openSUSE Kubic
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
November 2020
- 8 participants
- 45 discussions
12 Nov '20
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor (2.13.5 -> 3.0.0)
bcache-tools
chrony
cilium (1.7.6 -> 1.8.5)
container-selinux (2.145.0 -> 2.150.0)
gcc10 (10.2.1+git583 -> 10.2.1+git872)
glibc
grub2
haproxy
helm (3.3.4 -> 3.4.0)
ima-evm-utils (1.3.1 -> 1.3.2)
installation-images-MicroOS (16.25 -> 16.26)
iptables (1.8.5 -> 1.8.6)
kernel-firmware (20201005 -> 20201023)
kernel-source (5.8.15 -> 5.9.1)
libapparmor (2.13.5 -> 3.0.0)
libxml2
microos-tools (2.6 -> 2.7)
nfs-utils
perl (5.30.3 -> 5.32.0)
python-cryptography (3.0 -> 3.2.1)
python-psutil
raspberrypi-firmware-dt (2020.05.02 -> 2020.10.26)
rpm-config-SUSE (0.g60 -> 0.g64)
salt
selinux-policy (20201016 -> 20201029)
shadow
systemd-default-settings (0.2 -> 0.4)
timezone (2020a -> 2020d)
transactional-update (2.28 -> 2.28.2)
vim (8.2.1900 -> 8.2.1955)
zypp-plugin
=== Details ===
==== apparmor ====
Version update (2.13.5 -> 3.0.0)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in
de, id and sv translations (and fix the test) (MR 675)
- add extra-profiles-fix-Pux.diff to fix an inactive profile -
prevents a crash in aa-logprof and aa-genprof when creating a new
profile (MR 676)
- update to AppArmor 3.0.0
- introduce feature abi declaration in profiles to enable use of
new rule types (for openSUSE: dbus and unix rules)
- support xattr attachment conditionals
- experimental support for kill and unconfined profile modes
- rewritten aa-status (in C), including support for new profile modes
- rewritten aa-notify (in python), finally dropping the perl
requirement at runtime
- new tool aa-features-abi for extracting feature abis from the kernel
- update profiles to have profile names and to use 3.0 feature abi
- introduce @{etc_ro} and @{etc_rw} profile variables
- new profile for php-fpm
- several updates to profiles and abstractions (including boo#1166007)
- fully support 'include if exists' in the aa-* tools
- rewrite handling of alias, include, link and variable rules in
the aa-* tools
- rewrite and simplify log handling in the aa-logprof and aa-genprof
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- patches:
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop upstreamed usr-etc-abstractions-base-nameservice.diff
- drop 2.13-only libapparmor-so-number.diff
- refresh apparmor-enable-profile-cache.diff - partially upstreamed
- update apparmor-samba-include-permissions-for-shares.diff and
apparmor-lessopen-profile.patch - switch to "include if exists"
- apparmor-lessopen-profile.patch: add abi rule to lessopen profile
- refresh apparmor-lessopen-nfs-workaround.diff
- move away very loose apache profile that doesn't even match the
apache2 binary path in openSUSE to avoid confusion (boo#872984)
- move rewritten aa-status from utils to parser subpackage
- add aa-features-abi to parser subpackage
- replace perl and libnotify-tools requires with requiring
python3-notify2 and python3-psutil (needed by the rewritten
aa-notify)
- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
- drop (never enabled) conditionals to build with python2 and to
build the python-apparmor subpackage (upstream dropped python2
support)
- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
- set PYFLAKES path for utils check
- add precompiled_cache build conditional to allow faster local
builds without using kvm
- remove duplicated BuildRequires: swig
==== bcache-tools ====
- Remove dependence of smartcols bcache-tools.spec, bcache-tools
code doesn't need it now. (jsc#SLE-9807)
- Remove 1001-udev-do-not-rely-on-DRIVER-variable.patch because
we have 0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch
to provide static UUIDs. (jsc#SLE-9807)
- bcache-tools: add man page bcache-status.8 (jsc#SLE-9807)
0017-bcache-tools-add-man-page-bcache-status.8.patch
- bcache-tools: add bcache-status (jsc#SLE-9807)
0016-bcache-tools-add-bcache-status.patch
- bcache-tools: make: permit only one cache device to be
specified (jsc#SLE-9807)
0015-bcache-tools-make-permit-only-one-cache-device-to-be.patch
- bcache-tools: Remove the dependency on libsmartcols
(jsc#SLE-9807)
0014-bcache-tools-Remove-the-dependency-on-libsmartcols.patch
- bcache-tools: Export CACHED_UUID and CACHED_LABEL
(jsc#SLE-9807)
0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch
- bcache-tools: Fix potential coredump issues (jsc#SLE-9807)
0012-bcache-tools-Fix-potential-coredump-issues.patch
- bcache-tools: add print_cache_set_supported_feature_sets()
in lib.c (jsc#SLE-9807)
0011-bcache-tools-add-print_cache_set_supported_feature_s.patch
- bcache-tools: add large_bucket incompat feature (jsc#SLE-9807)
0010-bcache-tools-add-large_bucket-incompat-feature.patch
- bcache-tools: upgrade super block versions for feature sets
(jsc#SLE-9807)
0009-bcache-tools-upgrade-super-block-versions-for-featur.patch
- bcache-tools: define separated super block for in-memory and
on-disk format (jsc#SLE-9807)
0008-bcache-tools-define-separated-super-block-for-in-mem.patch
- bcache-tools: add to_cache_sb() and to_cache_sb_disk()
(jsc#SLE-9807)
0007-bcache-tools-add-to_cache_sb-and-to_cache_sb_disk.patch
- bcache-tools: list.h: only define offsetof() when it is
undefined (jsc#SLE-9807)
0006-bcache-tools-list.h-only-define-offsetof-when-it-is-.patch
- bcache-tools: bitwise.h: more swap bitwise for different
CPU endians (jsc#SLE-9807)
0005-bcache-tools-bitwise.h-more-swap-bitwise-for-differe.patch
- bcache-tools: add struct cache_sb_disk into bcache.h (jsc#SLE-9807)
0004-bcache-tools-add-struct-cache_sb_disk-into-bcache.h.patch
- bcache-tools: convert writeback to writethrough mode for zoned
backing device (jsc#SLE-9807)
0003-bcache-tools-convert-writeback-to-writethrough-mode-.patch
- bcache-tools: add is_zoned_device() (jsc#SLE-9807)
0002-bcache-tools-add-is_zoned_device.patch
- bcache-tools: set zoned size aligned data_offset on backing device
for zoned devive (jsc#SLE-9807)
0001-bcache-tools-set-zoned-size-aligned-data_offset-on-b.patch
==== chrony ====
Subpackages: chrony-pool-openSUSE
- By default we don't write log files but log to journald, so
only recommend logrotate.
==== cilium ====
Version update (1.7.6 -> 1.8.5)
- Update to 1.8.5
* Release notes: https://github.com/cilium/cilium/releases/tag/v1.8.5
- Remove patches which were included upstream:
* 0001-option-mark-keep-bpf-templates-as-deprecated.patch
* 0002-make-remove-the-need-for-go-bindata.patch
* 0003-bpf-don-t-use-fixed-size-integer-types-from-stdint.h.patch
* 0005-bpf-re-add-a-proper-types.h-mapper.patch
* 0006-build-Avoid-using-git-if-not-in-a-git-repo.patch
* 0007-option-rename-PolicyMapMaxEntries-to-PolicyMapEntrie.patch
* 0008-helm-allow-to-configure-bpf-nat-global-max-using-Hel.patch
* 0009-option-reduce-default-number-for-TCP-CT-and-NAT-tabl.patch
* 0010-daemon-add-option-to-dynamically-size-BPF-maps-based.patch
- Remove downstream patch which is not needed anymore (now it's
enough to just modify the Helm chart with sed to set out images):
* 0004-helm-Allow-variables-for-compatibility-with-openSUSE.patch
- Add upstream patch for installing the operator binary:
* 0001-operator-make-Add-install-target.patch
==== container-selinux ====
Version update (2.145.0 -> 2.150.0)
- Don't use BuildRequires based on shell script output. OBS can't
evaluate that.
- Update to version 2.150.0
- Add additional allow rules for kvm based containers using
virtiofsd.
==== gcc10 ====
Version update (10.2.1+git583 -> 10.2.1+git872)
Subpackages: libgcc_s1 libgomp1 libstdc++6
- Update to gcc-10 branch head (a78cd759754c92cecbf235ac9b), git872.
- Build complete set of multilibs for arm-none target [bsc#1106014]
* Fixes inadvertant mixture of ARM and Thumb instructions in linker output
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- Use --enable-cet on x86_64 to instrument glibc for indirect branch
tracking and shadow stack use. Enable indirect branch tracking
and shadow stack in the dynamic loader. [jsc#PM-2110] [bsc#1175154]
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix boot failure in blocklist installation (bsc#1178278)
* Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch
==== haproxy ====
- apparmor profile fixes:
- include abstractions that give access to the openssl config,
ssl certs and ssl keys
- include local configs only with "if exists" so they do not have
to exist.
- move local files to %ghost
==== helm ====
Version update (3.3.4 -> 3.4.0)
- Update to version 3.4.0:
* bump version to v3.4.0
* this rewrites a whole bunch of old repo URLs to the new repo URL (#8902)
* warn and block old repo URLs (#8903)
* improved user-facing error messages to explain the underlying problem (#8731)
* Linking to a more complete list of meeting details.
* add authentication to CircleCI jobs
* helm create: make generated YAML indentation more consistent
* Makefile: check and use GOBIN environment variable first
* TestCheckPerms: utilize pipe to read stderr
* Bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0
* Bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0
* feat(install): add requested version to error
* Bump github.com/gofrs/flock from 0.7.1 to 0.8.0
* Bump github.com/lib/pq from 1.7.0 to 1.8.0
* Fix wrong function's name in comment
* ref(cmd): prevent klogs flags from polluting the help text
* Adding support for k8s 1.19
* remove redudant time func
* fix example time format
* rename to time format flag
* refactor time formatting
* fix ls command example
* add time-format flag to list command
* Adding annotation to index.yaml file
* Fixing import package issue
* Update go version to 1.14 in go.mod
* use warning function
* Adding size labels pointer
* Fixing issue with idempotent repo add
* support passing signing passphrase from file or stdin (#8394)
* size/S and larger requiring 2 LGTMs
* Update docs links in release notes script
* fix: allow serverInfo field on index files
* fix(cmd/helm): add build tags for architecture
* switched to stricter YAML parsing on plugin metadata files
* Merge pull request from GHSA-m54r-vrmv-hw33
* Merge pull request from GHSA-jm56-5h66-w453
* Merge pull request from GHSA-9vp5-m38w-j776
* go fmt
* improve the HTTP detection for tar archives
* replace --no-update with --force-update and invert default. BREAKING.
* handle case where dependency name collisions break dependency resolution
* fixed bug that caused helm create to not overwrite modified files
* refactor the release name validation to be consistent across Helm
* fix: if not .Values.autoscaling.enabled indent
* validate the name passed in during helm create
* fix: check mode bits on kubeconfig file
* fix incorrect wildcard expand
* fix(comp): Disable file comp for output formats
* Makefile: Fix LDFLAGS overriding
* Add support to install helm
* Fixing typo in engine comments
* Use T.cleanup() to cleanup cmdtest_temp file
* Use RemoveAll to remove a non-empty directory
* mark NewTempServer as Deprecated
* Use T.Cleanup() to cleanup temp dir helm-repotest
* Support impersonation via flags similar to kubectl --as="user"
* Document all env vars for CLI help
* Use T.cleanup() to cleanup helm-action-test
* Add GPG signature verification to install script (#7944)
* fix: with .Values.podAnnotations indent template
* Revert PR 8562
* feat(comp): Add support for fish completion
* feat: status command display description
* Remove duplicate variable definition
* Fixed a variable name collision caused by two PR merges (#8681)
* Fix/8467 linter failing (#8496)
* fix name length check on lint (#8543)
* Fix spelling in completion.go
* cleanup tempfiles for load_test
* add checkFileCompletion for env HELM_BIN
* feat(env): add support of accepting a specific variable for helm env
* Fixing failing CI for windows
* pkg/*: Small linting fixes
* Correct checksum file links
* Fixing linting of templates on Windows
* use URL escape codes
* add v4 to list of exempt labels
* optimise if condition in service ready logic
* feat(comp): Disable file completion when not valid
* Bump Kubernetes to v0.18.8 + Bump jsonpatch
* release/mock: Ensure conversion from int to string yields a string
* Update Common Lables template in starter chart
* chore(deps): add dependabot.yml
* Fix Quick Start Guide Link in README.md
* add helm v4 todo comments for FindChartInAuthAndTLSRepoURL.
* polish the error handler
* Move selector filtering after latest release version filtering
* Added testing for list action with selector
* Added notice about supported backends
* Fix linting issues
* Added selector filtering
* Pass labels from secret/configmap to release object
* Added selector option to list command
* fix test that modifies the wrong cache data
* bufix: fix validateNumColons docs
* Fix typo
* darwin-386 and windows-386 are not supported now
* Fix issue with install and upgrade running all hooks
* introduce stale issue bot
* Close gzip reader when done.
* fix watch error due to elb/proxy timeout
* Avoid hardcoded container port in default notes
* add unit tests for FindChartInAuthAndTLSRepoURL.
* Restoring Build behavior
* Adding helm v4 todo
* Make unmanaged repositories version resolvable
* Locking file URIs to a version in lockfile
* Enhance readability by extracting bitwise operation
* fix(sdk): Polish the downloader/manager package error return (#8491)
* fix insecure-skip-tls-verify flag does't work on helm install, Keep FindChartInRepoURL and FindChartInAuthRepoURL functions signatures intact.
* fix: Allow building in a path containing spaces
* Alter whitespace in "Update Complete" output
* fix(create): update the hook name of test-connection pod
* polish the help text of flag
* Reinstating comment that is still accurate
* Rollback command support for max history
* fix(helm): Update test during pending install
* Correct make target in Makefile
* fix(helm): Added test for concurrent upgrades
* fix(helm): Avoid corrupting storage via a lock
* Fixing version and spelling errors
* Clarify comments to match practice
* fix the code style error
* feature(show): support jsonpath output for `helm show value`
* fix(kube): use logger instead of fmt.Printf
* fix windows build failure caused by #8431
* address PR comment, adding whitespace for formatting
* feat(helm): prompt for password with helm repo add
* Lint dependencies (#7970)
* Environment variable for setting the max history for an environment
* chore(OWNERS): move michelleN to emeritus
* bump version to v3.3
* fix conflict
* add test case
* fix another extreme case
* add test case
* fix #6116
* Make helm ls return only current releases if providing state filter
* Report what cause finding chart to fail
* Simplify chart installable check
==== ima-evm-utils ====
Version update (1.3.1 -> 1.3.2)
Subpackages: evmctl libimaevm2
- Update to version 1.3.2
* Bugfixes: importing keys
* NEW: Docker based travis distro testing
* Travis bugfixes, code cleanup, software version update,
and script removal
* Initial travis testing
- Remove 0001-help-Add-missing-new-line-for-ignore-violations.patch
(patch from this release)
- Add make check + dependencies (getfattr => attr, xxd => vim)
==== installation-images-MicroOS ====
Version update (16.25 -> 16.26)
- merge gh#openSUSE/installation-images#435
- don't forget .lib*.hmac files (bsc#1178208)
- 16.26
==== iptables ====
Version update (1.8.5 -> 1.8.6)
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins
- Update to release 1.8.6
* iptables-nft had pointlessly added "bitwise" expressions to
each IP address match, needlessly slowing down run-time
performance (by 50% in worst cases).
* iptables-nft-restore: Support basechain policy value of "-"
(indicating to not change the chain's policy).
* nft-translte: Fix translation of ICMP type "any" match.
==== kernel-firmware ====
Version update (20201005 -> 20201023)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20201023 (git commit dae4b4cd0841):
* cypress: add Cypress firmware and clm_blob files
* rtl_bt: Update RTL8821C BT FW to 0xAA6C_A99E
* ath10k: add SDIO firmware for QCA9377 WiFi
* ice: update package file to 1.3.16.0
* mediatek: separate venc service thread
* QCA : Updated firmware file for WCN3991
* iwlwifi: update and add new FWs from core56-54 release
* iwlwifi: update 3168, 7265D, 8000C and 8265 firmwares
* i915: Add DG1 DMC v2.02
* qcom : updated venus firmware files for v5.4
- Add _constraints to fix the build error (bsc#1178242)
==== kernel-source ====
Version update (5.8.15 -> 5.9.1)
- vt_ioctl: fix GIO_UNIMAP regression (5.9 GIO_UNIMAP regression).
- commit 15946ea
- kernel-binary.spec.in: pack scripts/module.lds into kernel-$flavor-devel
Since mainline commit 596b0474d3d9 ("kbuild: preprocess module linker
script") in 5.10-rc1, scripts/module.lds linker script is needed to build
out of tree modules. Add it into kernel-$flavor-devel subpackage.
- commit fe37c16
- drm/amd/display: Don't invoke kgdb_breakpoint() unconditionally
(bsc#1177973).
- drm/amd/display: Fix kernel panic by dal_gpio_open() error
(bsc#1177973).
- commit 3f21462
- series.conf: cleanup
- move to "almost mainline" section:
patches.suse/coresight-fix-offset-by-one-error-in-counting-ports.patch
- commit 8e0635b
- Refresh
patches.suse/coresight-fix-offset-by-one-error-in-counting-ports.patch.
Update upstream status.
- commit 7b40cc9
- Linux 5.9.1 (bsc#1012628).
- Bluetooth: MGMT: Fix not checking if BT_HS is enabled
(bsc#1012628).
- media: usbtv: Fix refcounting mixup (bsc#1012628).
- USB: serial: option: add Cellient MPL200 card (bsc#1012628).
- USB: serial: option: Add Telit FT980-KS composition
(bsc#1012628).
- staging: comedi: check validity of wMaxPacketSize of usb
endpoints found (bsc#1012628).
- USB: serial: pl2303: add device-id for HP GC device
(bsc#1012628).
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART
adapters (bsc#1012628).
- vt_ioctl: make VT_RESIZEX behave like VT_RESIZE (bsc#1012628).
- reiserfs: Initialize inode keys properly (bsc#1012628).
- reiserfs: Fix oops during mount (bsc#1012628).
- Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers"
(bsc#1012628).
- crypto: bcm - Verify GCM/CCM key length in setkey (bsc#1012628).
- crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
(bsc#1012628).
- commit b7f511b
- update patches metadata
- update upstream references:
patches.suse/Bluetooth-A2MP-Fix-not-initializing-all-members.patch
patches.suse/Bluetooth-L2CAP-Fix-calling-sk_filter-on-non-socket-.patch
- commit b1f22f7
==== libapparmor ====
Version update (2.13.5 -> 3.0.0)
- update to AppArmor 3.0.0
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop 2.13-only patch libapparmor-so-number.diff
==== libxml2 ====
Subpackages: libxml2-2 libxml2-tools
- Make python subpackage ready for multiple python3 flavors
gh#openSUSE/python-rpm-macros#66
==== microos-tools ====
Version update (2.6 -> 2.7)
- Update to version 2.7
- Add workaround if /.autorelabel is used, don't ignore it
- Rename tmp.conf to microos-tmp.conf on SUSE MicroOS
- Fix building on SUSE MicroOS
==== nfs-utils ====
Subpackages: libnfsidmap1 nfs-client
- Update to version 2.5.2
- fixed a couple memory leaks and other bug fixes,
- a lot of clean up
- Refresh nfs-utils-1.0.7-bind-syntax.patch
- Use %autosetup -p1
==== perl ====
Version update (5.30.3 -> 5.32.0)
- update to perl-5.32.0
* new experimental infix "isa" operator
* support of unicode 13.0
* chained comparisons capability
- updated patches:
* perl-HiRes.t-timeout.diff
* posix-sigaction.patch
* perl-fix2020.patch
* perl-reproducible2.patch
* perl_skip_flaky_tests_powerpc.patch
==== python-cryptography ====
Version update (3.0 -> 3.2.1)
- update to 3.2.1:
Disable blinding on RSA public keys to address an error with
some versions of OpenSSL.
- update to 3.2:
* CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time,
to protect against Bleichenbacher vulnerabilities. Due to limitations imposed
by our API, we cannot completely mitigate this vulnerability.
* Support for OpenSSL 1.0.2 has been removed.
* Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder.
- update to 3.1.1:
* wheels compiled with OpenSSL 1.1.1h.
- update to 3.1:
* **BACKWARDS INCOMPATIBLE:** Removed support for ``idna`` based
:term:`U-label` parsing in various X.509 classes. This support was originally
deprecated in version 2.1 and moved to an extra in 2.5.
* Deprecated OpenSSL 1.0.2 support. OpenSSL 1.0.2 is no longer supported by
the OpenSSL project. The next version of ``cryptography`` will drop support
for it.
* Deprecated support for Python 3.5. This version sees very little use and will
be removed in the next release.
* ``backend`` arguments to functions are no longer required and the
default backend will automatically be selected if no ``backend`` is provided.
* Added initial support for parsing certificates from PKCS7 files with
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates`
and
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates`
.
* Calling ``update`` or ``update_into`` on
:class:`~cryptography.hazmat.primitives.ciphers.CipherContext` with ``data``
longer than 2\ :sup:`31` bytes no longer raises an ``OverflowError``. This
also resolves the same issue in :doc:`/fernet`.
==== python-psutil ====
- Fix shebang replacement for multiple python flavors
==== raspberrypi-firmware-dt ====
Version update (2020.05.02 -> 2020.10.26)
- Update to 2dc96ad40979 (2020-10-26):
* Introduce firmware-clocks
* Introduce firmware-reset
* Add reset controller in xHCI node
- Get rid of vl805-firmware-loader-overlay.dts, not needed anymore
==== rpm-config-SUSE ====
Version update (0.g60 -> 0.g64)
- Update to version 0.g64:
* Define a global %_firmwaredir
* macros.obs: remove unused macros
==== salt ====
Subpackages: python3-salt salt-master salt-minion salt-standalone-formulas-configuration
- Set passphrase for salt-ssh keys to empty string (bsc#1178485)
- Added:
* set-passphrase-for-salt-ssh-keys-to-empty-string-293.patch
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319) (bsc#1178362) (bsc#1178361)
(CVE-2020-25592) (CVE-2020-17490) (CVE-2020-16846)
- Added:
* fix-cve-2020-25592-and-add-tests-bsc-1178319.patch
- Fix novendorchange handling in zypperpkg module
- Added:
* fix-novendorchange-option-284.patch
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867)
- Added:
* path-replace-functools.wraps-with-six.wraps-bsc-1177.patch
==== selinux-policy ====
Version update (20201016 -> 20201029)
Subpackages: selinux-policy-targeted
- wicked.fc: add libexec directories
- Update to version 20201029
- update container policy
==== shadow ====
- Change again useradd.local script to let it work even for system
accounts and work together with SELinux (bsc#1178296)
- Change patch useradd-script.patch to support the four arguments
used by the useradd.local script (bsc#1178296)
==== systemd-default-settings ====
Version update (0.2 -> 0.4)
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- rpm file lists are now generated from the spec file.
- Make sure the release number between the main and the branding
packages match
- Import 0.3
d299248 List drop-in directories in SUSE.list exclusively
e4651a7 Disable memory accounting by default for all distros (jsc#PM-2229 jsc#PM-2230)
==== timezone ====
Version update (2020a -> 2020d)
- Add fat.patch to generate "fat" timezone files (was default before 2020b).
- Adjust timezone-java.spec.in to avoid build failures when running
pre_checkin.sh
- timezone update 2020d
* Palestine ends DST earlier than predicted, on 2020-10-24.
- timezone update 2020c
* Fiji starts DST later than usual, on 2020-12-20.
- timezone update 2020b (bsc#1177460)
* Revised predictions for Morocco's changes starting in 2023.
* Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08.
* Macquarie Island has stayed in sync with Tasmania since 2011.
* Casey, Antarctica is at +08 in winter and +11 in summer.
* zic no longer supports -y, nor the TYPE field of Rules.
- Rebased timezone-2018f-bsc1112310.patch
==== transactional-update ====
Version update (2.28 -> 2.28.2)
Subpackages: transactional-update-zypp-config
- Version 2.28.2
- SELinux: Exclude security.selinux attribute from rsyncing (again)
- Version 2.28.1
- SELinux: Fixed changing the wrong grub configuration file
- SELinux: Move /.autorelabel file to writeable location
==== vim ====
Version update (8.2.1900 -> 8.2.1955)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.1955, fixes the following problems
* Vim9: command modifiers do not work.
* Variable completion does not work in command line window.
* Default option values are changed when using :badd for an existing buffer.
* Buffer test fails with normal features.
* Still using default option values after using ":badd +1".
* The wininfo list may contain stale entries.
* Warning for signed/unsigned.
* Complete_info().selected may be wrong.
* Lua is initialized even when not used.
* Number of status line items is limited to 80.
* Reading past the end of the command line.
* Tiny build fails.
* With Python 3.9 some tests fail.
* GTK GUI: rounding for the cell height is too strict.
* Vim9: cannot put line break in expression for '=' register.
* Vim9: error for wrong number of arguments is not useful.
* Vim9: function call is aborted even when "silent!" is used.
* No test for improved Man command.
* Vim9: E1100 mentions :let.
* Assert_fails() setting emsg_silent changes normal execution.
* Listlbr test fails when run after another test.
* Fuzzy matching does not recognize path separators.
* Win32: scrolling doesn't work properly when part of window is off-screen.
* Vim9: "filter" command modifier doesn't work.
* Vim9: crash when indexing dict with NULL key.
* List/dict test fails.
* Cannot use a space in 'spellfile'. (Filipe Brandenburger)
* Vim9: get unknown error with an error in a timer function.
* Vim9: "silent!" not effective when list index is wrong.
* MS-Windows: problem loading Perl 5.32.
* Wrong input if removing shift results in special key code.
* Vim9: arguments of extend() not checked at compile time.
* Compiler warnings when building with Athena GUI.
* Cannot sort using locale ordering.
* Vim9: command modifiers in :def function not tested.
* Sort test fails on Mac.
* Session sets the local 'scrolloff' value to the global value.
* Vim9: test for confirm modifier fails in some situations.
* Wiping out a terminal buffer makes some tests fail.
* Invalid memory access in Ex mode with global command.
* Vim9: browse modifier test fails on Mac.
* Ex mode test fails on MS-Windows with GUI.
* Insufficient test coverage for the Netbeans interface.
* Vim9: wrong error message when colon is missing.
* Netbeans test is flaky.
* Crash when passing NULL function to reduce().
* sort() with NULL string not tested.
* Crash when using "zj" without folds. (Sean Dewar)
* GUI: crash when handling message while closing a window. (Srinath
Avadhanula)
* Vim9: using extend() on null dict is silently ignored.
* Vim9: crash when compiling function fails when getting type.
* Test for list and dict fails.
* Vim9: crash when using a NULL dict key.
* Vim9: extra "unknown" error after other error.
* Vim9: not all command modifiers are tested.
* Vim9: not all command modifiers are tested.
- apparmor.vim: update from AppArmor 3.0
- add capability checkpoint_restore
==== zypp-plugin ====
- singlespec in Tumbleweed must support multiple python3 flavors
in the future gh#openSUSE/python-rpm-macros#66
1
0
10 Nov '20
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
NetworkManager
PackageKit
apparmor (2.13.5 -> 3.0.0)
bcache-tools
chrony
container-selinux (2.145.0 -> 2.150.0)
fwupd (1.4.5 -> 1.5.1)
gcc10 (10.2.1+git583 -> 10.2.1+git872)
glibc
grub2
hplip
ima-evm-utils (1.3.1 -> 1.3.2)
installation-images-MicroOS (16.25 -> 16.26)
iptables (1.8.5 -> 1.8.6)
kernel-firmware (20201005 -> 20201023)
kernel-source (5.8.15 -> 5.9.1)
libapparmor (2.13.5 -> 3.0.0)
libqt5-qtbase
libxml2
libyui-ncurses (2.57.1 -> 2.57.2)
libyui-qt (2.56.1 -> 2.56.2)
microos-tools (2.6 -> 2.7)
mpc (1.2.0 -> 1.2.1)
osinfo-db (20200813 -> 20201015)
perl (5.30.3 -> 5.32.0)
polkit-default-privs (1550+20201012.1df5a0d -> 1550+20201103.994a5ed)
python-cryptography (3.0 -> 3.2.1)
qpdf (10.0.1 -> 10.0.3)
raspberrypi-firmware-dt (2020.05.02 -> 2020.10.26)
rpm-config-SUSE (0.g60 -> 0.g64)
sddm
selinux-policy (20201016 -> 20201029)
shadow
systemd-default-settings (0.2 -> 0.4)
timezone (2020a -> 2020d)
transactional-update (2.28 -> 2.28.2)
vim (8.2.1900 -> 8.2.1955)
vulkan-loader (1.2.154 -> 1.2.154.1)
xdm
=== Details ===
==== NetworkManager ====
Subpackages: libnm0 typelib-1_0-NM-1_0
- Exclude systemd.automount from nfs processing: fix boo#1116625
as suggested from Neil Brown
==== PackageKit ====
Subpackages: PackageKit-backend-zypp libpackagekit-glib2-18
- Add PackageKit-bsc1169739.patch: main: notify the service manager
when it's beginning to shutdown
(gh#/hughsie/PackageKit/commit/d8dd484d, bsc#1169739).
- Replace $DISABLE_RESTART_ON_UPDATE=yes with %service_del_postun_without_restart
Use of $DISABLE_RESTART_ON_UPDATE is deprecated.
==== apparmor ====
Version update (2.13.5 -> 3.0.0)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in
de, id and sv translations (and fix the test) (MR 675)
- add extra-profiles-fix-Pux.diff to fix an inactive profile -
prevents a crash in aa-logprof and aa-genprof when creating a new
profile (MR 676)
- update to AppArmor 3.0.0
- introduce feature abi declaration in profiles to enable use of
new rule types (for openSUSE: dbus and unix rules)
- support xattr attachment conditionals
- experimental support for kill and unconfined profile modes
- rewritten aa-status (in C), including support for new profile modes
- rewritten aa-notify (in python), finally dropping the perl
requirement at runtime
- new tool aa-features-abi for extracting feature abis from the kernel
- update profiles to have profile names and to use 3.0 feature abi
- introduce @{etc_ro} and @{etc_rw} profile variables
- new profile for php-fpm
- several updates to profiles and abstractions (including boo#1166007)
- fully support 'include if exists' in the aa-* tools
- rewrite handling of alias, include, link and variable rules in
the aa-* tools
- rewrite and simplify log handling in the aa-logprof and aa-genprof
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- patches:
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop upstreamed usr-etc-abstractions-base-nameservice.diff
- drop 2.13-only libapparmor-so-number.diff
- refresh apparmor-enable-profile-cache.diff - partially upstreamed
- update apparmor-samba-include-permissions-for-shares.diff and
apparmor-lessopen-profile.patch - switch to "include if exists"
- apparmor-lessopen-profile.patch: add abi rule to lessopen profile
- refresh apparmor-lessopen-nfs-workaround.diff
- move away very loose apache profile that doesn't even match the
apache2 binary path in openSUSE to avoid confusion (boo#872984)
- move rewritten aa-status from utils to parser subpackage
- add aa-features-abi to parser subpackage
- replace perl and libnotify-tools requires with requiring
python3-notify2 and python3-psutil (needed by the rewritten
aa-notify)
- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
- drop (never enabled) conditionals to build with python2 and to
build the python-apparmor subpackage (upstream dropped python2
support)
- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
- set PYFLAKES path for utils check
- add precompiled_cache build conditional to allow faster local
builds without using kvm
- remove duplicated BuildRequires: swig
==== bcache-tools ====
- Remove dependence of smartcols bcache-tools.spec, bcache-tools
code doesn't need it now. (jsc#SLE-9807)
- Remove 1001-udev-do-not-rely-on-DRIVER-variable.patch because
we have 0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch
to provide static UUIDs. (jsc#SLE-9807)
- bcache-tools: add man page bcache-status.8 (jsc#SLE-9807)
0017-bcache-tools-add-man-page-bcache-status.8.patch
- bcache-tools: add bcache-status (jsc#SLE-9807)
0016-bcache-tools-add-bcache-status.patch
- bcache-tools: make: permit only one cache device to be
specified (jsc#SLE-9807)
0015-bcache-tools-make-permit-only-one-cache-device-to-be.patch
- bcache-tools: Remove the dependency on libsmartcols
(jsc#SLE-9807)
0014-bcache-tools-Remove-the-dependency-on-libsmartcols.patch
- bcache-tools: Export CACHED_UUID and CACHED_LABEL
(jsc#SLE-9807)
0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch
- bcache-tools: Fix potential coredump issues (jsc#SLE-9807)
0012-bcache-tools-Fix-potential-coredump-issues.patch
- bcache-tools: add print_cache_set_supported_feature_sets()
in lib.c (jsc#SLE-9807)
0011-bcache-tools-add-print_cache_set_supported_feature_s.patch
- bcache-tools: add large_bucket incompat feature (jsc#SLE-9807)
0010-bcache-tools-add-large_bucket-incompat-feature.patch
- bcache-tools: upgrade super block versions for feature sets
(jsc#SLE-9807)
0009-bcache-tools-upgrade-super-block-versions-for-featur.patch
- bcache-tools: define separated super block for in-memory and
on-disk format (jsc#SLE-9807)
0008-bcache-tools-define-separated-super-block-for-in-mem.patch
- bcache-tools: add to_cache_sb() and to_cache_sb_disk()
(jsc#SLE-9807)
0007-bcache-tools-add-to_cache_sb-and-to_cache_sb_disk.patch
- bcache-tools: list.h: only define offsetof() when it is
undefined (jsc#SLE-9807)
0006-bcache-tools-list.h-only-define-offsetof-when-it-is-.patch
- bcache-tools: bitwise.h: more swap bitwise for different
CPU endians (jsc#SLE-9807)
0005-bcache-tools-bitwise.h-more-swap-bitwise-for-differe.patch
- bcache-tools: add struct cache_sb_disk into bcache.h (jsc#SLE-9807)
0004-bcache-tools-add-struct-cache_sb_disk-into-bcache.h.patch
- bcache-tools: convert writeback to writethrough mode for zoned
backing device (jsc#SLE-9807)
0003-bcache-tools-convert-writeback-to-writethrough-mode-.patch
- bcache-tools: add is_zoned_device() (jsc#SLE-9807)
0002-bcache-tools-add-is_zoned_device.patch
- bcache-tools: set zoned size aligned data_offset on backing device
for zoned devive (jsc#SLE-9807)
0001-bcache-tools-set-zoned-size-aligned-data_offset-on-b.patch
==== chrony ====
Subpackages: chrony-pool-openSUSE
- By default we don't write log files but log to journald, so
only recommend logrotate.
==== container-selinux ====
Version update (2.145.0 -> 2.150.0)
- Don't use BuildRequires based on shell script output. OBS can't
evaluate that.
- Update to version 2.150.0
- Add additional allow rules for kvm based containers using
virtiofsd.
==== fwupd ====
Version update (1.4.5 -> 1.5.1)
Subpackages: libfwupd2 libfwupdplugin1 typelib-1_0-Fwupd-2_0
- Amend the spec file (jsc#SLE-16818)
+ Only enable fish support for Tumbleweed
+ Only enable the MSR plugin for x86
+ Only install dbxtool in the architectures with UEFI support
- Update to version 1.5.1:
+ Use UDisks to find out if swap devices are encrypted.
+ Show a link to discover more information about a specific
plugin failure.
+ updated fish completions to 1.5.0.
+ Remove the duplicate parent-child data in FwupdDevice and
FuDevice.
+ Show a less scary fwupdate output for devices without info.
+ thunderbolt: recognize authorized value of '2' as well.
+ bcm57xx: Make hotplug more reliable.
+ Use a different Device ID for the OptionROM devices.
+ contrib/ci: switch TPM simulator from ibmswtpm to swtpm.
+ Delete unused EFI variables when deploying firmware.
+ Fix probe warning for the Logitech Unifying device.
+ Include the amount of NVRAM size in use in the LVFS failure
report.
+ Add external interface messages.
- Update to version 1.5.0:
+ Add a compatible re-implementation of the rhboot dbxtool.
+ Add async versions of the library for GUI tools.
+ Add commands for interacting with the ESP to fwupdtool.
+ Add firmware-extract subcommand to fwupdtool.
+ Add FwupdPlugin so we can convey enumerated system errors to
the end user.
+ Add plugin for Goodix fingerprint sensors.
+ Add plugin that can update the BCM5719 network adapter.
+ Add plugin to update Elan Touchpads using HID.
+ Add support for a delayed activation flow for Thunderbolt.
+ Add support for ChromeOS Quiche and Gingerbread.
+ Add support for Hyper hardware.
+ Add support for the Host Security ID.
+ Add support for ThunderBolt retimers.
+ Add switch-branch command to fwupdtool and fwupdmgr.
+ Allow blocking specific firmware releases by checksum.
+ Allow contructing a firmware with multiple images.
+ Allow firmware to require specific features from front-end
clients.
+ Allow updating the dbx using the LVFS, validating it is safe to
apply.
+ Include the HSI results and attributes in the uploaded report.
+ Support loading DMI data from DT systems.
+ Support LVFS::UpdateImage for GUI clients.
==== gcc10 ====
Version update (10.2.1+git583 -> 10.2.1+git872)
Subpackages: cpp10 libgcc_s1 libgomp1 libstdc++6
- Update to gcc-10 branch head (a78cd759754c92cecbf235ac9b), git872.
- Build complete set of multilibs for arm-none target [bsc#1106014]
* Fixes inadvertant mixture of ARM and Thumb instructions in linker output
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- Use --enable-cet on x86_64 to instrument glibc for indirect branch
tracking and shadow stack use. Enable indirect branch tracking
and shadow stack in the dynamic loader. [jsc#PM-2110] [bsc#1175154]
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix boot failure in blocklist installation (bsc#1178278)
* Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch
==== hplip ====
- Fixed bugzilla link (bsc#1177527)
==== ima-evm-utils ====
Version update (1.3.1 -> 1.3.2)
Subpackages: evmctl libimaevm2
- Update to version 1.3.2
* Bugfixes: importing keys
* NEW: Docker based travis distro testing
* Travis bugfixes, code cleanup, software version update,
and script removal
* Initial travis testing
- Remove 0001-help-Add-missing-new-line-for-ignore-violations.patch
(patch from this release)
- Add make check + dependencies (getfattr => attr, xxd => vim)
==== installation-images-MicroOS ====
Version update (16.25 -> 16.26)
- merge gh#openSUSE/installation-images#435
- don't forget .lib*.hmac files (bsc#1178208)
- 16.26
==== iptables ====
Version update (1.8.5 -> 1.8.6)
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins
- Update to release 1.8.6
* iptables-nft had pointlessly added "bitwise" expressions to
each IP address match, needlessly slowing down run-time
performance (by 50% in worst cases).
* iptables-nft-restore: Support basechain policy value of "-"
(indicating to not change the chain's policy).
* nft-translte: Fix translation of ICMP type "any" match.
==== kernel-firmware ====
Version update (20201005 -> 20201023)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20201023 (git commit dae4b4cd0841):
* cypress: add Cypress firmware and clm_blob files
* rtl_bt: Update RTL8821C BT FW to 0xAA6C_A99E
* ath10k: add SDIO firmware for QCA9377 WiFi
* ice: update package file to 1.3.16.0
* mediatek: separate venc service thread
* QCA : Updated firmware file for WCN3991
* iwlwifi: update and add new FWs from core56-54 release
* iwlwifi: update 3168, 7265D, 8000C and 8265 firmwares
* i915: Add DG1 DMC v2.02
* qcom : updated venus firmware files for v5.4
- Add _constraints to fix the build error (bsc#1178242)
==== kernel-source ====
Version update (5.8.15 -> 5.9.1)
- vt_ioctl: fix GIO_UNIMAP regression (5.9 GIO_UNIMAP regression).
- commit 15946ea
- kernel-binary.spec.in: pack scripts/module.lds into kernel-$flavor-devel
Since mainline commit 596b0474d3d9 ("kbuild: preprocess module linker
script") in 5.10-rc1, scripts/module.lds linker script is needed to build
out of tree modules. Add it into kernel-$flavor-devel subpackage.
- commit fe37c16
- drm/amd/display: Don't invoke kgdb_breakpoint() unconditionally
(bsc#1177973).
- drm/amd/display: Fix kernel panic by dal_gpio_open() error
(bsc#1177973).
- commit 3f21462
- series.conf: cleanup
- move to "almost mainline" section:
patches.suse/coresight-fix-offset-by-one-error-in-counting-ports.patch
- commit 8e0635b
- Refresh
patches.suse/coresight-fix-offset-by-one-error-in-counting-ports.patch.
Update upstream status.
- commit 7b40cc9
- Linux 5.9.1 (bsc#1012628).
- Bluetooth: MGMT: Fix not checking if BT_HS is enabled
(bsc#1012628).
- media: usbtv: Fix refcounting mixup (bsc#1012628).
- USB: serial: option: add Cellient MPL200 card (bsc#1012628).
- USB: serial: option: Add Telit FT980-KS composition
(bsc#1012628).
- staging: comedi: check validity of wMaxPacketSize of usb
endpoints found (bsc#1012628).
- USB: serial: pl2303: add device-id for HP GC device
(bsc#1012628).
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART
adapters (bsc#1012628).
- vt_ioctl: make VT_RESIZEX behave like VT_RESIZE (bsc#1012628).
- reiserfs: Initialize inode keys properly (bsc#1012628).
- reiserfs: Fix oops during mount (bsc#1012628).
- Revert "drm/amdgpu: Fix NULL dereference in dpm sysfs handlers"
(bsc#1012628).
- crypto: bcm - Verify GCM/CCM key length in setkey (bsc#1012628).
- crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA
(bsc#1012628).
- commit b7f511b
- update patches metadata
- update upstream references:
patches.suse/Bluetooth-A2MP-Fix-not-initializing-all-members.patch
patches.suse/Bluetooth-L2CAP-Fix-calling-sk_filter-on-non-socket-.patch
- commit b1f22f7
==== libapparmor ====
Version update (2.13.5 -> 3.0.0)
- update to AppArmor 3.0.0
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop 2.13-only patch libapparmor-so-number.diff
==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5
- Disable -reduce-relocations for now (boo#1175278, QTBUG-86173)
==== libxml2 ====
Subpackages: libxml2-2 libxml2-tools
- Make python subpackage ready for multiple python3 flavors
gh#openSUSE/python-rpm-macros#66
==== libyui-ncurses ====
Version update (2.57.1 -> 2.57.2)
- Explicitly set item and line index in NCMultiSelectionBox and
NCSelectionBox (bsc#1177982, bsc#1177985)
- 2.57.2
==== libyui-qt ====
Version update (2.56.1 -> 2.56.2)
- Honor menu item enabled/disabled state when rebuilding menu item tree
(e.g. after keyboard shortcut change) (boo#1178394)
- 2.56.2
==== microos-tools ====
Version update (2.6 -> 2.7)
- Update to version 2.7
- Add workaround if /.autorelabel is used, don't ignore it
- Rename tmp.conf to microos-tmp.conf on SUSE MicroOS
- Fix building on SUSE MicroOS
==== mpc ====
Version update (1.2.0 -> 1.2.1)
- mpc 1.2.1:
* Fix an incompatibility problem with GMP 6.0 and before
* Fix an intermediate overflow in asin
- express build dependencies explicitly to match the versions
required by configue, so that the OBS scheduler is aware of them
- move texinfo requirements to -devel package where they are
are actually used
- package license in every subpackage and mark as license
- run spec-cleaner
==== osinfo-db ====
Version update (20200813 -> 20201015)
- Update database to version 20201015
osinfo-db-20201015.tar.xz
==== perl ====
Version update (5.30.3 -> 5.32.0)
Subpackages: perl-base
- update to perl-5.32.0
* new experimental infix "isa" operator
* support of unicode 13.0
* chained comparisons capability
- updated patches:
* perl-HiRes.t-timeout.diff
* posix-sigaction.patch
* perl-fix2020.patch
* perl-reproducible2.patch
* perl_skip_flaky_tests_powerpc.patch
==== polkit-default-privs ====
Version update (1550+20201012.1df5a0d -> 1550+20201103.994a5ed)
- Update to version 1550+20201103.994a5ed:
* udisks2: rename of manage-led action to match upstream changes (bsc#1178321)
- Update to version 1550+20201030.d1b5d8b:
* whitelisting of GNOME malcontent parental controls (bsc#1177974)
* restrictive profile: fix conflicting duplicate action org.kde.powerdevil.backlighthelper.setbrightness
* restrictive profile: fix conflicting duplicate action org.freedesktop.color-manager.delete-profile
* profiles: fix conflicting duplicate action org.kde.powerdevil.backlighthelper.brightness
* profiles: remove duplicate actions with same authentication settings
* tools: new script to cleanly remove duplicate actions
==== python-cryptography ====
Version update (3.0 -> 3.2.1)
- update to 3.2.1:
Disable blinding on RSA public keys to address an error with
some versions of OpenSSL.
- update to 3.2:
* CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time,
to protect against Bleichenbacher vulnerabilities. Due to limitations imposed
by our API, we cannot completely mitigate this vulnerability.
* Support for OpenSSL 1.0.2 has been removed.
* Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder.
- update to 3.1.1:
* wheels compiled with OpenSSL 1.1.1h.
- update to 3.1:
* **BACKWARDS INCOMPATIBLE:** Removed support for ``idna`` based
:term:`U-label` parsing in various X.509 classes. This support was originally
deprecated in version 2.1 and moved to an extra in 2.5.
* Deprecated OpenSSL 1.0.2 support. OpenSSL 1.0.2 is no longer supported by
the OpenSSL project. The next version of ``cryptography`` will drop support
for it.
* Deprecated support for Python 3.5. This version sees very little use and will
be removed in the next release.
* ``backend`` arguments to functions are no longer required and the
default backend will automatically be selected if no ``backend`` is provided.
* Added initial support for parsing certificates from PKCS7 files with
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates`
and
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates`
.
* Calling ``update`` or ``update_into`` on
:class:`~cryptography.hazmat.primitives.ciphers.CipherContext` with ``data``
longer than 2\ :sup:`31` bytes no longer raises an ``OverflowError``. This
also resolves the same issue in :doc:`/fernet`.
==== qpdf ====
Version update (10.0.1 -> 10.0.3)
- Update to version 10.0.3
* Fixes a regression introduced in 10.0.2
- Update to version 10.0.2
* Bug fixes and performance improvements
* See http://qpdf.sourceforge.net/files/qpdf-manual.html#ref.release-notes
for a complete changelog.
==== raspberrypi-firmware-dt ====
Version update (2020.05.02 -> 2020.10.26)
- Update to 2dc96ad40979 (2020-10-26):
* Introduce firmware-clocks
* Introduce firmware-reset
* Add reset controller in xHCI node
- Get rid of vl805-firmware-loader-overlay.dts, not needed anymore
==== rpm-config-SUSE ====
Version update (0.g60 -> 0.g64)
- Update to version 0.g64:
* Define a global %_firmwaredir
* macros.obs: remove unused macros
==== sddm ====
Subpackages: sddm-branding-openSUSE
- Replace '%service_del_postun -n' with '%service_del_postun_without_restart'
'-n' is deprecated and will be removed in the future.
- Patches to fix X not having access control on startup
(boo#1177201, CVE-2020-28049):
* Add 0001-Don-t-disable-authentication-in-test-mode.patch
* Modify 0001-Redesign-Xauth-handling.patch
- Add patch to set XAUTHLOCALHOSTNAME again (boo#1177835):
* 0001-Set-XAUTHLOCALHOSTNAME-in-sessions.patch
==== selinux-policy ====
Version update (20201016 -> 20201029)
Subpackages: selinux-policy-targeted
- wicked.fc: add libexec directories
- Update to version 20201029
- update container policy
==== shadow ====
- Change again useradd.local script to let it work even for system
accounts and work together with SELinux (bsc#1178296)
- Change patch useradd-script.patch to support the four arguments
used by the useradd.local script (bsc#1178296)
==== systemd-default-settings ====
Version update (0.2 -> 0.4)
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- rpm file lists are now generated from the spec file.
- Make sure the release number between the main and the branding
packages match
- Import 0.3
d299248 List drop-in directories in SUSE.list exclusively
e4651a7 Disable memory accounting by default for all distros (jsc#PM-2229 jsc#PM-2230)
==== timezone ====
Version update (2020a -> 2020d)
- Add fat.patch to generate "fat" timezone files (was default before 2020b).
- Adjust timezone-java.spec.in to avoid build failures when running
pre_checkin.sh
- timezone update 2020d
* Palestine ends DST earlier than predicted, on 2020-10-24.
- timezone update 2020c
* Fiji starts DST later than usual, on 2020-12-20.
- timezone update 2020b (bsc#1177460)
* Revised predictions for Morocco's changes starting in 2023.
* Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08.
* Macquarie Island has stayed in sync with Tasmania since 2011.
* Casey, Antarctica is at +08 in winter and +11 in summer.
* zic no longer supports -y, nor the TYPE field of Rules.
- Rebased timezone-2018f-bsc1112310.patch
==== transactional-update ====
Version update (2.28 -> 2.28.2)
Subpackages: transactional-update-zypp-config
- Version 2.28.2
- SELinux: Exclude security.selinux attribute from rsyncing (again)
- Version 2.28.1
- SELinux: Fixed changing the wrong grub configuration file
- SELinux: Move /.autorelabel file to writeable location
==== vim ====
Version update (8.2.1900 -> 8.2.1955)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.1955, fixes the following problems
* Vim9: command modifiers do not work.
* Variable completion does not work in command line window.
* Default option values are changed when using :badd for an existing buffer.
* Buffer test fails with normal features.
* Still using default option values after using ":badd +1".
* The wininfo list may contain stale entries.
* Warning for signed/unsigned.
* Complete_info().selected may be wrong.
* Lua is initialized even when not used.
* Number of status line items is limited to 80.
* Reading past the end of the command line.
* Tiny build fails.
* With Python 3.9 some tests fail.
* GTK GUI: rounding for the cell height is too strict.
* Vim9: cannot put line break in expression for '=' register.
* Vim9: error for wrong number of arguments is not useful.
* Vim9: function call is aborted even when "silent!" is used.
* No test for improved Man command.
* Vim9: E1100 mentions :let.
* Assert_fails() setting emsg_silent changes normal execution.
* Listlbr test fails when run after another test.
* Fuzzy matching does not recognize path separators.
* Win32: scrolling doesn't work properly when part of window is off-screen.
* Vim9: "filter" command modifier doesn't work.
* Vim9: crash when indexing dict with NULL key.
* List/dict test fails.
* Cannot use a space in 'spellfile'. (Filipe Brandenburger)
* Vim9: get unknown error with an error in a timer function.
* Vim9: "silent!" not effective when list index is wrong.
* MS-Windows: problem loading Perl 5.32.
* Wrong input if removing shift results in special key code.
* Vim9: arguments of extend() not checked at compile time.
* Compiler warnings when building with Athena GUI.
* Cannot sort using locale ordering.
* Vim9: command modifiers in :def function not tested.
* Sort test fails on Mac.
* Session sets the local 'scrolloff' value to the global value.
* Vim9: test for confirm modifier fails in some situations.
* Wiping out a terminal buffer makes some tests fail.
* Invalid memory access in Ex mode with global command.
* Vim9: browse modifier test fails on Mac.
* Ex mode test fails on MS-Windows with GUI.
* Insufficient test coverage for the Netbeans interface.
* Vim9: wrong error message when colon is missing.
* Netbeans test is flaky.
* Crash when passing NULL function to reduce().
* sort() with NULL string not tested.
* Crash when using "zj" without folds. (Sean Dewar)
* GUI: crash when handling message while closing a window. (Srinath
Avadhanula)
* Vim9: using extend() on null dict is silently ignored.
* Vim9: crash when compiling function fails when getting type.
* Test for list and dict fails.
* Vim9: crash when using a NULL dict key.
* Vim9: extra "unknown" error after other error.
* Vim9: not all command modifiers are tested.
* Vim9: not all command modifiers are tested.
- apparmor.vim: update from AppArmor 3.0
- add capability checkpoint_restore
==== vulkan-loader ====
Version update (1.2.154 -> 1.2.154.1)
- Update to release 1.2.154.1
* Fix some issues when EnumerateAdapterPhysicalDevices is available
==== xdm ====
- Replace '%service_del_postun -n' with '%service_del_postun_without_restart'
'-n' is deprecated and will be removed in the future.
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Hi,
I have been running MicroOS on Gnome now for a little over a week and have been loving it, however main reason i'm using Gnome is because of the awesome manual that Dario wrote for his talk last week.
https://dariofaggioli.wordpress.com/2020/10/16/opensuse-microos-as-your-des…
In this manual he talks about changing Gnome Software to that it doesn't look for updates/ repos and make it only use flatpak.
As I am not a seasoned KDE or linux user i was wondering what these commands are for Discover (and possibly PackageKit)
$ gsettings set org.gnome.software install-bundles-system-wide false
$ gsettings set org.gnome.software allow-updates false
$ gsettings set org.gnome.software download-updates false
$ gsettings set org.gnome.software enable-repos-dialog false
$ gsettings set org.gnome.software first-run true
Thanks a million for your help!
BR,
Syds
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
4
3
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
rpm-config-SUSE (0.g60 -> 0.g64)
shadow
=== Details ===
==== rpm-config-SUSE ====
Version update (0.g60 -> 0.g64)
- Update to version 0.g64:
* Define a global %_firmwaredir
* macros.obs: remove unused macros
==== shadow ====
- Change again useradd.local script to let it work even for system
accounts and work together with SELinux (bsc#1178296)
- Change patch useradd-script.patch to support the four arguments
used by the useradd.local script (bsc#1178296)
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
rpm-config-SUSE (0.g60 -> 0.g64)
shadow
=== Details ===
==== rpm-config-SUSE ====
Version update (0.g60 -> 0.g64)
- Update to version 0.g64:
* Define a global %_firmwaredir
* macros.obs: remove unused macros
==== shadow ====
- Change again useradd.local script to let it work even for system
accounts and work together with SELinux (bsc#1178296)
- Change patch useradd-script.patch to support the four arguments
used by the useradd.local script (bsc#1178296)
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
NetworkManager
container-selinux
iptables (1.8.5 -> 1.8.6)
libyui-qt (2.56.1 -> 2.56.2)
polkit-default-privs (1550+20201012.1df5a0d -> 1550+20201103.994a5ed)
=== Details ===
==== NetworkManager ====
Subpackages: libnm0 typelib-1_0-NM-1_0
- Exclude systemd.automount from nfs processing: fix boo#1116625
as suggested from Neil Brown
==== container-selinux ====
- Don't use BuildRequires based on shell script output. OBS can't
evaluate that.
==== iptables ====
Version update (1.8.5 -> 1.8.6)
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins
- Update to release 1.8.6
* iptables-nft had pointlessly added "bitwise" expressions to
each IP address match, needlessly slowing down run-time
performance (by 50% in worst cases).
* iptables-nft-restore: Support basechain policy value of "-"
(indicating to not change the chain's policy).
* nft-translte: Fix translation of ICMP type "any" match.
==== libyui-qt ====
Version update (2.56.1 -> 2.56.2)
- Honor menu item enabled/disabled state when rebuilding menu item tree
(e.g. after keyboard shortcut change) (boo#1178394)
- 2.56.2
==== polkit-default-privs ====
Version update (1550+20201012.1df5a0d -> 1550+20201103.994a5ed)
- Update to version 1550+20201103.994a5ed:
* udisks2: rename of manage-led action to match upstream changes (bsc#1178321)
- Update to version 1550+20201030.d1b5d8b:
* whitelisting of GNOME malcontent parental controls (bsc#1177974)
* restrictive profile: fix conflicting duplicate action org.kde.powerdevil.backlighthelper.setbrightness
* restrictive profile: fix conflicting duplicate action org.freedesktop.color-manager.delete-profile
* profiles: fix conflicting duplicate action org.kde.powerdevil.backlighthelper.brightness
* profiles: remove duplicate actions with same authentication settings
* tools: new script to cleanly remove duplicate actions
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
container-selinux
helm (3.3.4 -> 3.4.0)
iptables (1.8.5 -> 1.8.6)
salt
=== Details ===
==== container-selinux ====
- Don't use BuildRequires based on shell script output. OBS can't
evaluate that.
==== helm ====
Version update (3.3.4 -> 3.4.0)
- Update to version 3.4.0:
* bump version to v3.4.0
* this rewrites a whole bunch of old repo URLs to the new repo URL (#8902)
* warn and block old repo URLs (#8903)
* improved user-facing error messages to explain the underlying problem (#8731)
* Linking to a more complete list of meeting details.
* add authentication to CircleCI jobs
* helm create: make generated YAML indentation more consistent
* Makefile: check and use GOBIN environment variable first
* TestCheckPerms: utilize pipe to read stderr
* Bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0
* Bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0
* feat(install): add requested version to error
* Bump github.com/gofrs/flock from 0.7.1 to 0.8.0
* Bump github.com/lib/pq from 1.7.0 to 1.8.0
* Fix wrong function's name in comment
* ref(cmd): prevent klogs flags from polluting the help text
* Adding support for k8s 1.19
* remove redudant time func
* fix example time format
* rename to time format flag
* refactor time formatting
* fix ls command example
* add time-format flag to list command
* Adding annotation to index.yaml file
* Fixing import package issue
* Update go version to 1.14 in go.mod
* use warning function
* Adding size labels pointer
* Fixing issue with idempotent repo add
* support passing signing passphrase from file or stdin (#8394)
* size/S and larger requiring 2 LGTMs
* Update docs links in release notes script
* fix: allow serverInfo field on index files
* fix(cmd/helm): add build tags for architecture
* switched to stricter YAML parsing on plugin metadata files
* Merge pull request from GHSA-m54r-vrmv-hw33
* Merge pull request from GHSA-jm56-5h66-w453
* Merge pull request from GHSA-9vp5-m38w-j776
* go fmt
* improve the HTTP detection for tar archives
* replace --no-update with --force-update and invert default. BREAKING.
* handle case where dependency name collisions break dependency resolution
* fixed bug that caused helm create to not overwrite modified files
* refactor the release name validation to be consistent across Helm
* fix: if not .Values.autoscaling.enabled indent
* validate the name passed in during helm create
* fix: check mode bits on kubeconfig file
* fix incorrect wildcard expand
* fix(comp): Disable file comp for output formats
* Makefile: Fix LDFLAGS overriding
* Add support to install helm
* Fixing typo in engine comments
* Use T.cleanup() to cleanup cmdtest_temp file
* Use RemoveAll to remove a non-empty directory
* mark NewTempServer as Deprecated
* Use T.Cleanup() to cleanup temp dir helm-repotest
* Support impersonation via flags similar to kubectl --as="user"
* Document all env vars for CLI help
* Use T.cleanup() to cleanup helm-action-test
* Add GPG signature verification to install script (#7944)
* fix: with .Values.podAnnotations indent template
* Revert PR 8562
* feat(comp): Add support for fish completion
* feat: status command display description
* Remove duplicate variable definition
* Fixed a variable name collision caused by two PR merges (#8681)
* Fix/8467 linter failing (#8496)
* fix name length check on lint (#8543)
* Fix spelling in completion.go
* cleanup tempfiles for load_test
* add checkFileCompletion for env HELM_BIN
* feat(env): add support of accepting a specific variable for helm env
* Fixing failing CI for windows
* pkg/*: Small linting fixes
* Correct checksum file links
* Fixing linting of templates on Windows
* use URL escape codes
* add v4 to list of exempt labels
* optimise if condition in service ready logic
* feat(comp): Disable file completion when not valid
* Bump Kubernetes to v0.18.8 + Bump jsonpatch
* release/mock: Ensure conversion from int to string yields a string
* Update Common Lables template in starter chart
* chore(deps): add dependabot.yml
* Fix Quick Start Guide Link in README.md
* add helm v4 todo comments for FindChartInAuthAndTLSRepoURL.
* polish the error handler
* Move selector filtering after latest release version filtering
* Added testing for list action with selector
* Added notice about supported backends
* Fix linting issues
* Added selector filtering
* Pass labels from secret/configmap to release object
* Added selector option to list command
* fix test that modifies the wrong cache data
* bufix: fix validateNumColons docs
* Fix typo
* darwin-386 and windows-386 are not supported now
* Fix issue with install and upgrade running all hooks
* introduce stale issue bot
* Close gzip reader when done.
* fix watch error due to elb/proxy timeout
* Avoid hardcoded container port in default notes
* add unit tests for FindChartInAuthAndTLSRepoURL.
* Restoring Build behavior
* Adding helm v4 todo
* Make unmanaged repositories version resolvable
* Locking file URIs to a version in lockfile
* Enhance readability by extracting bitwise operation
* fix(sdk): Polish the downloader/manager package error return (#8491)
* fix insecure-skip-tls-verify flag does't work on helm install, Keep FindChartInRepoURL and FindChartInAuthRepoURL functions signatures intact.
* fix: Allow building in a path containing spaces
* Alter whitespace in "Update Complete" output
* fix(create): update the hook name of test-connection pod
* polish the help text of flag
* Reinstating comment that is still accurate
* Rollback command support for max history
* fix(helm): Update test during pending install
* Correct make target in Makefile
* fix(helm): Added test for concurrent upgrades
* fix(helm): Avoid corrupting storage via a lock
* Fixing version and spelling errors
* Clarify comments to match practice
* fix the code style error
* feature(show): support jsonpath output for `helm show value`
* fix(kube): use logger instead of fmt.Printf
* fix windows build failure caused by #8431
* address PR comment, adding whitespace for formatting
* feat(helm): prompt for password with helm repo add
* Lint dependencies (#7970)
* Environment variable for setting the max history for an environment
* chore(OWNERS): move michelleN to emeritus
* bump version to v3.3
* fix conflict
* add test case
* fix another extreme case
* add test case
* fix #6116
* Make helm ls return only current releases if providing state filter
* Report what cause finding chart to fail
* Simplify chart installable check
==== iptables ====
Version update (1.8.5 -> 1.8.6)
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins
- Update to release 1.8.6
* iptables-nft had pointlessly added "bitwise" expressions to
each IP address match, needlessly slowing down run-time
performance (by 50% in worst cases).
* iptables-nft-restore: Support basechain policy value of "-"
(indicating to not change the chain's policy).
* nft-translte: Fix translation of ICMP type "any" match.
==== salt ====
Subpackages: python3-salt salt-master salt-minion salt-standalone-formulas-configuration
- Set passphrase for salt-ssh keys to empty string (bsc#1178485)
- Added:
* set-passphrase-for-salt-ssh-keys-to-empty-string-293.patch
- Properly validate eauth credentials and tokens on SSH calls made by Salt API
(bsc#1178319) (bsc#1178362) (bsc#1178361)
(CVE-2020-25592) (CVE-2020-17490) (CVE-2020-16846)
- Added:
* fix-cve-2020-25592-and-add-tests-bsc-1178319.patch
- Fix novendorchange handling in zypperpkg module
- Added:
* fix-novendorchange-option-284.patch
- Fix disk.blkid to avoid unexpected keyword argument '__pub_user' (bsc#1177867)
- Added:
* path-replace-functools.wraps-with-six.wraps-bsc-1177.patch
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor (2.13.5 -> 3.0.0)
fwupd (1.5.0 -> 1.5.1)
grub2
libapparmor (2.13.5 -> 3.0.0)
sddm
vim (8.2.1900 -> 8.2.1955)
xdm
=== Details ===
==== apparmor ====
Version update (2.13.5 -> 3.0.0)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in
de, id and sv translations (and fix the test) (MR 675)
- add extra-profiles-fix-Pux.diff to fix an inactive profile -
prevents a crash in aa-logprof and aa-genprof when creating a new
profile (MR 676)
- update to AppArmor 3.0.0
- introduce feature abi declaration in profiles to enable use of
new rule types (for openSUSE: dbus and unix rules)
- support xattr attachment conditionals
- experimental support for kill and unconfined profile modes
- rewritten aa-status (in C), including support for new profile modes
- rewritten aa-notify (in python), finally dropping the perl
requirement at runtime
- new tool aa-features-abi for extracting feature abis from the kernel
- update profiles to have profile names and to use 3.0 feature abi
- introduce @{etc_ro} and @{etc_rw} profile variables
- new profile for php-fpm
- several updates to profiles and abstractions (including boo#1166007)
- fully support 'include if exists' in the aa-* tools
- rewrite handling of alias, include, link and variable rules in
the aa-* tools
- rewrite and simplify log handling in the aa-logprof and aa-genprof
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- patches:
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop upstreamed usr-etc-abstractions-base-nameservice.diff
- drop 2.13-only libapparmor-so-number.diff
- refresh apparmor-enable-profile-cache.diff - partially upstreamed
- update apparmor-samba-include-permissions-for-shares.diff and
apparmor-lessopen-profile.patch - switch to "include if exists"
- apparmor-lessopen-profile.patch: add abi rule to lessopen profile
- refresh apparmor-lessopen-nfs-workaround.diff
- move away very loose apache profile that doesn't even match the
apache2 binary path in openSUSE to avoid confusion (boo#872984)
- move rewritten aa-status from utils to parser subpackage
- add aa-features-abi to parser subpackage
- replace perl and libnotify-tools requires with requiring
python3-notify2 and python3-psutil (needed by the rewritten
aa-notify)
- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
- drop (never enabled) conditionals to build with python2 and to
build the python-apparmor subpackage (upstream dropped python2
support)
- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
- set PYFLAKES path for utils check
- add precompiled_cache build conditional to allow faster local
builds without using kvm
- remove duplicated BuildRequires: swig
==== fwupd ====
Version update (1.5.0 -> 1.5.1)
Subpackages: libfwupd2 libfwupdplugin1 typelib-1_0-Fwupd-2_0
- Amend the spec file (jsc#SLE-16818)
+ Only enable fish support for Tumbleweed
+ Only enable the MSR plugin for x86
+ Only install dbxtool in the architectures with UEFI support
- Update to version 1.5.1:
+ Use UDisks to find out if swap devices are encrypted.
+ Show a link to discover more information about a specific
plugin failure.
+ updated fish completions to 1.5.0.
+ Remove the duplicate parent-child data in FwupdDevice and
FuDevice.
+ Show a less scary fwupdate output for devices without info.
+ thunderbolt: recognize authorized value of '2' as well.
+ bcm57xx: Make hotplug more reliable.
+ Use a different Device ID for the OptionROM devices.
+ contrib/ci: switch TPM simulator from ibmswtpm to swtpm.
+ Delete unused EFI variables when deploying firmware.
+ Fix probe warning for the Logitech Unifying device.
+ Include the amount of NVRAM size in use in the LVFS failure
report.
+ Add external interface messages.
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Fix boot failure in blocklist installation (bsc#1178278)
* Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch
==== libapparmor ====
Version update (2.13.5 -> 3.0.0)
- update to AppArmor 3.0.0
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop 2.13-only patch libapparmor-so-number.diff
==== sddm ====
Subpackages: sddm-branding-openSUSE
- Replace '%service_del_postun -n' with '%service_del_postun_without_restart'
'-n' is deprecated and will be removed in the future.
- Patches to fix X not having access control on startup
(boo#1177201, CVE-2020-28049):
* Add 0001-Don-t-disable-authentication-in-test-mode.patch
* Modify 0001-Redesign-Xauth-handling.patch
- Add patch to set XAUTHLOCALHOSTNAME again (boo#1177835):
* 0001-Set-XAUTHLOCALHOSTNAME-in-sessions.patch
==== vim ====
Version update (8.2.1900 -> 8.2.1955)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.1955, fixes the following problems
* Vim9: command modifiers do not work.
* Variable completion does not work in command line window.
* Default option values are changed when using :badd for an existing buffer.
* Buffer test fails with normal features.
* Still using default option values after using ":badd +1".
* The wininfo list may contain stale entries.
* Warning for signed/unsigned.
* Complete_info().selected may be wrong.
* Lua is initialized even when not used.
* Number of status line items is limited to 80.
* Reading past the end of the command line.
* Tiny build fails.
* With Python 3.9 some tests fail.
* GTK GUI: rounding for the cell height is too strict.
* Vim9: cannot put line break in expression for '=' register.
* Vim9: error for wrong number of arguments is not useful.
* Vim9: function call is aborted even when "silent!" is used.
* No test for improved Man command.
* Vim9: E1100 mentions :let.
* Assert_fails() setting emsg_silent changes normal execution.
* Listlbr test fails when run after another test.
* Fuzzy matching does not recognize path separators.
* Win32: scrolling doesn't work properly when part of window is off-screen.
* Vim9: "filter" command modifier doesn't work.
* Vim9: crash when indexing dict with NULL key.
* List/dict test fails.
* Cannot use a space in 'spellfile'. (Filipe Brandenburger)
* Vim9: get unknown error with an error in a timer function.
* Vim9: "silent!" not effective when list index is wrong.
* MS-Windows: problem loading Perl 5.32.
* Wrong input if removing shift results in special key code.
* Vim9: arguments of extend() not checked at compile time.
* Compiler warnings when building with Athena GUI.
* Cannot sort using locale ordering.
* Vim9: command modifiers in :def function not tested.
* Sort test fails on Mac.
* Session sets the local 'scrolloff' value to the global value.
* Vim9: test for confirm modifier fails in some situations.
* Wiping out a terminal buffer makes some tests fail.
* Invalid memory access in Ex mode with global command.
* Vim9: browse modifier test fails on Mac.
* Ex mode test fails on MS-Windows with GUI.
* Insufficient test coverage for the Netbeans interface.
* Vim9: wrong error message when colon is missing.
* Netbeans test is flaky.
* Crash when passing NULL function to reduce().
* sort() with NULL string not tested.
* Crash when using "zj" without folds. (Sean Dewar)
* GUI: crash when handling message while closing a window. (Srinath
Avadhanula)
* Vim9: using extend() on null dict is silently ignored.
* Vim9: crash when compiling function fails when getting type.
* Test for list and dict fails.
* Vim9: crash when using a NULL dict key.
* Vim9: extra "unknown" error after other error.
* Vim9: not all command modifiers are tested.
* Vim9: not all command modifiers are tested.
- apparmor.vim: update from AppArmor 3.0
- add capability checkpoint_restore
==== xdm ====
- Replace '%service_del_postun -n' with '%service_del_postun_without_restart'
'-n' is deprecated and will be removed in the future.
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor (2.13.5 -> 3.0.0)
grub2
libapparmor (2.13.5 -> 3.0.0)
python-psutil
vim (8.2.1900 -> 8.2.1955)
=== Details ===
==== apparmor ====
Version update (2.13.5 -> 3.0.0)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in
de, id and sv translations (and fix the test) (MR 675)
- add extra-profiles-fix-Pux.diff to fix an inactive profile -
prevents a crash in aa-logprof and aa-genprof when creating a new
profile (MR 676)
- update to AppArmor 3.0.0
- introduce feature abi declaration in profiles to enable use of
new rule types (for openSUSE: dbus and unix rules)
- support xattr attachment conditionals
- experimental support for kill and unconfined profile modes
- rewritten aa-status (in C), including support for new profile modes
- rewritten aa-notify (in python), finally dropping the perl
requirement at runtime
- new tool aa-features-abi for extracting feature abis from the kernel
- update profiles to have profile names and to use 3.0 feature abi
- introduce @{etc_ro} and @{etc_rw} profile variables
- new profile for php-fpm
- several updates to profiles and abstractions (including boo#1166007)
- fully support 'include if exists' in the aa-* tools
- rewrite handling of alias, include, link and variable rules in
the aa-* tools
- rewrite and simplify log handling in the aa-logprof and aa-genprof
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- patches:
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop upstreamed usr-etc-abstractions-base-nameservice.diff
- drop 2.13-only libapparmor-so-number.diff
- refresh apparmor-enable-profile-cache.diff - partially upstreamed
- update apparmor-samba-include-permissions-for-shares.diff and
apparmor-lessopen-profile.patch - switch to "include if exists"
- apparmor-lessopen-profile.patch: add abi rule to lessopen profile
- refresh apparmor-lessopen-nfs-workaround.diff
- move away very loose apache profile that doesn't even match the
apache2 binary path in openSUSE to avoid confusion (boo#872984)
- move rewritten aa-status from utils to parser subpackage
- add aa-features-abi to parser subpackage
- replace perl and libnotify-tools requires with requiring
python3-notify2 and python3-psutil (needed by the rewritten
aa-notify)
- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
- drop (never enabled) conditionals to build with python2 and to
build the python-apparmor subpackage (upstream dropped python2
support)
- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
- set PYFLAKES path for utils check
- add precompiled_cache build conditional to allow faster local
builds without using kvm
- remove duplicated BuildRequires: swig
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Fix boot failure in blocklist installation (bsc#1178278)
* Modified 0002-grub-install-Avoid-incompleted-install-on-i386-pc.patch
==== libapparmor ====
Version update (2.13.5 -> 3.0.0)
- update to AppArmor 3.0.0
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop 2.13-only patch libapparmor-so-number.diff
==== python-psutil ====
- Fix shebang replacement for multiple python flavors
==== vim ====
Version update (8.2.1900 -> 8.2.1955)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.1955, fixes the following problems
* Vim9: command modifiers do not work.
* Variable completion does not work in command line window.
* Default option values are changed when using :badd for an existing buffer.
* Buffer test fails with normal features.
* Still using default option values after using ":badd +1".
* The wininfo list may contain stale entries.
* Warning for signed/unsigned.
* Complete_info().selected may be wrong.
* Lua is initialized even when not used.
* Number of status line items is limited to 80.
* Reading past the end of the command line.
* Tiny build fails.
* With Python 3.9 some tests fail.
* GTK GUI: rounding for the cell height is too strict.
* Vim9: cannot put line break in expression for '=' register.
* Vim9: error for wrong number of arguments is not useful.
* Vim9: function call is aborted even when "silent!" is used.
* No test for improved Man command.
* Vim9: E1100 mentions :let.
* Assert_fails() setting emsg_silent changes normal execution.
* Listlbr test fails when run after another test.
* Fuzzy matching does not recognize path separators.
* Win32: scrolling doesn't work properly when part of window is off-screen.
* Vim9: "filter" command modifier doesn't work.
* Vim9: crash when indexing dict with NULL key.
* List/dict test fails.
* Cannot use a space in 'spellfile'. (Filipe Brandenburger)
* Vim9: get unknown error with an error in a timer function.
* Vim9: "silent!" not effective when list index is wrong.
* MS-Windows: problem loading Perl 5.32.
* Wrong input if removing shift results in special key code.
* Vim9: arguments of extend() not checked at compile time.
* Compiler warnings when building with Athena GUI.
* Cannot sort using locale ordering.
* Vim9: command modifiers in :def function not tested.
* Sort test fails on Mac.
* Session sets the local 'scrolloff' value to the global value.
* Vim9: test for confirm modifier fails in some situations.
* Wiping out a terminal buffer makes some tests fail.
* Invalid memory access in Ex mode with global command.
* Vim9: browse modifier test fails on Mac.
* Ex mode test fails on MS-Windows with GUI.
* Insufficient test coverage for the Netbeans interface.
* Vim9: wrong error message when colon is missing.
* Netbeans test is flaky.
* Crash when passing NULL function to reduce().
* sort() with NULL string not tested.
* Crash when using "zj" without folds. (Sean Dewar)
* GUI: crash when handling message while closing a window. (Srinath
Avadhanula)
* Vim9: using extend() on null dict is silently ignored.
* Vim9: crash when compiling function fails when getting type.
* Test for list and dict fails.
* Vim9: crash when using a NULL dict key.
* Vim9: extra "unknown" error after other error.
* Vim9: not all command modifiers are tested.
* Vim9: not all command modifiers are tested.
- apparmor.vim: update from AppArmor 3.0
- add capability checkpoint_restore
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
PackageKit
bcache-tools
chrony
container-selinux (2.145.0 -> 2.150.0)
gcc10 (10.2.1+git583 -> 10.2.1+git872)
glibc
hplip
ima-evm-utils (1.3.1 -> 1.3.2)
installation-images-MicroOS (16.25 -> 16.26)
kernel-firmware (20201005 -> 20201023)
libqt5-qtbase
libxml2
libyui-ncurses (2.57.1 -> 2.57.2)
microos-tools (2.6 -> 2.7)
mpc (1.2.0 -> 1.2.1)
openpgm
osinfo-db (20200813 -> 20201015)
pciutils
perl (5.30.3 -> 5.32.0)
python-cryptography (3.0 -> 3.2.1)
qpdf (10.0.1 -> 10.0.3)
selinux-policy (20201016 -> 20201029)
systemd-default-settings (0.2 -> 0.4)
timezone (2020a -> 2020d)
transactional-update (2.28 -> 2.28.2)
vulkan-loader (1.2.154 -> 1.2.154.1)
xen (4.14.0_08 -> 4.14.0_10)
=== Details ===
==== PackageKit ====
Subpackages: PackageKit-backend-zypp libpackagekit-glib2-18
- Add PackageKit-bsc1169739.patch: main: notify the service manager
when it's beginning to shutdown
(gh#/hughsie/PackageKit/commit/d8dd484d, bsc#1169739).
- Replace $DISABLE_RESTART_ON_UPDATE=yes with %service_del_postun_without_restart
Use of $DISABLE_RESTART_ON_UPDATE is deprecated.
==== bcache-tools ====
- Remove dependence of smartcols bcache-tools.spec, bcache-tools
code doesn't need it now. (jsc#SLE-9807)
- Remove 1001-udev-do-not-rely-on-DRIVER-variable.patch because
we have 0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch
to provide static UUIDs. (jsc#SLE-9807)
- bcache-tools: add man page bcache-status.8 (jsc#SLE-9807)
0017-bcache-tools-add-man-page-bcache-status.8.patch
- bcache-tools: add bcache-status (jsc#SLE-9807)
0016-bcache-tools-add-bcache-status.patch
- bcache-tools: make: permit only one cache device to be
specified (jsc#SLE-9807)
0015-bcache-tools-make-permit-only-one-cache-device-to-be.patch
- bcache-tools: Remove the dependency on libsmartcols
(jsc#SLE-9807)
0014-bcache-tools-Remove-the-dependency-on-libsmartcols.patch
- bcache-tools: Export CACHED_UUID and CACHED_LABEL
(jsc#SLE-9807)
0013-bcache-tools-Export-CACHED_UUID-and-CACHED_LABEL.patch
- bcache-tools: Fix potential coredump issues (jsc#SLE-9807)
0012-bcache-tools-Fix-potential-coredump-issues.patch
- bcache-tools: add print_cache_set_supported_feature_sets()
in lib.c (jsc#SLE-9807)
0011-bcache-tools-add-print_cache_set_supported_feature_s.patch
- bcache-tools: add large_bucket incompat feature (jsc#SLE-9807)
0010-bcache-tools-add-large_bucket-incompat-feature.patch
- bcache-tools: upgrade super block versions for feature sets
(jsc#SLE-9807)
0009-bcache-tools-upgrade-super-block-versions-for-featur.patch
- bcache-tools: define separated super block for in-memory and
on-disk format (jsc#SLE-9807)
0008-bcache-tools-define-separated-super-block-for-in-mem.patch
- bcache-tools: add to_cache_sb() and to_cache_sb_disk()
(jsc#SLE-9807)
0007-bcache-tools-add-to_cache_sb-and-to_cache_sb_disk.patch
- bcache-tools: list.h: only define offsetof() when it is
undefined (jsc#SLE-9807)
0006-bcache-tools-list.h-only-define-offsetof-when-it-is-.patch
- bcache-tools: bitwise.h: more swap bitwise for different
CPU endians (jsc#SLE-9807)
0005-bcache-tools-bitwise.h-more-swap-bitwise-for-differe.patch
- bcache-tools: add struct cache_sb_disk into bcache.h (jsc#SLE-9807)
0004-bcache-tools-add-struct-cache_sb_disk-into-bcache.h.patch
- bcache-tools: convert writeback to writethrough mode for zoned
backing device (jsc#SLE-9807)
0003-bcache-tools-convert-writeback-to-writethrough-mode-.patch
- bcache-tools: add is_zoned_device() (jsc#SLE-9807)
0002-bcache-tools-add-is_zoned_device.patch
- bcache-tools: set zoned size aligned data_offset on backing device
for zoned devive (jsc#SLE-9807)
0001-bcache-tools-set-zoned-size-aligned-data_offset-on-b.patch
==== chrony ====
Subpackages: chrony-pool-openSUSE
- By default we don't write log files but log to journald, so
only recommend logrotate.
==== container-selinux ====
Version update (2.145.0 -> 2.150.0)
- Update to version 2.150.0
- Add additional allow rules for kvm based containers using
virtiofsd.
==== gcc10 ====
Version update (10.2.1+git583 -> 10.2.1+git872)
Subpackages: cpp10 libgcc_s1 libgomp1 libstdc++6
- Update to gcc-10 branch head (a78cd759754c92cecbf235ac9b), git872.
- Build complete set of multilibs for arm-none target [bsc#1106014]
* Fixes inadvertant mixture of ARM and Thumb instructions in linker output
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- Use --enable-cet on x86_64 to instrument glibc for indirect branch
tracking and shadow stack use. Enable indirect branch tracking
and shadow stack in the dynamic loader. [jsc#PM-2110] [bsc#1175154]
==== hplip ====
- Fixed bugzilla link (bsc#1177527)
==== ima-evm-utils ====
Version update (1.3.1 -> 1.3.2)
Subpackages: evmctl libimaevm2
- Update to version 1.3.2
* Bugfixes: importing keys
* NEW: Docker based travis distro testing
* Travis bugfixes, code cleanup, software version update,
and script removal
* Initial travis testing
- Remove 0001-help-Add-missing-new-line-for-ignore-violations.patch
(patch from this release)
- Add make check + dependencies (getfattr => attr, xxd => vim)
==== installation-images-MicroOS ====
Version update (16.25 -> 16.26)
- merge gh#openSUSE/installation-images#435
- don't forget .lib*.hmac files (bsc#1178208)
- 16.26
==== kernel-firmware ====
Version update (20201005 -> 20201023)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd
- Update to version 20201023 (git commit dae4b4cd0841):
* cypress: add Cypress firmware and clm_blob files
* rtl_bt: Update RTL8821C BT FW to 0xAA6C_A99E
* ath10k: add SDIO firmware for QCA9377 WiFi
* ice: update package file to 1.3.16.0
* mediatek: separate venc service thread
* QCA : Updated firmware file for WCN3991
* iwlwifi: update and add new FWs from core56-54 release
* iwlwifi: update 3168, 7265D, 8000C and 8265 firmwares
* i915: Add DG1 DMC v2.02
* qcom : updated venus firmware files for v5.4
- Add _constraints to fix the build error (bsc#1178242)
==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5OpenGL5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5
- Disable -reduce-relocations for now (boo#1175278, QTBUG-86173)
==== libxml2 ====
Subpackages: libxml2-2 libxml2-tools
- Make python subpackage ready for multiple python3 flavors
gh#openSUSE/python-rpm-macros#66
==== libyui-ncurses ====
Version update (2.57.1 -> 2.57.2)
- Explicitly set item and line index in NCMultiSelectionBox and
NCSelectionBox (bsc#1177982, bsc#1177985)
- 2.57.2
==== microos-tools ====
Version update (2.6 -> 2.7)
- Update to version 2.7
- Add workaround if /.autorelabel is used, don't ignore it
- Rename tmp.conf to microos-tmp.conf on SUSE MicroOS
- Fix building on SUSE MicroOS
==== mpc ====
Version update (1.2.0 -> 1.2.1)
- mpc 1.2.1:
* Fix an incompatibility problem with GMP 6.0 and before
* Fix an intermediate overflow in asin
- express build dependencies explicitly to match the versions
required by configue, so that the OBS scheduler is aware of them
- move texinfo requirements to -devel package where they are
are actually used
- package license in every subpackage and mark as license
- run spec-cleaner
==== openpgm ====
- Always pretend we do not have ftime(3), function is deprecated
and absent from next glibc release.
==== osinfo-db ====
Version update (20200813 -> 20201015)
- Update database to version 20201015
osinfo-db-20201015.tar.xz
==== pciutils ====
- Add decode support for RCECs
- added patches
https://github.com/pciutils/pciutils/commit/e12bd01eea67ca8cf539263124843ba…
+ pciutils-add-decode-support-for-RCECs.patch
==== perl ====
Version update (5.30.3 -> 5.32.0)
Subpackages: perl-base
- update to perl-5.32.0
* new experimental infix "isa" operator
* support of unicode 13.0
* chained comparisons capability
- updated patches:
* perl-HiRes.t-timeout.diff
* posix-sigaction.patch
* perl-fix2020.patch
* perl-reproducible2.patch
* perl_skip_flaky_tests_powerpc.patch
==== python-cryptography ====
Version update (3.0 -> 3.2.1)
- update to 3.2.1:
Disable blinding on RSA public keys to address an error with
some versions of OpenSSL.
- update to 3.2:
* CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time,
to protect against Bleichenbacher vulnerabilities. Due to limitations imposed
by our API, we cannot completely mitigate this vulnerability.
* Support for OpenSSL 1.0.2 has been removed.
* Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder.
- update to 3.1.1:
* wheels compiled with OpenSSL 1.1.1h.
- update to 3.1:
* **BACKWARDS INCOMPATIBLE:** Removed support for ``idna`` based
:term:`U-label` parsing in various X.509 classes. This support was originally
deprecated in version 2.1 and moved to an extra in 2.5.
* Deprecated OpenSSL 1.0.2 support. OpenSSL 1.0.2 is no longer supported by
the OpenSSL project. The next version of ``cryptography`` will drop support
for it.
* Deprecated support for Python 3.5. This version sees very little use and will
be removed in the next release.
* ``backend`` arguments to functions are no longer required and the
default backend will automatically be selected if no ``backend`` is provided.
* Added initial support for parsing certificates from PKCS7 files with
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates`
and
:func:`~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates`
.
* Calling ``update`` or ``update_into`` on
:class:`~cryptography.hazmat.primitives.ciphers.CipherContext` with ``data``
longer than 2\ :sup:`31` bytes no longer raises an ``OverflowError``. This
also resolves the same issue in :doc:`/fernet`.
==== qpdf ====
Version update (10.0.1 -> 10.0.3)
- Update to version 10.0.3
* Fixes a regression introduced in 10.0.2
- Update to version 10.0.2
* Bug fixes and performance improvements
* See http://qpdf.sourceforge.net/files/qpdf-manual.html#ref.release-notes
for a complete changelog.
==== selinux-policy ====
Version update (20201016 -> 20201029)
Subpackages: selinux-policy-targeted
- wicked.fc: add libexec directories
- Update to version 20201029
- update container policy
==== systemd-default-settings ====
Version update (0.2 -> 0.4)
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- rpm file lists are now generated from the spec file.
- Make sure the release number between the main and the branding
packages match
- Import 0.3
d299248 List drop-in directories in SUSE.list exclusively
e4651a7 Disable memory accounting by default for all distros (jsc#PM-2229 jsc#PM-2230)
==== timezone ====
Version update (2020a -> 2020d)
- Add fat.patch to generate "fat" timezone files (was default before 2020b).
- Adjust timezone-java.spec.in to avoid build failures when running
pre_checkin.sh
- timezone update 2020d
* Palestine ends DST earlier than predicted, on 2020-10-24.
- timezone update 2020c
* Fiji starts DST later than usual, on 2020-12-20.
- timezone update 2020b (bsc#1177460)
* Revised predictions for Morocco's changes starting in 2023.
* Canada's Yukon changes to -07 on 2020-11-01, not 2020-03-08.
* Macquarie Island has stayed in sync with Tasmania since 2011.
* Casey, Antarctica is at +08 in winter and +11 in summer.
* zic no longer supports -y, nor the TYPE field of Rules.
- Rebased timezone-2018f-bsc1112310.patch
==== transactional-update ====
Version update (2.28 -> 2.28.2)
Subpackages: transactional-update-zypp-config
- Version 2.28.2
- SELinux: Exclude security.selinux attribute from rsyncing (again)
- Version 2.28.1
- SELinux: Fixed changing the wrong grub configuration file
- SELinux: Move /.autorelabel file to writeable location
==== vulkan-loader ====
Version update (1.2.154 -> 1.2.154.1)
- Update to release 1.2.154.1
* Fix some issues when EnumerateAdapterPhysicalDevices is available
==== xen ====
Version update (4.14.0_08 -> 4.14.0_10)
- Upstream bug fixes (bsc#1027519)
5f479d9e-x86-begin-to-support-MSR_ARCH_CAPS.patch
5f4cf06e-x86-Dom0-expose-MSR_ARCH_CAPS.patch
5f4cf96a-x86-PV-fix-SEGBASE_GS_USER_SEL.patch
5f560c42-x86-PV-rewrite-segment-ctxt-switch.patch
5f5b6b7a-hypfs-fix-custom-param-writes.patch
5f607915-x86-HVM-more-consistent-IO-completion.patch
5f6cfb5b-x86-PV-dont-GP-for-SYSENTER-with-NT-set.patch
5f6cfb5b-x86-PV-dont-clobber-NT-on-return-to-guest.patch
5f71a21e-x86-S3-fix-shadow-stack-resume.patch
5f76ca65-evtchn-Flask-prealloc-for-send.patch
5f76caaf-evtchn-FIFO-use-stable-fields.patch
5f897c25-x86-traps-fix-read_registers-for-DF.patch
5f897c7b-x86-smpboot-restrict-memguard_guard_stack.patch
- Renamed patches
5f560c42-x86-PV-64bit-segbase-consistency.patch
Replaces 5f5b6951-x86-PV-64bit-segbase-consistency.patch
5f6a002d-x86-PV-handle-MSR_MISC_ENABLE-correctly.patch
Replaces 5f6a05a0-pv-Handle-the-Intel-specific-MSR_MISC_ENABLE-correctly.patch
5f6a0049-memory-dont-skip-RCU-unlock-in-acquire_resource.patch
Replaces 5f6a05b7-xen-memory-Dont-skip-the-RCU-unlock-path-in-acquire_resource.patch
5f6a0067-x86-vPT-fix-race-when-migrating-timers.patch
Replaces 5f6a05dd-vpt-fix-race-when-migrating-timers-between-vCPUs.patch
5f6a008e-x86-MSI-drop-read_msi_msg.patch
Replaces 5f6a05fa-msi-get-rid-of-read_msi_msg.patch
5f6a00aa-x86-MSI-X-restrict-reading-of-PBA-bases.patch
Replaces 5f6a061a-MSI-X-restrict-reading-of-table-PBA-bases-from-BARs.patch
5f6a00c4-evtchn-relax-port_is_valid.patch
Replaces 5f6a062c-evtchn-relax-port_is_valid.patch
5f6a00df-x86-PV-avoid-double-exception-injection.patch
Replaces 5f6a065c-pv-Avoid-double-exception-injection.patch
5f6a00f4-evtchn-add-missing-barriers.patch
Replaces 5f6a0674-xen-evtchn-Add-missing-barriers-when-accessing-allocating-an-event-channel.patch
5f6a0111-evtchn-x86-enforce-correct-upper-limit.patch
Replaces 5f6a068e-evtchn-x86-enforce-correct-upper-limit-for-32-bit-guests.patch
5f6a013f-evtchn_reset-shouldnt-succeed-with.patch
Replaces 5f6a06be-evtchn-evtchn_reset-shouldnt-succeed-with-still-open-ports.patch
5f6a0160-evtchn-IRQ-safe-per-channel-lock.patch
Replaces 5f6a06e0-evtchn-convert-per-channel-lock-to-be-IRQ-safe.patch
5f6a0178-evtchn-address-races-with-evtchn_reset.patch
Replaces 5f6a06f2-evtchn-address-races-with-evtchn_reset.patch
5f6a01a4-evtchn-preempt-in-evtchn_destroy.patch
Replaces 5f6a071f-evtchn-arrange-for-preemption-in-evtchn_destroy.patch
5f6a01c6-evtchn-preempt-in-evtchn_reset.patch
Replaces 5f6a0754-evtchn-arrange-for-preemption-in-evtchn_reset.patch
- bsc#1177409 - VUL-0: xen: x86 PV guest INVLPG-like flushes may
leave stale TLB entries (XSA-286)
xsa286-1.patch
xsa286-2.patch
xsa286-3.patch
xsa286-4.patch
xsa286-5.patch
xsa286-6.patch
- bsc#1177412 - VUL-0: xen: Race condition in Xen mapping code
(XSA-345)
5f8ed5d3-x86-mm-map_pages_to_xen-single-exit-path.patch
5f8ed5eb-x86-mm-modify_xen_mappings-one-exit-path.patch
5f8ed603-x86-mm-prevent-races-in-mapping-updates.patch
- bsc#1177413 - VUL-0: xen: undue deferral of IOMMU TLB flushes
(XSA-346)
5f8ed635-IOMMU-suppress-iommu_dont_flush_iotlb-when.patch
5f8ed64c-IOMMU-hold-page-ref-until-TLB-flush.patch
- bsc#1177414 - VUL-0: xen: unsafe AMD IOMMU page table updates
(XSA-347)
5f8ed682-AMD-IOMMU-convert-amd_iommu_pte.patch
5f8ed69c-AMD-IOMMU-update-live-PTEs-atomically.patch
5f8ed6b0-AMD-IOMMU-suitably-order-DTE-mods.patch
- Update libxc.sr.superpage.patch
set errno in x86_hvm_alloc_4k (bsc#1177112)
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0