships in tree-like output
* fstrim and uuidd systemd services: hardening settings to
improve security and service isolation
* fstrim: trim root filesystem on --fstab, check for read-only
filesystems on --all and --fstab (boo#1106214).
* fstrim -A: properly de-duplicate sub-volumes (boo#1127701).
* Obsoletes util-linux-login_defs-priority1.patch,
util-linux-login_defs-priority2.patch and
util-linux-login_defs-SYS_UID.patch.
* Many Other fixes, see
https://www.kernel.org/pub/linux/utils/util-linux/v2.34/v2.34-ReleaseNotes
- Provide and obsolete hardlink package.
- util-linux-login_defs-check.sh: Update checksum, login now
supports LASTLOG_UID_MAX.
- Fix /etc/default/su comments and create /etc/default/runuser
(bsc#1121197#31).
- Remove /etc/default/su migration from coreutils.
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Hi,
some changes which are not mentioned in the regular snapshot
announcements for MicroOS and Kubic:
If you install with YaST, you can see two improvements:
- The MicroOS system roles will now also setup the NTP client service.
- The Additional Kubic Node and Loadbalancer System roles will now setup
the salt minion. So no need anymore to configure the salt-minion
afterwards to use e.g. kubicctl. You only need to accept the new Nodes
in the cluster with salt-key on the Master Node.
Thorsten
--
Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
Managing Director: Felix Imendoerffer (HRB 247165, AG München)
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
2
2
Hi,
I'm trying to set up the RPi cluster with Kubic[0] and I'm getting the
following error:
kubic-master-1:~ # kubeadm init
[init] Using Kubernetes version: v1.15.2
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of
your internet connection
[preflight] You can also perform this action in beforehand using
'kubeadm config images pull'
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR ImagePull]: failed to pull image
registry.opensuse.org/kubic/kube-proxy:v1.15.2: output:
time="2019-08-25T01:23:57Z" level=fatal msg="pulling image failed: rpc
error: code = Unknown desc = no image found in manifest list for
architecture arm64, OS linux"
, error: exit status 1
[preflight] If you know what you are doing, you can make a check
non-fatal with `--ignore-preflight-errors=...`
And indeed, it seems that kube-proxy image is available only for x86_64.
[1] I have no idea why - in the devel project it seems do build fine for
container_ARM.[2]
Do you have any ideas why OBS does not build the kube-proxy image for
aarch64 and how we can fix that?
Cheers,
Michal
[0] One of the reasons is that I want to have a working environment for
testing Cilium as soon as I'm finally done with all the madness with
Bazel and making Envoy work on aarch64 ;)
[1] registry.opensuse.org and look for '^kubic/kube-proxy'
[2] https://build.opensuse.org/package/show/devel:kubic:containers/kubic-kube-p…
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
4
3
Hi,
for this one, who don't look daily at kubic.opensuse.org, there
are two new blogs:
1. About Kata Containers
https://kubic.opensuse.org/blog/2019-08-15-kata-in-tumbleweed/
2. About kubic-control
https://kubic.opensuse.org/blog/2019-08-27-kubic-control-intro/
Thorsten
--
Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany
Managing Director: Felix Imendoerffer (HRB 247165, AG München)
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
fuse-overlayfs (0.4.1 -> 0.5.1)
icu
kubernetes
libx86emu (2.3 -> 2.4)
open-iscsi
podman (1.4.4 -> 1.5.0)
=== Details ===
==== fuse-overlayfs ====
Version update (0.4.1 -> 0.5.1)
- Update to v0.5.1
- support fuse writeback cache and enable it by default
- update to latest gnulib
- add option to disable fsync
- add option to disable xattrs
- add option to skip ino number check in lower layers
- fix fd validity check
- fix memory leak
- fix read after free
- fix type for flistxattr return
- fix warnings reported by lgtm.com
- enable parallel dirops
==== icu ====
Subpackages: libicu-suse64_2 libicu64_2-ledata
- Remove old obsoletes/provides for migration from very old
products, as they break our shared library policy
==== kubernetes ====
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet
- kubelet: only start after we have network, else if kubelet
starts to early it could get confused and never recovers
[bsc#1143813]
==== libx86emu ====
Version update (2.3 -> 2.4)
- merge gh#wfeldt/libx86emu#19
- decode: Fix compiler warning
- 2.4
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Enable LTO on aarch64 as the gcc9 package issue is fixed:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91386
==== podman ====
Version update (1.4.4 -> 1.5.0)
Subpackages: podman-cni-config
- Update podman to v1.5.0
* Features
- Podman containers can now join the user namespaces of other
containers with --userns=container:$ID, or a user namespace at
an arbitary path with --userns=ns:$PATH
- Rootless Podman can experimentally squash all UIDs and GIDs in
an image to a single UID and GID (which does not require use of
the newuidmap and newgidmap executables) by passing
- -storage-opt ignore_chown_errors
- The podman generate kube command now produces YAML for any bind
mounts the container has created (#2303)
- The podman container restore command now features a new flag,
- -ignore-static-ip, that can be used with --import to import a
single container with a static IP multiple times on the same
host
- Added the ability for podman events to output JSON by
specifying --format=json
- If the OCI runtime or conmon binary cannot be found at the
paths specified in libpod.conf, Podman will now also search for
them in the calling user's path
- Added the ability to use podman import with URLs (#3609)
- The podman ps command now supports filtering names using
regular expressions (#3394)
- Rootless Podman containers with --privileged set will now mount
in all host devices that the user can access
- The podman create and podman run commands now support the
- -env-host flag to forward all environment variables from the
host into the container
- Rootless Podman now supports healthchecks (#3523)
- The format of the HostConfig portion of the output of podman
inspect on containers has been improved and synced with Docker
- Podman containers now support CGroup namespaces, and can create
them by passing --cgroupns=private to podman run or podman
create
- The podman create and podman run commands now support the
- -ulimit=host flag, which uses any ulimits currently set on the
host for the container
- The podman rm and podman rmi commands now use different exit
codes to indicate 'no such container' and 'container is
running' errors
- Support for CGroups V2 through the crun OCI runtime has been
greatly improved, allowing resource limits to be set for
rootless containers when the CGroups V2 hierarchy is in use
* Bugfixes
- Fixed a bug where a race condition could cause podman restart
to fail to start containers with ports
- Fixed a bug where containers restored from a checkpoint would
not properly report the time they were started at
- Fixed a bug where podman search would return at most 25
results, even when the maximum number of results was set higher
- Fixed a bug where podman play kube would not honor capabilities
set in imported YAML (#3689)
- Fixed a bug where podman run --env, when passed a single key
(to use the value from the host), would set the environment
variable in the container even if it was not set on the host
(#3648)
- Fixed a bug where podman commit --changes would not properly
set environment variables
- Fixed a bug where Podman could segfault while working with
images with no history
- Fixed a bug where podman volume rm could remove arbitrary
volumes if given an ambiguous name (#3635)
- Fixed a bug where podman exec invocations leaked memory by not
cleaning up files in tmpfs
- Fixed a bug where the --dns and --net=container flags to podman
run and podman create were not mutually exclusive (#3553)
- Fixed a bug where rootless Podman would be unable to run
containers when less than 5 UIDs were available
- Fixed a bug where containers in pods could not be removed
without removing the entire pod (#3556)
- Fixed a bug where Podman would not properly clean up all CGroup
controllers for created cgroups when using the cgroupfs CGroup
driver
- Fixed a bug where Podman containers did not properly clean up
files in tmpfs, resulting in a memory leak as containers
stopped
- Fixed a bug where healthchecks from images would not use
default settings for interval, retries, timeout, and start
period when they were not provided by the image (#3525)
- Fixed a bug where healthchecks using the HEALTHCHECK CMD format
where not properly supported (#3507)
- Fixed a bug where volume mounts using relative source paths
would not be properly resolved (#3504)
- Fixed a bug where podman run did not use authorization
credentials when a custom path was specified (#3524)
- Fixed a bug where containers checkpointed with podman container
checkpoint did not properly set their finished time
- Fixed a bug where running podman inspect on any container not
created with podman run or podman create (for example, pod
infra containers) would result in a segfault (#3500)
- Fixed a bug where healthcheck flags for podman create and
podman run were incorrectly named (#3455)
- Fixed a bug where Podman commands would fail to find targets if
a partial ID was specified that was ambiguous between a
container and pod (#3487)
- Fixed a bug where restored containers would not have the
correct SELinux label
- Fixed a bug where Varlink endpoints were not working properly
if more was not correctly specified
- Fixed a bug where the Varlink PullImage endpoint would crash if
an error occurred (#3715)
- Fixed a bug where the --mount flag to podman create and podman
run did not allow boolean arguments for its ro and rw options
(#2980)
- Fixed a bug where pods did not properly share the UTS
namespace, resulting in incorrect behavior from some utilities
which rely on hostname (#3547)
- Fixed a bug where Podman would unconditionally append
ENTRYPOINT to CMD during podman commit (and when reporting CMD
in podman inspect) (#3708)
- Fixed a bug where podman events with the journald events
backend would incorrectly print 6 previous events when only new
events were requested (#3616)
- Fixed a bug where podman port would exit prematurely when a
port number was specified (#3747)
- Fixed a bug where passing . as an argument to the --dns-search
flag to podman create and podman run was not properly clearing
DNS search domains in the container
* Misc
- Updated vendored Buildah to v1.10.1
- Updated vendored containers/image to v3.0.2
- Updated vendored containers/storage to v1.13.1
- Podman now requires conmon v2.0.0 or higher
- The podman info command now displays the events logger being in
use
- The podman inspect command on containers now includes the ID of
the pod a container has joined and the PID of the container's
conmon process
- The -v short flag for podman --version has been re-added
- Error messages from podman pull should be significantly clearer
- The podman exec command is now available in the remote client
- The podman-v1.5.0.tar.gz file attached is podman packaged for
MacOS. It can be installed using Homebrew.
- Use new conmon package as direct dependency
- Remove internal conmon package
- Update libpod.conf to support latest path discovery feature for
`runc` and `conmon` binaries.
- Re-enable 32bit build
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
fuse-overlayfs (0.4.1 -> 0.5.1)
icu
libx86emu (2.3 -> 2.4)
open-iscsi
podman (1.4.4 -> 1.5.0)
=== Details ===
==== fuse-overlayfs ====
Version update (0.4.1 -> 0.5.1)
- Update to v0.5.1
- support fuse writeback cache and enable it by default
- update to latest gnulib
- add option to disable fsync
- add option to disable xattrs
- add option to skip ino number check in lower layers
- fix fd validity check
- fix memory leak
- fix read after free
- fix type for flistxattr return
- fix warnings reported by lgtm.com
- enable parallel dirops
==== icu ====
Subpackages: libicu-suse64_2 libicu64_2-ledata
- Remove old obsoletes/provides for migration from very old
products, as they break our shared library policy
==== libx86emu ====
Version update (2.3 -> 2.4)
- merge gh#wfeldt/libx86emu#19
- decode: Fix compiler warning
- 2.4
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Enable LTO on aarch64 as the gcc9 package issue is fixed:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91386
==== podman ====
Version update (1.4.4 -> 1.5.0)
Subpackages: podman-cni-config
- Update podman to v1.5.0
* Features
- Podman containers can now join the user namespaces of other
containers with --userns=container:$ID, or a user namespace at
an arbitary path with --userns=ns:$PATH
- Rootless Podman can experimentally squash all UIDs and GIDs in
an image to a single UID and GID (which does not require use of
the newuidmap and newgidmap executables) by passing
- -storage-opt ignore_chown_errors
- The podman generate kube command now produces YAML for any bind
mounts the container has created (#2303)
- The podman container restore command now features a new flag,
- -ignore-static-ip, that can be used with --import to import a
single container with a static IP multiple times on the same
host
- Added the ability for podman events to output JSON by
specifying --format=json
- If the OCI runtime or conmon binary cannot be found at the
paths specified in libpod.conf, Podman will now also search for
them in the calling user's path
- Added the ability to use podman import with URLs (#3609)
- The podman ps command now supports filtering names using
regular expressions (#3394)
- Rootless Podman containers with --privileged set will now mount
in all host devices that the user can access
- The podman create and podman run commands now support the
- -env-host flag to forward all environment variables from the
host into the container
- Rootless Podman now supports healthchecks (#3523)
- The format of the HostConfig portion of the output of podman
inspect on containers has been improved and synced with Docker
- Podman containers now support CGroup namespaces, and can create
them by passing --cgroupns=private to podman run or podman
create
- The podman create and podman run commands now support the
- -ulimit=host flag, which uses any ulimits currently set on the
host for the container
- The podman rm and podman rmi commands now use different exit
codes to indicate 'no such container' and 'container is
running' errors
- Support for CGroups V2 through the crun OCI runtime has been
greatly improved, allowing resource limits to be set for
rootless containers when the CGroups V2 hierarchy is in use
* Bugfixes
- Fixed a bug where a race condition could cause podman restart
to fail to start containers with ports
- Fixed a bug where containers restored from a checkpoint would
not properly report the time they were started at
- Fixed a bug where podman search would return at most 25
results, even when the maximum number of results was set higher
- Fixed a bug where podman play kube would not honor capabilities
set in imported YAML (#3689)
- Fixed a bug where podman run --env, when passed a single key
(to use the value from the host), would set the environment
variable in the container even if it was not set on the host
(#3648)
- Fixed a bug where podman commit --changes would not properly
set environment variables
- Fixed a bug where Podman could segfault while working with
images with no history
- Fixed a bug where podman volume rm could remove arbitrary
volumes if given an ambiguous name (#3635)
- Fixed a bug where podman exec invocations leaked memory by not
cleaning up files in tmpfs
- Fixed a bug where the --dns and --net=container flags to podman
run and podman create were not mutually exclusive (#3553)
- Fixed a bug where rootless Podman would be unable to run
containers when less than 5 UIDs were available
- Fixed a bug where containers in pods could not be removed
without removing the entire pod (#3556)
- Fixed a bug where Podman would not properly clean up all CGroup
controllers for created cgroups when using the cgroupfs CGroup
driver
- Fixed a bug where Podman containers did not properly clean up
files in tmpfs, resulting in a memory leak as containers
stopped
- Fixed a bug where healthchecks from images would not use
default settings for interval, retries, timeout, and start
period when they were not provided by the image (#3525)
- Fixed a bug where healthchecks using the HEALTHCHECK CMD format
where not properly supported (#3507)
- Fixed a bug where volume mounts using relative source paths
would not be properly resolved (#3504)
- Fixed a bug where podman run did not use authorization
credentials when a custom path was specified (#3524)
- Fixed a bug where containers checkpointed with podman container
checkpoint did not properly set their finished time
- Fixed a bug where running podman inspect on any container not
created with podman run or podman create (for example, pod
infra containers) would result in a segfault (#3500)
- Fixed a bug where healthcheck flags for podman create and
podman run were incorrectly named (#3455)
- Fixed a bug where Podman commands would fail to find targets if
a partial ID was specified that was ambiguous between a
container and pod (#3487)
- Fixed a bug where restored containers would not have the
correct SELinux label
- Fixed a bug where Varlink endpoints were not working properly
if more was not correctly specified
- Fixed a bug where the Varlink PullImage endpoint would crash if
an error occurred (#3715)
- Fixed a bug where the --mount flag to podman create and podman
run did not allow boolean arguments for its ro and rw options
(#2980)
- Fixed a bug where pods did not properly share the UTS
namespace, resulting in incorrect behavior from some utilities
which rely on hostname (#3547)
- Fixed a bug where Podman would unconditionally append
ENTRYPOINT to CMD during podman commit (and when reporting CMD
in podman inspect) (#3708)
- Fixed a bug where podman events with the journald events
backend would incorrectly print 6 previous events when only new
events were requested (#3616)
- Fixed a bug where podman port would exit prematurely when a
port number was specified (#3747)
- Fixed a bug where passing . as an argument to the --dns-search
flag to podman create and podman run was not properly clearing
DNS search domains in the container
* Misc
- Updated vendored Buildah to v1.10.1
- Updated vendored containers/image to v3.0.2
- Updated vendored containers/storage to v1.13.1
- Podman now requires conmon v2.0.0 or higher
- The podman info command now displays the events logger being in
use
- The podman inspect command on containers now includes the ID of
the pod a container has joined and the PID of the container's
conmon process
- The -v short flag for podman --version has been re-added
- Error messages from podman pull should be significantly clearer
- The podman exec command is now available in the remote client
- The podman-v1.5.0.tar.gz file attached is podman packaged for
MacOS. It can be installed using Homebrew.
- Use new conmon package as direct dependency
- Remove internal conmon package
- Update libpod.conf to support latest path discovery feature for
`runc` and `conmon` binaries.
- Re-enable 32bit build
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
kernel-firmware (20190712 -> 20190815)
kernel-source (5.2.8 -> 5.2.9)
openslp
=== Details ===
==== kernel-firmware ====
Version update (20190712 -> 20190815)
Subpackages: ucode-amd
- Update to version 20190815 (git-commit 07b925b450bf):
* Install only listed firmware files
* rtw88: add a README file
* rtw88: RTL8822C: add WoW firmware v7.3
* rtw88: RTL8822C: update rtw8822c_fw.bin to v7.3
* ath10k: QCA9984 hw1.0: update board-2.bin
* ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00046
* ath10k: QCA988X hw2.0: update firmware-5.bin to 10.2.4-1.0-00045
* ath10k: QCA9888 hw2.0: update board-2.bin
* ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00040
* ath10k: QCA9887 hw1.0: update firmware-5.bin to 10.2.4-1.0-00045
* ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00140-QCARMSWPZ-1
* ath10k: QCA4019 hw1.0: update board-2.bin
* cxgb4: update firmware to revision 1.24.3.0
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.38
* nvidia: add missing entries in WHENCE
* linux-firmware: Update NXP Management Complex firmware to version 10.16.2
* iwlwifi: update -48 FWs for Qu and cc
* iwlwifi: update FWs for 3168, 7265D, 9000, 9260, 8000, 8265 and cc
* drm/i915/firmware: Add v33 of GuC for ICL
* drm/i915/firmware: Add v33 of GuC for KBL
* drm/i915/firmware: Add v33 of GuC for SKL
* drm/i915/firmware: Add v33 of GuC for GLK
* drm/i915/firmware: Add v33 of GuC for BXT
- Drop iwlwifi revert patch, as the fix will go into 5.2.x kernel
(bsc#1142128):
WHENCE-iwlwifi-9xxx-46-revert.patch
- Drop the deprecated upstream fix:
0001-nvidia-add-missing-entries-in-WHENCE.patch
- Drop the local copy of copy-file.sh that is already included in
the latest linux-git tarball
- Re-group some entries for USB hotpluggable network drivers into
kernel-firmware-usb-network subpackage, while moving ath10k and
mwifiex firmware into the own subpackage, too
- Move documents and license texts into the proper section
- Remove spurious non-firmware files
- Restructure the packaging for reducing the storage footprint
(bsc#1143959):
the firmware files are split into several subpackages, so that user
doesn't need to install unnecessary files. Each package has
supplements entries that are generated from the static list (that
was created from the current and old TW kernel binaries).
There is a catch-all package, kernel-firmware-all, and this
provides/obsoletes the former kernel-firmware package. And each
firmware file is compressed in XZ format for the new kernel (5.3 or
later).
For the systems with older kernels, we still provide the old'n'good
kernel-firmware.rpm, containing everything in the raw format, too.
This kernel-firmware.rpm will be obsoleted once when
kernel-firmware-all above is installed.
The build of both flavors are done in the multibuild. Without the
flavor, the raw kernel-firmware.rpm and ucode-amd.rpm are built,
while the new kernel firmware packages are built in "compressed"
flavor (-M compressed).
- Upstream fix for missing WHENCE entries:
0001-nvidia-add-missing-entries-in-WHENCE.patch
==== kernel-source ====
Version update (5.2.8 -> 5.2.9)
Subpackages: kernel-debug kernel-default
- Linux 5.2.9 (bnc#1012628).
- iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support
(bnc#1012628).
- iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41
(bnc#1012628).
- iwlwifi: mvm: fix a use-after-free bug in iwl_mvm_tx_tso_segment
(bnc#1012628).
- iwlwifi: mvm: fix an out-of-bound access (bnc#1012628).
- iwlwifi: don't unmap as page memory that was mapped as single
(bnc#1012628).
- mwifiex: fix 802.11n/WPA detection (bnc#1012628).
- KVM: arm/arm64: Sync ICH_VMCR_EL2 back when about to block
(bnc#1012628).
- KVM: Fix leak vCPU's VMCS value into other pCPU (bnc#1012628).
- NFSv4: Fix an Oops in nfs4_do_setattr (bnc#1012628).
- NFSv4: Check the return value of update_open_stateid()
(bnc#1012628).
- NFSv4: Fix delegation state recovery (bnc#1012628).
- smb3: send CAP_DFS capability during session setup
(bnc#1012628).
- SMB3: Fix deadlock in validate negotiate hits reconnect
(bnc#1012628).
- dax: dax_layout_busy_page() should not unmap cow pages
(bnc#1012628).
- mac80211: don't WARN on short WMM parameters from AP
(bnc#1012628).
- ALSA: hda - Workaround for crackled sound on AMD controller
(1022:1457) (bnc#1012628).
- ALSA: hda - Don't override global PCM hw info flag
(bnc#1012628).
- ALSA: hiface: fix multiple memory leak bugs (bnc#1012628).
- ALSA: firewire: fix a memory leak bug (bnc#1012628).
- drm/i915: Fix wrong escape clock divisor init for GLK
(bnc#1012628).
- hwmon: (lm75) Fixup tmp75b clr_mask (bnc#1012628).
- hwmon: (nct7802) Fix wrong detection of in4 presence
(bnc#1012628).
- can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
(bnc#1012628).
- can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
(bnc#1012628).
- KVM/nSVM: properly map nested VMCB (bnc#1012628).
- ALSA: usb-audio: fix a memory leak bug (bnc#1012628).
- HID: sony: Fix race condition between rumble and device remove
(bnc#1012628).
- gen_compile_commands: lower the entry count threshold
(bnc#1012628).
- s390/dma: provide proper ARCH_ZONE_DMA_BITS value (bnc#1012628).
- perf/core: Fix creating kernel counters for PMUs that override
event->cpu (bnc#1012628).
- perf/x86: Apply more accurate check on hypervisor platform
(bnc#1012628).
- perf/x86/intel: Fix invalid Bit 13 for Icelake MSR_OFFCORE_RSP_x
register (bnc#1012628).
- perf/x86/intel: Fix SLOTS PEBS event constraint (bnc#1012628).
- tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed
sleep loop (bnc#1012628).
- test_firmware: fix a memory leak bug (bnc#1012628).
- scsi: scsi_dh_alua: always use a 2 second delay before retrying
RTPG (bnc#1012628).
- scsi: ibmvfc: fix WARN_ON during event pool release
(bnc#1012628).
- scsi: megaraid_sas: fix panic on loading firmware crashdump
(bnc#1012628).
- ARM: dts: bcm: bcm47094: add missing #cells for mdio-bus-mux
(bnc#1012628).
- ARM: davinci: fix sleep.S build error on ARMv4 (bnc#1012628).
- nvme: fix memory leak caused by incorrect subsystem free
(bnc#1012628).
- nvme: ignore subnqn for ADATA SX6000LNP (bnc#1012628).
- ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id()
(bnc#1012628).
- drbd: dynamically allocate shash descriptor (bnc#1012628).
- perf probe: Avoid calling freeing routine multiple times for
same pointer (bnc#1012628).
- perf session: Fix loading of compressed data split across
adjacent records (bnc#1012628).
- perf stat: Fix segfault for event group in repeat mode
(bnc#1012628).
- perf tools: Fix proper buffer size for feature processing
(bnc#1012628).
- perf script: Fix off by one in brstackinsn IPC computation
(bnc#1012628).
- ALSA: compress: Be more restrictive about when a drain is
allowed (bnc#1012628).
- ALSA: compress: Don't allow paritial drain operations on
capture streams (bnc#1012628).
- ALSA: compress: Prevent bypasses of set_params (bnc#1012628).
- ALSA: compress: Fix regression on compressed capture streams
(bnc#1012628).
- s390/qdio: add sanity checks to the fast-requeue path
(bnc#1012628).
- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init()
(bnc#1012628).
- arm64: dts: imx8mq: fix SAI compatible (bnc#1012628).
- arm64: dts: imx8mm: Correct SAI3 RXC/TXFS pin's mux option #1
(bnc#1012628).
- drm: silence variable 'conn' set but not used (bnc#1012628).
- drm/msm/dpu: Correct dpu encoder spinlock initialization
(bnc#1012628).
- iommu/vt-d: Check if domain->pgd was allocated (bnc#1012628).
- arm64: entry: SP Alignment Fault doesn't write to FAR_EL1
(bnc#1012628).
- arm64: Force SSBS on context switch (bnc#1012628).
- powerpc/papr_scm: Force a scm-unbind if initial scm-bind fails
(bnc#1012628).
- ARM: dts: imx6ul: fix clock frequency property name of I2C buses
(bnc#1012628).
- hwmon: (nct6775) Fix register address and added missed tolerance
for nct6106 (bnc#1012628).
- hwmon: (occ) Fix division by zero issue (bnc#1012628).
- allocate_flower_entry: should check for null deref
(bnc#1012628).
- mac80211: don't warn about CW params when not using them
(bnc#1012628).
- mac80211: fix possible memory leak in ieee80211_assign_beacon
(bnc#1012628).
- nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN (bnc#1012628).
- iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of
ISCSI_IBFT_FIND (bnc#1012628).
- Update config files.
Set CONFIG_ISCSI_IBFT=m.
- drm/amd/display: Increase size of audios array (bnc#1012628).
- drm/amd/display: Only enable audio if speaker allocation exists
(bnc#1012628).
- drm/amd/display: Fix dc_create failure handling and 666 color
depths (bnc#1012628).
- drm/amd/display: allocate 4 ddc engines for RV2 (bnc#1012628).
- drm/amd/display: put back front end initialization sequence
(bnc#1012628).
- drm/amd/display: use encoder's engine id to find matched free
audio device (bnc#1012628).
- drm/amd/display: fix DMCU hang when going into Modern Standby
(bnc#1012628).
- drm/amd/display: Wait for backlight programming completion in
set backlight level (bnc#1012628).
- drm/amd/display: Clock does not lower in Updateplanes
(bnc#1012628).
- drm/amd/display: No audio endpoint for Dell MST display
(bnc#1012628).
- netfilter: nf_tables: Support auto-loading for inet nat
(bnc#1012628).
- rq-qos: use a mb for got_token (bnc#1012628).
- rq-qos: set ourself TASK_UNINTERRUPTIBLE after we schedule
(bnc#1012628).
- rq-qos: don't reset has_sleepers on spurious wakeups
(bnc#1012628).
- scripts/sphinx-pre-install: fix latexmk dependencies
(bnc#1012628).
- scripts/sphinx-pre-install: don't use LaTeX with CentOS 7
(bnc#1012628).
- scripts/sphinx-pre-install: fix script for RHEL/CentOS
(bnc#1012628).
- netfilter: nft_hash: fix symhash with modulus one (bnc#1012628).
- netfilter: conntrack: always store window size un-scaled
(bnc#1012628).
- netfilter: nf_tables: fix module autoload for redir
(bnc#1012628).
- netfilter: Fix rpfilter dropping vrf packets by mistake
(bnc#1012628).
- vfio-ccw: Don't call cp_free if we are processing a channel
program (bnc#1012628).
- vfio-ccw: Set pa_nr to 0 if memory allocation fails for
pa_iova_pfn (bnc#1012628).
- netfilter: nfnetlink: avoid deadlock due to synchronous
request_module (bnc#1012628).
- powerpc: fix off by one in max_zone_pfn initialization for
ZONE_DMA (bnc#1012628).
- can: peak_usb: fix potential double kfree_skb() (bnc#1012628).
- can: flexcan: fix an use-after-free in flexcan_setup_stop_mode()
(bnc#1012628).
- can: flexcan: fix stop mode acknowledgment (bnc#1012628).
- can: rcar_canfd: fix possible IRQ storm on high load
(bnc#1012628).
- usb: typec: tcpm: Ignore unsupported/unknown alternate mode
requests (bnc#1012628).
- usb: typec: tcpm: Add NULL check before dereferencing config
(bnc#1012628).
- usb: typec: tcpm: remove tcpm dir if no children (bnc#1012628).
- usb: typec: tcpm: free log buf memory when remove debug file
(bnc#1012628).
- usb: typec: ucsi: ccg: Fix uninitilized symbol error
(bnc#1012628).
- usb: yurex: Fix use-after-free in yurex_delete (bnc#1012628).
- usb: host: xhci-rcar: Fix timeout in xhci_suspend()
(bnc#1012628).
- gfs2: gfs2_walk_metadata fix (bnc#1012628).
- genirq/affinity: Create affinity mask for single vector
(bnc#1012628).
- x86/purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS
(bnc#1012628).
- x86/purgatory: Do not use __builtin_memcpy and __builtin_memset
(bnc#1012628).
- perf record: Fix module size on s390 (bnc#1012628).
- perf db-export: Fix thread__exec_comm() (bnc#1012628).
- perf annotate: Fix s390 gap between kernel end and module start
(bnc#1012628).
- coresight: Fix DEBUG_LOCKS_WARN_ON for uninitialized attribute
(bnc#1012628).
- mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()
(bnc#1012628).
- x86/mm: Sync also unmappings in vmalloc_sync_all()
(bnc#1012628).
- x86/mm: Check for pfn instead of page in vmalloc_sync_one()
(bnc#1012628).
- Input: synaptics - enable RMI mode for HP Spectre X360
(bnc#1012628).
- Input: elantech - enable SMBus on new (2018+) systems
(bnc#1012628).
- Input: usbtouchscreen - initialize PM mutex before using it
(bnc#1012628).
- bdev: Fixup error handling in blkdev_get() (bnc#1012628).
- loop: set PF_MEMALLOC_NOIO for the worker thread (bnc#1012628).
- mmc: cavium: Add the missing dma unmap when the dma has finished
(bnc#1012628).
- mmc: cavium: Set the correct dma max segment size for mmc_host
(bnc#1012628).
- sound: fix a memory leak bug (bnc#1012628).
- usb: iowarrior: fix deadlock on disconnect (bnc#1012628).
- Revert "USB: rio500: simplify locking" (bnc#1012628).
- usb: usbfs: fix double-free of usb memory upon submiturb error
(bnc#1012628).
- driver core: platform: return -ENXIO for missing GpioInt
(bnc#1012628).
- crypto: ccp - Ignore tag length when decrypting GCM ciphertext
(bnc#1012628).
- crypto: ccp - Add support for valid authsize values less than 16
(bnc#1012628).
- crypto: ccp - Fix oops by properly managing allocated structures
(bnc#1012628).
- Staging: fbtft: Fix reset assertion when using gpio descriptor
(bnc#1012628).
- Staging: fbtft: Fix probing of gpio descriptor (bnc#1012628).
- staging: android: ion: Bail out upon SIGKILL when allocating
memory (bnc#1012628).
- staging: wilc1000: flush the workqueue before deinit the host
(bnc#1012628).
- staging: gasket: apex: fix copy-paste typo (bnc#1012628).
- iio: adc: max9611: Fix misuse of GENMASK macro (bnc#1012628).
- iio: adc: gyroadc: fix uninitialized return code (bnc#1012628).
- iio: imu: mpu6050: add missing available scan masks
(bnc#1012628).
- iio: cros_ec_accel_legacy: Fix incorrect channel setting
(bnc#1012628).
- IIO: Ingenic JZ47xx: Set clock divider on probe (bnc#1012628).
- Revert "PCI: Add missing link delays required by the PCIe spec"
(bnc#1012628).
- commit 80c0ffe
- x86/apic: Handle missing global clockevent gracefully
(bnc#1142926).
- commit a44175e
==== openslp ====
- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
firewalld, see [1].
[1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
kernel-firmware (20190712 -> 20190815)
kernel-source (5.2.8 -> 5.2.9)
openslp
=== Details ===
==== kernel-firmware ====
Version update (20190712 -> 20190815)
Subpackages: ucode-amd
- Update to version 20190815 (git-commit 07b925b450bf):
* Install only listed firmware files
* rtw88: add a README file
* rtw88: RTL8822C: add WoW firmware v7.3
* rtw88: RTL8822C: update rtw8822c_fw.bin to v7.3
* ath10k: QCA9984 hw1.0: update board-2.bin
* ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00046
* ath10k: QCA988X hw2.0: update firmware-5.bin to 10.2.4-1.0-00045
* ath10k: QCA9888 hw2.0: update board-2.bin
* ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00040
* ath10k: QCA9887 hw1.0: update firmware-5.bin to 10.2.4-1.0-00045
* ath10k: QCA6174 hw3.0: update firmware-6.bin to WLAN.RM.4.4.1-00140-QCARMSWPZ-1
* ath10k: QCA4019 hw1.0: update board-2.bin
* cxgb4: update firmware to revision 1.24.3.0
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.38
* nvidia: add missing entries in WHENCE
* linux-firmware: Update NXP Management Complex firmware to version 10.16.2
* iwlwifi: update -48 FWs for Qu and cc
* iwlwifi: update FWs for 3168, 7265D, 9000, 9260, 8000, 8265 and cc
* drm/i915/firmware: Add v33 of GuC for ICL
* drm/i915/firmware: Add v33 of GuC for KBL
* drm/i915/firmware: Add v33 of GuC for SKL
* drm/i915/firmware: Add v33 of GuC for GLK
* drm/i915/firmware: Add v33 of GuC for BXT
- Drop iwlwifi revert patch, as the fix will go into 5.2.x kernel
(bsc#1142128):
WHENCE-iwlwifi-9xxx-46-revert.patch
- Drop the deprecated upstream fix:
0001-nvidia-add-missing-entries-in-WHENCE.patch
- Drop the local copy of copy-file.sh that is already included in
the latest linux-git tarball
- Re-group some entries for USB hotpluggable network drivers into
kernel-firmware-usb-network subpackage, while moving ath10k and
mwifiex firmware into the own subpackage, too
- Move documents and license texts into the proper section
- Remove spurious non-firmware files
- Restructure the packaging for reducing the storage footprint
(bsc#1143959):
the firmware files are split into several subpackages, so that user
doesn't need to install unnecessary files. Each package has
supplements entries that are generated from the static list (that
was created from the current and old TW kernel binaries).
There is a catch-all package, kernel-firmware-all, and this
provides/obsoletes the former kernel-firmware package. And each
firmware file is compressed in XZ format for the new kernel (5.3 or
later).
For the systems with older kernels, we still provide the old'n'good
kernel-firmware.rpm, containing everything in the raw format, too.
This kernel-firmware.rpm will be obsoleted once when
kernel-firmware-all above is installed.
The build of both flavors are done in the multibuild. Without the
flavor, the raw kernel-firmware.rpm and ucode-amd.rpm are built,
while the new kernel firmware packages are built in "compressed"
flavor (-M compressed).
- Upstream fix for missing WHENCE entries:
0001-nvidia-add-missing-entries-in-WHENCE.patch
==== kernel-source ====
Version update (5.2.8 -> 5.2.9)
Subpackages: kernel-debug kernel-default
- Linux 5.2.9 (bnc#1012628).
- iwlwifi: mvm: fix version check for GEO_TX_POWER_LIMIT support
(bnc#1012628).
- iwlwifi: mvm: don't send GEO_TX_POWER_LIMIT on version < 41
(bnc#1012628).
- iwlwifi: mvm: fix a use-after-free bug in iwl_mvm_tx_tso_segment
(bnc#1012628).
- iwlwifi: mvm: fix an out-of-bound access (bnc#1012628).
- iwlwifi: don't unmap as page memory that was mapped as single
(bnc#1012628).
- mwifiex: fix 802.11n/WPA detection (bnc#1012628).
- KVM: arm/arm64: Sync ICH_VMCR_EL2 back when about to block
(bnc#1012628).
- KVM: Fix leak vCPU's VMCS value into other pCPU (bnc#1012628).
- NFSv4: Fix an Oops in nfs4_do_setattr (bnc#1012628).
- NFSv4: Check the return value of update_open_stateid()
(bnc#1012628).
- NFSv4: Fix delegation state recovery (bnc#1012628).
- smb3: send CAP_DFS capability during session setup
(bnc#1012628).
- SMB3: Fix deadlock in validate negotiate hits reconnect
(bnc#1012628).
- dax: dax_layout_busy_page() should not unmap cow pages
(bnc#1012628).
- mac80211: don't WARN on short WMM parameters from AP
(bnc#1012628).
- ALSA: hda - Workaround for crackled sound on AMD controller
(1022:1457) (bnc#1012628).
- ALSA: hda - Don't override global PCM hw info flag
(bnc#1012628).
- ALSA: hiface: fix multiple memory leak bugs (bnc#1012628).
- ALSA: firewire: fix a memory leak bug (bnc#1012628).
- drm/i915: Fix wrong escape clock divisor init for GLK
(bnc#1012628).
- hwmon: (lm75) Fixup tmp75b clr_mask (bnc#1012628).
- hwmon: (nct7802) Fix wrong detection of in4 presence
(bnc#1012628).
- can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
(bnc#1012628).
- can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
(bnc#1012628).
- KVM/nSVM: properly map nested VMCB (bnc#1012628).
- ALSA: usb-audio: fix a memory leak bug (bnc#1012628).
- HID: sony: Fix race condition between rumble and device remove
(bnc#1012628).
- gen_compile_commands: lower the entry count threshold
(bnc#1012628).
- s390/dma: provide proper ARCH_ZONE_DMA_BITS value (bnc#1012628).
- perf/core: Fix creating kernel counters for PMUs that override
event->cpu (bnc#1012628).
- perf/x86: Apply more accurate check on hypervisor platform
(bnc#1012628).
- perf/x86/intel: Fix invalid Bit 13 for Icelake MSR_OFFCORE_RSP_x
register (bnc#1012628).
- perf/x86/intel: Fix SLOTS PEBS event constraint (bnc#1012628).
- tty/ldsem, locking/rwsem: Add missing ACQUIRE to read_failed
sleep loop (bnc#1012628).
- test_firmware: fix a memory leak bug (bnc#1012628).
- scsi: scsi_dh_alua: always use a 2 second delay before retrying
RTPG (bnc#1012628).
- scsi: ibmvfc: fix WARN_ON during event pool release
(bnc#1012628).
- scsi: megaraid_sas: fix panic on loading firmware crashdump
(bnc#1012628).
- ARM: dts: bcm: bcm47094: add missing #cells for mdio-bus-mux
(bnc#1012628).
- ARM: davinci: fix sleep.S build error on ARMv4 (bnc#1012628).
- nvme: fix memory leak caused by incorrect subsystem free
(bnc#1012628).
- nvme: ignore subnqn for ADATA SX6000LNP (bnc#1012628).
- ACPI/IORT: Fix off-by-one check in iort_dev_find_its_id()
(bnc#1012628).
- drbd: dynamically allocate shash descriptor (bnc#1012628).
- perf probe: Avoid calling freeing routine multiple times for
same pointer (bnc#1012628).
- perf session: Fix loading of compressed data split across
adjacent records (bnc#1012628).
- perf stat: Fix segfault for event group in repeat mode
(bnc#1012628).
- perf tools: Fix proper buffer size for feature processing
(bnc#1012628).
- perf script: Fix off by one in brstackinsn IPC computation
(bnc#1012628).
- ALSA: compress: Be more restrictive about when a drain is
allowed (bnc#1012628).
- ALSA: compress: Don't allow paritial drain operations on
capture streams (bnc#1012628).
- ALSA: compress: Prevent bypasses of set_params (bnc#1012628).
- ALSA: compress: Fix regression on compressed capture streams
(bnc#1012628).
- s390/qdio: add sanity checks to the fast-requeue path
(bnc#1012628).
- cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init()
(bnc#1012628).
- arm64: dts: imx8mq: fix SAI compatible (bnc#1012628).
- arm64: dts: imx8mm: Correct SAI3 RXC/TXFS pin's mux option #1
(bnc#1012628).
- drm: silence variable 'conn' set but not used (bnc#1012628).
- drm/msm/dpu: Correct dpu encoder spinlock initialization
(bnc#1012628).
- iommu/vt-d: Check if domain->pgd was allocated (bnc#1012628).
- arm64: entry: SP Alignment Fault doesn't write to FAR_EL1
(bnc#1012628).
- arm64: Force SSBS on context switch (bnc#1012628).
- powerpc/papr_scm: Force a scm-unbind if initial scm-bind fails
(bnc#1012628).
- ARM: dts: imx6ul: fix clock frequency property name of I2C buses
(bnc#1012628).
- hwmon: (nct6775) Fix register address and added missed tolerance
for nct6106 (bnc#1012628).
- hwmon: (occ) Fix division by zero issue (bnc#1012628).
- allocate_flower_entry: should check for null deref
(bnc#1012628).
- mac80211: don't warn about CW params when not using them
(bnc#1012628).
- mac80211: fix possible memory leak in ieee80211_assign_beacon
(bnc#1012628).
- nl80211: fix NL80211_HE_MAX_CAPABILITY_LEN (bnc#1012628).
- iscsi_ibft: make ISCSI_IBFT dependson ACPI instead of
ISCSI_IBFT_FIND (bnc#1012628).
- Update config files.
Set CONFIG_ISCSI_IBFT=m.
- drm/amd/display: Increase size of audios array (bnc#1012628).
- drm/amd/display: Only enable audio if speaker allocation exists
(bnc#1012628).
- drm/amd/display: Fix dc_create failure handling and 666 color
depths (bnc#1012628).
- drm/amd/display: allocate 4 ddc engines for RV2 (bnc#1012628).
- drm/amd/display: put back front end initialization sequence
(bnc#1012628).
- drm/amd/display: use encoder's engine id to find matched free
audio device (bnc#1012628).
- drm/amd/display: fix DMCU hang when going into Modern Standby
(bnc#1012628).
- drm/amd/display: Wait for backlight programming completion in
set backlight level (bnc#1012628).
- drm/amd/display: Clock does not lower in Updateplanes
(bnc#1012628).
- drm/amd/display: No audio endpoint for Dell MST display
(bnc#1012628).
- netfilter: nf_tables: Support auto-loading for inet nat
(bnc#1012628).
- rq-qos: use a mb for got_token (bnc#1012628).
- rq-qos: set ourself TASK_UNINTERRUPTIBLE after we schedule
(bnc#1012628).
- rq-qos: don't reset has_sleepers on spurious wakeups
(bnc#1012628).
- scripts/sphinx-pre-install: fix latexmk dependencies
(bnc#1012628).
- scripts/sphinx-pre-install: don't use LaTeX with CentOS 7
(bnc#1012628).
- scripts/sphinx-pre-install: fix script for RHEL/CentOS
(bnc#1012628).
- netfilter: nft_hash: fix symhash with modulus one (bnc#1012628).
- netfilter: conntrack: always store window size un-scaled
(bnc#1012628).
- netfilter: nf_tables: fix module autoload for redir
(bnc#1012628).
- netfilter: Fix rpfilter dropping vrf packets by mistake
(bnc#1012628).
- vfio-ccw: Don't call cp_free if we are processing a channel
program (bnc#1012628).
- vfio-ccw: Set pa_nr to 0 if memory allocation fails for
pa_iova_pfn (bnc#1012628).
- netfilter: nfnetlink: avoid deadlock due to synchronous
request_module (bnc#1012628).
- powerpc: fix off by one in max_zone_pfn initialization for
ZONE_DMA (bnc#1012628).
- can: peak_usb: fix potential double kfree_skb() (bnc#1012628).
- can: flexcan: fix an use-after-free in flexcan_setup_stop_mode()
(bnc#1012628).
- can: flexcan: fix stop mode acknowledgment (bnc#1012628).
- can: rcar_canfd: fix possible IRQ storm on high load
(bnc#1012628).
- usb: typec: tcpm: Ignore unsupported/unknown alternate mode
requests (bnc#1012628).
- usb: typec: tcpm: Add NULL check before dereferencing config
(bnc#1012628).
- usb: typec: tcpm: remove tcpm dir if no children (bnc#1012628).
- usb: typec: tcpm: free log buf memory when remove debug file
(bnc#1012628).
- usb: typec: ucsi: ccg: Fix uninitilized symbol error
(bnc#1012628).
- usb: yurex: Fix use-after-free in yurex_delete (bnc#1012628).
- usb: host: xhci-rcar: Fix timeout in xhci_suspend()
(bnc#1012628).
- gfs2: gfs2_walk_metadata fix (bnc#1012628).
- genirq/affinity: Create affinity mask for single vector
(bnc#1012628).
- x86/purgatory: Use CFLAGS_REMOVE rather than reset KBUILD_CFLAGS
(bnc#1012628).
- x86/purgatory: Do not use __builtin_memcpy and __builtin_memset
(bnc#1012628).
- perf record: Fix module size on s390 (bnc#1012628).
- perf db-export: Fix thread__exec_comm() (bnc#1012628).
- perf annotate: Fix s390 gap between kernel end and module start
(bnc#1012628).
- coresight: Fix DEBUG_LOCKS_WARN_ON for uninitialized attribute
(bnc#1012628).
- mm/vmalloc: Sync unmappings in __purge_vmap_area_lazy()
(bnc#1012628).
- x86/mm: Sync also unmappings in vmalloc_sync_all()
(bnc#1012628).
- x86/mm: Check for pfn instead of page in vmalloc_sync_one()
(bnc#1012628).
- Input: synaptics - enable RMI mode for HP Spectre X360
(bnc#1012628).
- Input: elantech - enable SMBus on new (2018+) systems
(bnc#1012628).
- Input: usbtouchscreen - initialize PM mutex before using it
(bnc#1012628).
- bdev: Fixup error handling in blkdev_get() (bnc#1012628).
- loop: set PF_MEMALLOC_NOIO for the worker thread (bnc#1012628).
- mmc: cavium: Add the missing dma unmap when the dma has finished
(bnc#1012628).
- mmc: cavium: Set the correct dma max segment size for mmc_host
(bnc#1012628).
- sound: fix a memory leak bug (bnc#1012628).
- usb: iowarrior: fix deadlock on disconnect (bnc#1012628).
- Revert "USB: rio500: simplify locking" (bnc#1012628).
- usb: usbfs: fix double-free of usb memory upon submiturb error
(bnc#1012628).
- driver core: platform: return -ENXIO for missing GpioInt
(bnc#1012628).
- crypto: ccp - Ignore tag length when decrypting GCM ciphertext
(bnc#1012628).
- crypto: ccp - Add support for valid authsize values less than 16
(bnc#1012628).
- crypto: ccp - Fix oops by properly managing allocated structures
(bnc#1012628).
- Staging: fbtft: Fix reset assertion when using gpio descriptor
(bnc#1012628).
- Staging: fbtft: Fix probing of gpio descriptor (bnc#1012628).
- staging: android: ion: Bail out upon SIGKILL when allocating
memory (bnc#1012628).
- staging: wilc1000: flush the workqueue before deinit the host
(bnc#1012628).
- staging: gasket: apex: fix copy-paste typo (bnc#1012628).
- iio: adc: max9611: Fix misuse of GENMASK macro (bnc#1012628).
- iio: adc: gyroadc: fix uninitialized return code (bnc#1012628).
- iio: imu: mpu6050: add missing available scan masks
(bnc#1012628).
- iio: cros_ec_accel_legacy: Fix incorrect channel setting
(bnc#1012628).
- IIO: Ingenic JZ47xx: Set clock divider on probe (bnc#1012628).
- Revert "PCI: Add missing link delays required by the PCIe spec"
(bnc#1012628).
- commit 80c0ffe
- x86/apic: Handle missing global clockevent gracefully
(bnc#1142926).
- commit a44175e
==== openslp ====
- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
firewalld, see [1].
[1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
cni-plugins (0.8.1 -> 0.8.2)
conntrack-tools
hwdata (0.325 -> 0.326)
kernel-default-base
libcap-ng
makedumpfile
nghttp2 (1.38.0 -> 1.39.1)
pkgconf (1.6.1 -> 1.6.3)
rook (1.0.0+git1783.g7a48482f -> 1.0.0+git1862.ge9abbf48)
tallow (16+git20190219.35182b8 -> 16+git20190425.e4b3977)
thin-provisioning-tools (0.8.3 -> 0.8.5)
wicked (0.6.54 -> 0.6.55)
xen (4.12.0_16 -> 4.12.1_02)
=== Details ===
==== cni-plugins ====
Version update (0.8.1 -> 0.8.2)
- Update plugins to v0.8.2
+ New features:
* Support "args" in static and tuning
* Add Loopback DSR support, allow l2tunnel networks
to be used with the l2bridge plugin
* host-local: return error if same ADD request is seen twice
* bandwidth: fix collisions
* Support ips capability in static and mac capability in tuning
* pkg/veth: Make host-side veth name configurable
+ Bug fixes:
* Fix: failed to set bridge addr: could not add IP address to "cni0": file exists
* host-device: revert name setting to make retries idempotent (#357).
* Vendor update go-iptables. Vendor update go-iptables to
obtain commit f1d0510cabcb710d5c5dd284096f81444b9d8d10
* Update go.mod & go.sub
* Remove link Down/Up in MAC address change to prevent route flush (#364).
* pkg/ip unit test: be agnostic of Linux version, on Linux 4.4 the syscall
error message is "invalid argument" not "file exists"
* bump containernetworking/cni to v0.7.1
==== conntrack-tools ====
- conntrackd-cthelper-Add-new-SLP-helper.patch:
userspace conntrack helper for SLP (Service Location Protocol) to
replace SUSE specific kernel helper (rejected by upstream) from
openSUSE / SLE kernel packages (FATE#324143 bsc#1127886)
- run autoreconf before build (patch above touches Makefile.am)
- add commented out conntrack helper config example to default
conntrackd.conf
- drop deprecated (and ignored) options Nice and UNIX/Backlog from
default conntrackd.conf
- Fix 1.4.5 parser issues (bsc#1141480):
conntrackd-use-strncpy-to-unix-path.patch
conntrackd-Use-strdup-in-lexer.patch
conntrackd-use-correct-max-unix-path-length.patch
==== hwdata ====
Version update (0.325 -> 0.326)
- Update to version 0.326:
* Updated pci, usb and vendor ids.
==== kernel-default-base ====
- Fix wildcard for ip6t_.*
==== libcap-ng ====
- Own %{_datadir}/aclocal: when we might switch to pkgconf instead
of pkg-config, nothing in the build root is 'accidentally' owning
this directory for us.
==== makedumpfile ====
- Also support extended address space with SLE 12 SP5 (bsc#1138451)
* refresh makedumpfile-ppc64-VA-range-SUSE.patch
==== nghttp2 ====
Version update (1.38.0 -> 1.39.1)
- Update to version 1.39.1:
* This release fixes the bug that log-level is not set with
cmd-line or configuration file. It also fixes FPE with default
backend.
- Changes for version 1.39.0:
* libnghttp2 now ignores content-length in 200 response to
CONNECT request as per RFC 7230.
* mruby has been upgraded to 2.0.1.
* libnghttp2-asio now supports boost-1.70.
* http-parser has been replaced with llhttp.
* nghttpx now ignores Content-Length and Transfer-Encoding in 1xx
or 200 to CONNECT.
- Drop no longer needed boost170.patch
==== pkgconf ====
Version update (1.6.1 -> 1.6.3)
Subpackages: libpkgconf3 pkgconf-m4 pkgconf-pkg-config
- Update to 1.6.3
+ Fixed a memory leak when deduplicating paths.
+ Fixed strndup-related build regression on Windows.
+ Added --modversion description to pkgconf(1) man page.
+ Properly tokenize versions. Versions cannot logically contain
whitespace, as dependency-lists would not properly tokenize if
they could. A diagnostic is generated for malformed version
strings containing whitespace when --validate is used.
- Co-own aclocal directory to avoid requiring autoconf-archive
==== rook ====
Version update (1.0.0+git1783.g7a48482f -> 1.0.0+git1862.ge9abbf48)
- Update Rook to commit e9abbf4831673a9a5545971532ae326e95f3ea60
+ enable the ceph-csi driver by default
+ remove csi default settings from yaml
+ add option to disable flex driver
+ allow the discovery daemon to be optional
+ automatically create the csi secret with the cluster
+ Allow to launch pods when memory request is set (but no memory limit)
+ ceph: chown with init container
+ ceph: when mons use pvc mount volume at subpath
- csi was merged to operator.yaml, sed to correct file
- Fix build broken with creation of new rook-integration helper files
- Put helper files into /usr/share/rook-integration dir
- Change name of 'integration' binary to 'rook-integration'
- Generate files which contain the names of all images used in the manifests produced by this build
which are installed with the rook-integration package to assist the integration tooling.
- Update spec file to build rook-integration binary
- Building test binaries is different from building main binaries, so manual steps needed
- Apply linker flags to rookflex binary also (just in case)
- Slightly rework rook-k8s-yaml summary description
==== tallow ====
Version update (16+git20190219.35182b8 -> 16+git20190425.e4b3977)
- Update to version 16+git20190425.e4b3977:
* Ensure we don't replay old events.
* Add example whitelist defaults.
==== thin-provisioning-tools ====
Version update (0.8.3 -> 0.8.5)
- Update to version 0.8.5
* Mostly internal changes
==== wicked ====
Version update (0.6.54 -> 0.6.55)
Subpackages: libwicked-0-6 wicked-service
- version 0.6.55
- dhcp6: do not default to a /64 address prefix-length (bsc#1132280)
Add an address-length aka DHCLIENT6_ADDRESS_LENGTH ifcfg option, which
permits to specify explicit prefix-length to use for the DHCPv6 address
and override detection using RA prefix info and a default to /128.
- time: use boot time for timer instead of real time (bsc#1129986)
- dhcp: Consistently log dhcp xid and enabled to log dhcp6 timings line.
- dhcp6: lower unexpected xid messages to debug level
- systemd: change to depend on udev settle service (bsc#1136034,bsc#1132774)
Calling udevadm settle directly caused systemd to kill wicked services.
- bridge: honour ifcfg LLADDR and set link address (bsc#1042123,boo#1142670)
- rfkill: fix switch statement to check enum variable not a constant (bsc#1140117)
- man: ifcfg-ovs-bridge(5): recommend STARTMODE=nfsroot
- dhcp4: nullify defer timer pointer when timeout (openSUSE/wicked#798)
- dhcp4: fix to request routing options when custom options are used (bsc#1132326)
- testing: add ifbind.sh helper script allowing to test hotplugging
==== xen ====
Version update (4.12.0_16 -> 4.12.1_02)
- Update to Xen 4.12.1 bug fix release (bsc#1027519)
xen-4.12.1-testing-src.tar.bz2
- Drop patches contained in new tarball
5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch
5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch
5c87b6c8-drop-arch_evtchn_inject.patch
5c87b6e8-avoid-atomic-rmw-accesses-in-map_vcpu_info.patch
5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch
5c8f752c-x86-e820-build-with-gcc9.patch
5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch
5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch
5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch
5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch
5c9e63c5-credit2-SMT-idle-handling.patch
5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch
5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch
5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch
5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch
5cd921fb-trace-fix-build-with-gcc9.patch
5cd9224b-AMD-IOMMU-disable-upon-init-fail.patch
5cd922c5-x86-MTRR-recalc-p2mt-when-iocaps.patch
5cd9230f-VMX-correctly-get-GS_SHADOW-for-current.patch
5cd926d0-bitmap_fill-zero-sized.patch
5cd92724-drivers-video-drop-constraints.patch
5cd93a69-x86-MSR_INTEL_CORE_THREAD_COUNT.patch
5cd93a69-x86-boot-detect-Intel-SMT-correctly.patch
5cd93a69-x86-spec-ctrl-reposition-XPTI-parsing.patch
5cd981ff-x86-IRQ-tracing-avoid-UB-or-worse.patch
5cdad090-x86-spec-ctrl-CPUID-MSR-definitions-for-MDS.patch
5cdad090-x86-spec-ctrl-infrastructure-for-VERW-flush.patch
5cdad090-x86-spec-ctrl-misc-non-functional-cleanup.patch
5cdad090-x86-spec-ctrl-opts-to-control-VERW-flush.patch
5cdeb9fd-sched-fix-csched2_deinit_pdata.patch
5ce7a92f-x86-IO-APIC-fix-build-with-gcc9.patch
5cf0f6a4-x86-vhpet-resume-avoid-small-diff.patch
5cf16e51-x86-spec-ctrl-Knights-retpoline-safe.patch
5d03a0c4-1-Arm-add-an-isb-before-reading-CNTPCT_EL0.patch
5d03a0c4-2-gnttab-rework-prototype-of-set_status.patch
5d03a0c4-3-Arm64-rewrite-bitops-in-C.patch
5d03a0c4-4-Arm32-rewrite-bitops-in-C.patch
5d03a0c4-5-Arm-bitops-consolidate-prototypes.patch
5d03a0c4-6-Arm64-cmpxchg-simplify.patch
5d03a0c4-7-Arm32-cmpxchg-simplify.patch
5d03a0c4-8-Arm-bitops-helpers-with-timeout.patch
5d03a0c4-9-Arm-cmpxchg-helper-with-timeout.patch
5d03a0c4-A-Arm-turn-on-SILO-mode-by-default.patch
5d03a0c4-B-bitops-guest-helpers.patch
5d03a0c4-C-cmpxchg-guest-helpers.patch
5d03a0c4-D-use-guest-atomics-helpers.patch
5d03a0c4-E-Arm-add-perf-counters-in-guest-atomic-helpers.patch
5d03a0c4-F-Arm-protect-gnttab_clear_flag.patch
- Refreshed patches
libxl.pvscsi.patch
xen-tools.etc_pollution.patch
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0