openSUSE Kubic
Threads by month
- ----- 2024 -----
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
December 2020
- 14 participants
- 57 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bash
gcc10 (10.2.1+git958 -> 10.2.1+git1030)
gmp (6.2.0 -> 6.2.1)
grep
=== Details ===
==== bash ====
- remove obsolete info macros
- prepare usrmerge (boo#1029961)
==== gcc10 ====
Version update (10.2.1+git958 -> 10.2.1+git1030)
Subpackages: cpp10 libgcc_s1 libgomp1 libstdc++6
- Update to gcc-10 branch head (e563687cf9d3d1278f45aaebd), git1030
* Includes fix for firefox build [gcc#97918]
- Do not specify alternate offload compiler location at
configure time.
- Update README.First-for.SuSE.packagers
- Install offload compilers for gcc10-testresults build
- Enable fortran for offload compilers.
==== gmp ====
Version update (6.2.0 -> 6.2.1)
- GMP 6.2.1:
* A possible overflow of type int is avoided for mpz_cmp on huge
operands
* Overflows are more carefully detected and reported for
mpz_pow_ui
* Fix a bug in longlong.h for aarch64 sub_ddmmss
* mini-gmp: mpz_out_str and mpq_out_str now correctly handle out
of range bases
* C90 compliance
* Support for more processors
==== grep ====
- remove deprecated texinfo macros
- silence egrep,fgrep packaging warnings
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bash
gcc10 (10.2.1+git958 -> 10.2.1+git1030)
gmp (6.2.0 -> 6.2.1)
grep
=== Details ===
==== bash ====
- remove obsolete info macros
- prepare usrmerge (boo#1029961)
==== gcc10 ====
Version update (10.2.1+git958 -> 10.2.1+git1030)
Subpackages: libgcc_s1 libgomp1 libstdc++6
- Update to gcc-10 branch head (e563687cf9d3d1278f45aaebd), git1030
* Includes fix for firefox build [gcc#97918]
- Do not specify alternate offload compiler location at
configure time.
- Update README.First-for.SuSE.packagers
- Install offload compilers for gcc10-testresults build
- Enable fortran for offload compilers.
==== gmp ====
Version update (6.2.0 -> 6.2.1)
- GMP 6.2.1:
* A possible overflow of type int is avoided for mpz_cmp on huge
operands
* Overflows are more carefully detected and reported for
mpz_pow_ui
* Fix a bug in longlong.h for aarch64 sub_ddmmss
* mini-gmp: mpz_out_str and mpq_out_str now correctly handle out
of range bases
* C90 compliance
* Support for more processors
==== grep ====
- remove deprecated texinfo macros
- silence egrep,fgrep packaging warnings
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa
Mesa-drivers
NetworkManager
PackageKit
apparmor (3.0.0 -> 3.0.1)
audit-secondary
bluedevil5 (5.20.3 -> 5.20.4)
breeze (5.20.3 -> 5.20.4)
busybox
busybox-links
discover (5.20.3 -> 5.20.4)
drkonqi5 (5.20.3 -> 5.20.4)
elfutils (0.181 -> 0.182)
ffmpeg-4
fwupd (1.5.1 -> 1.5.2)
glibmm2_4 (2.64.4 -> 2.64.5)
gnome-shell (3.38.1 -> 3.38.2)
gnome-shell-extensions (3.38.1 -> 3.38.2)
gnome-tweaks
kactivitymanagerd (5.20.3 -> 5.20.4)
kde-cli-tools5 (5.20.3 -> 5.20.4)
kernel-source (5.9.11 -> 5.9.12)
kexec-tools
kgamma5 (5.20.3 -> 5.20.4)
khotkeys5 (5.20.3 -> 5.20.4)
kinfocenter5 (5.20.3 -> 5.20.4)
kmenuedit5 (5.20.3 -> 5.20.4)
kscreen5 (5.20.3 -> 5.20.4)
kscreenlocker (5.20.3 -> 5.20.4)
ksysguard5 (5.20.3 -> 5.20.4)
kwayland-integration (5.20.3 -> 5.20.4)
kwayland-server (5.20.3 -> 5.20.4)
kwin5 (5.20.3 -> 5.20.4)
kwrited5 (5.20.3 -> 5.20.4)
libapparmor (3.0.0 -> 3.0.1)
libarchive (3.4.3 -> 3.5.0)
libass (0.14.0 -> 0.15.0)
libgit2
libinput (1.16.3 -> 1.16.4)
libkdecoration2 (5.20.3 -> 5.20.4)
libkscreen2 (5.20.3 -> 5.20.4)
libksysguard5 (5.20.3 -> 5.20.4)
libmodulemd (2.9.4 -> 2.10.0)
libqt5-qtwayland
libva (2.9.0 -> 2.9.1)
libyui-qt (2.56.3 -> 2.56.4)
llvm11
milou5 (5.20.3 -> 5.20.4)
mozjs78 (78.4.0 -> 78.5.0)
mutter (3.38.1 -> 3.38.2)
open-iscsi
pam (1.5.0 -> 1.5.1)
perl-File-Listing (6.11 -> 6.14)
plasma-nm5 (5.20.3 -> 5.20.4)
plasma5-addons (5.20.3 -> 5.20.4)
plasma5-desktop (5.20.3 -> 5.20.4)
plasma5-integration (5.20.3 -> 5.20.4)
plasma5-openSUSE
plasma5-pa (5.20.3 -> 5.20.4)
plasma5-workspace (5.20.3 -> 5.20.4)
podman (2.1.1 -> 2.2.0)
polkit-kde-agent-5 (5.20.3 -> 5.20.4)
powerdevil5 (5.20.3 -> 5.20.4)
pulseaudio (13.0 -> 14.0)
python-psutil (5.7.2 -> 5.7.3)
python-pytz (2020.1 -> 2020.4)
python-requests (2.24.0 -> 2.25.0)
sed
snapper
sqlite3 (3.33.0 -> 3.34.0)
systemd
systemd-default-settings
systemsettings5 (5.20.3 -> 5.20.4)
tslib (1.16 -> 1.22)
webkit2gtk3
xdg-desktop-portal-kde (5.20.3 -> 5.20.4)
xorg-x11-server
yast2 (4.3.44 -> 4.3.45)
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- require llvm-devel *without* any explicit version number for
factory/TW to imply 'distro default llvm version', which we
usually bump up when a new stable llvm comes out
- use llvm11 on factory/TW and sle15-sp3/Leap 15.3
- enabled build of radeonsi DRI and VDPAU driver on aarch64
(boo#1179376)
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium
- require llvm-devel *without* any explicit version number for
factory/TW to imply 'distro default llvm version', which we
usually bump up when a new stable llvm comes out
- use llvm11 on factory/TW and sle15-sp3/Leap 15.3
- enabled build of radeonsi DRI and VDPAU driver on aarch64
(boo#1179376)
==== NetworkManager ====
Subpackages: libnm0 typelib-1_0-NM-1_0
- Provide service(network) and sysvinit(network) to be an alternative
to wicked-service
==== PackageKit ====
Subpackages: PackageKit-backend-zypp libpackagekit-glib2-18
- Add PackageKit-zypp-cleanup-tmp-files.patch: Revert "Revert
"zypp: Clean up temporary files when PK quits""
(bsc#1169739 gh#hughsie/PackageKit/commit#cf73b01a).
==== apparmor ====
Version update (3.0.0 -> 3.0.1)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- update to AppArmor 3.0.1
- minor additions to profiles and abstractions
- some bugfixes in libapparmor, apparmor_parser and the aa-* utils
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- removed upstream(ed) patches:
- changes-since-3.0.0.diff
- extra-profiles-fix-Pux.diff
- utils-fix-hotkey-conflict.diff
- Use apache provided variables for the module_directry:
+ Use %apache_libexecdir
+ Add apache-rpm-macros BuildRequires
==== audit-secondary ====
Subpackages: audit python3-audit
- prepare usrmerge (boo#1029961)
==== bluedevil5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== breeze ====
Version update (5.20.3 -> 5.20.4)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-wallpapers libbreezecommon5-5
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Notify on color scheme changes (kde#428771)
==== busybox ====
- prepare usrmerge (boo#1029961)
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-psmisc busybox-sed
- Add conflicts: bridge-utils to busybox-iproute2: both packages
provide /usr/sbin/brctl.
==== discover ====
Version update (5.20.3 -> 5.20.4)
Subpackages: discover-backend-flatpak
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Fix incorrect usage of units on ApplicationDelegate
* Fix sidebar header/toolbar sizing and height
* Display title in application page
* pk: Set the Daemon locale at start
* Fix installation of local packages (kde#428125)
==== drkonqi5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== elfutils ====
Version update (0.181 -> 0.182)
Subpackages: libasm1 libdw1 libelf1
- Mention elfutils-rpmlintrc as a Source.
- Add rpmlintrc for
libdebuginfod1-dummy.s390x: E: shlib-policy-name-error (Badness: 10000) libdebuginfod1
which is expected as libdebuginfod1 and it's dummy library do share equal
soname.
- Update to version 0.182:
backends: Support for tilegx has been removed.
config: New /etc/profile.d files to provide default $DEBUGINFOD_URLS.
debuginfod: More efficient package traversal, tolerate various errors
during scanning, grooming progress is more visible and
interruptible, more prometheus metrics.
debuginfod-client: Now supports compressed (kernel) ELF images.
libdwfl: Add ZSTD compression support.
- Creatu dummy subpackages that can be used for build of packages
that are in bootstrap cycle.
- Add Provides for real packages.
==== ffmpeg-4 ====
Subpackages: libavcodec58_91 libavformat58_45 libavutil56_51 libswresample3_7
- Add ffmpeg_altivec_yuv2rgb_novsx.patch for ppc64 (BE) as per
https://trac.ffmpeg.org/ticket/8750
https://bugzilla.opensuse.org/show_bug.cgi?id=1179332
==== fwupd ====
Version update (1.5.1 -> 1.5.2)
Subpackages: libfwupd2 libfwupdplugin1 typelib-1_0-Fwupd-2_0
- Update to version 1.5.2:
+ ata: Add OUI quirk for Toshiba
+ libfwupd: Restore recognizing gpg and pkcs7 types still
+ Register the SoupSession gtype when required
+ Switch from libsoup to libcurl
+ Fix sync method when called from threads without a context
+ Move ABI check to Github actions
+ Enable github workflows
+ libfwupd: Add fwupd_client_download_file()
+ libfwupd: Add fwupd_client_get_user_agent()
+ Only download the remote metadata as required
+ Add breaks for fwupdate 12-7 (Closes: #960688)
+ Install modules-load configs in the correct directory
+ vli: Do not be clever replugging the MSP430 device
+ vli: Make some trivial debugging more specific to help debug
an issue
+ make gcab optional
+ Fall back to FAT32 internal partitions for detecting ESP
+ Add a flag to indicate if packages are supported
+ uefi: a new option for uefi configuration to use UEFI removable
path
+ Add a section to man page on scripting
+ synaptics-mst: Improve reliability by waiting 2 seconds after
writing data
+ hailuck: Add an plugin for the Pinebook Pro laptop
+ Allow setting global flags for FuHidDevice
+ Set the SMBIOS chassis type to portable if a DT battery exists
+ colorhug: Don't set the version format to triplet at startup
+ Allow components to set the icon from the metadata
+ colorhug: Fix detection of version on older firmware versions
+ bcm57xx: Fix reading vendor/device ids from firmware.
+ Remove HSI update and attestation suffixes
+ trivial: make dbxtool executable to fix snap build
+ Ignore an invalid vendor-id when adding releases for display
+ Notify the service manager when idle-quitting
- Refresh fwupd-bsc1130056-change-shim-path.patch
- Changes in BuildRequires:
+ Replace pkgconfig(libsoup-2.4) with pkgconfig(libcurl)
+ Replace pkgconfig(systemd) with pkgconfig(libsystemd)
- fwupd-msr.conf and fwupd-platform-integrity.conf are moved to
%{_modulesloaddir}.
==== glibmm2_4 ====
Version update (2.64.4 -> 2.64.5)
Subpackages: libgiomm-2_4-1 libglibmm-2_4-1
- Update to version 2.64.5:
+ gmmproc: Fix compatibility with gtkmm 3.24.2.
+ Build: Meson build: Fix Cocoa (macOS) detection.
==== gnome-shell ====
Version update (3.38.1 -> 3.38.2)
Subpackages: gnome-shell-calendar
- Update to version 3.38.2:
+ Handle @content properties in ease() functions.
+ Fix screencast indicator on Xorg.
+ Fix inline-replies in chat notifications.
+ Improve do-not-disturb support.
+ Fix mobile broadband support.
+ Improve app picker spacing on larger resolutions.
+ Plugged leaks.
+ Fixed crashes.
+ Misc. bug fixes and cleanups.
+ Updated translations.
- Drop 98234acd5b48a58c2d112b5edb3dddb85e04a643.patch: Fixed
upstream.
==== gnome-shell-extensions ====
Version update (3.38.1 -> 3.38.2)
Subpackages: gnome-shell-classic gnome-shell-classic-session
- Update to version 3.38.2:
+ window-list: Honor changes in skip-taskbar property.
+ window-list, workspace-indicator:
- Improve previews in workspace thumbs.
- Adjust to 3.38 changes.
+ auto-move: Improve behavior on multi-monitor setups.
+ windowNavigator: Adjust to 3.38 changes.
+ Misc. bug fixes.
==== gnome-tweaks ====
- Add gnome-tweaks-port-libhandy-1.patch: Port to using new handy.
==== kactivitymanagerd ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kde-cli-tools5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kernel-source ====
Version update (5.9.11 -> 5.9.12)
- Linux 5.9.12 (bsc#1012628).
- io_uring: get an active ref_node from files_data (bsc#1012628).
- io_uring: order refnode recycling (bsc#1012628).
- spi: bcm-qspi: Fix use-after-free on unbind (bsc#1012628).
- spi: bcm2835: Fix use-after-free on unbind (bsc#1012628).
- ipv4: use IS_ENABLED instead of ifdef (bsc#1012628).
- IB/hfi1: Ensure correct mm is used at all times (bsc#1012628).
- RDMA/i40iw: Address an mmap handler exploit in i40iw
(bsc#1012628).
- btrfs: fix missing delalloc new bit for new delalloc ranges
(bsc#1012628).
- btrfs: tree-checker: add missing return after error in root_item
(bsc#1012628).
- btrfs: tree-checker: add missing returns after data_ref
alignment checks (bsc#1012628).
- btrfs: don't access possibly stale fs_info data for printing
duplicate device (bsc#1012628).
- btrfs: fix lockdep splat when reading qgroup config on mount
(bsc#1012628).
- rtc: pcf2127: fix a bug when not specify interrupts property
(bsc#1012628).
- s390: fix fpu restore in entry.S (bsc#1012628).
- mm: fix VM_BUG_ON(PageTail) and BUG_ON(PageWriteback)
(bsc#1012628).
- smb3: Call cifs reconnect from demultiplex thread (bsc#1012628).
- smb3: Avoid Mid pending list corruption (bsc#1012628).
- smb3: Handle error case during offload read path (bsc#1012628).
- cifs: fix a memleak with modefromsid (bsc#1012628).
- powerpc/64s: Fix KVM system reset handling when
CONFIG_PPC_PSERIES=y (bsc#1012628).
- powerpc/64s/exception: KVM Fix for host DSI being taken in
HPT guest MMU context (bsc#1012628).
- KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing
ESB page (bsc#1012628).
- KVM: arm64: vgic-v3: Drop the reporting of GICR_TYPER.Last
for userspace (bsc#1012628).
- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
(bsc#1012628).
- KVM: x86: Fix split-irqchip vs interrupt injection window
request (bsc#1012628).
- iommu/vt-d: Don't read VCCAP register unless it exists
(bsc#1012628).
- firmware: xilinx: Use hash-table for api feature check
(bsc#1012628).
- drm/amdgpu: fix SI UVD firmware validate resume fail
(bsc#1012628).
- io_uring: fix ITER_BVEC check (bsc#1012628).
- trace: fix potenial dangerous pointer (bsc#1012628).
- arm64: tegra: Correct the UART for Jetson Xavier NX
(bsc#1012628).
- arm64: tegra: Fix USB_VBUS_EN0 regulator on Jetson TX1
(bsc#1012628).
- arm64: pgtable: Fix pte_accessible() (bsc#1012628).
- arm64: pgtable: Ensure dirty bit is preserved across
pte_wrprotect() (bsc#1012628).
- drm/amdgpu: fix a page fault (bsc#1012628).
- drm/amdgpu: update golden setting for sienna_cichlid
(bsc#1012628).
- drm/amd/amdgpu: fix null pointer in runtime pm (bsc#1012628).
- drm/amd/display: Avoid HDCP initialization in devices without
output (bsc#1012628).
- HID: uclogic: Add ID for Trust Flex Design Tablet (bsc#1012628).
- HID: ite: Replace ABS_MISC 120/121 events with touchpad on/off
keypresses (bsc#1012628).
- HID: cypress: Support Varmilo Keyboards' media hotkeys
(bsc#1012628).
- HID: add support for Sega Saturn (bsc#1012628).
- Input: i8042 - allow insmod to succeed on devices without an
i8042 controller (bsc#1012628).
- HID: hid-sensor-hub: Fix issue with devices with no report ID
(bsc#1012628).
- staging: ralink-gdma: fix kconfig dependency bug for DMA_RALINK
(bsc#1012628).
- HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice
devices (bsc#1012628).
- dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant
(bsc#1012628).
- x86/xen: don't unbind uninitialized lock_kicker_irq
(bsc#1012628).
- kunit: fix display of failed expectations for strings
(bsc#1012628).
- HID: logitech-hidpp: Add HIDPP_CONSUMER_VENDOR_KEYS quirk for
the Dinovo Edge (bsc#1012628).
- HID: Add Logitech Dinovo Edge battery quirk (bsc#1012628).
- proc: don't allow async path resolution of /proc/self components
(bsc#1012628).
- nvme: free sq/cq dbbuf pointers when dbbuf set fails
(bsc#1012628).
- io_uring: handle -EOPNOTSUPP on path resolution (bsc#1012628).
- net: stmmac: dwmac_lib: enlarge dma reset timeout (bsc#1012628).
- vdpasim: fix "mac_pton" undefined error (bsc#1012628).
- vhost: add helper to check if a vq has been setup (bsc#1012628).
- vhost scsi: alloc cmds per vq instead of session (bsc#1012628).
- vhost scsi: fix cmd completion race (bsc#1012628).
- cpuidle: tegra: Annotate tegra_pm_set_cpu_in_lp2() with
RCU_NONIDLE (bsc#1012628).
- dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
(bsc#1012628).
- scsi: libiscsi: Fix NOP race condition (bsc#1012628).
- scsi: target: iscsi: Fix cmd abort fabric stop race
(bsc#1012628).
- lockdep: Put graph lock/unlock under lock_recursion protection
(bsc#1012628).
- perf/x86: fix sysfs type mismatches (bsc#1012628).
- xtensa: uaccess: Add missing __user to strncpy_from_user()
prototype (bsc#1012628).
- x86/dumpstack: Do not try to access user space code of other
tasks (bsc#1012628).
- net: dsa: mv88e6xxx: Wait for EEPROM done after HW reset
(bsc#1012628).
- bus: ti-sysc: Fix reset status check for modules with quirks
(bsc#1012628).
- bus: ti-sysc: Fix bogus resetdone warning on enable for cpsw
(bsc#1012628).
- ARM: OMAP2+: Manage MPU state properly for
omap_enter_idle_coupled() (bsc#1012628).
- phy: tegra: xusb: Fix dangling pointer on probe failure
(bsc#1012628).
- iwlwifi: mvm: use the HOT_SPOT_CMD to cancel an AUX ROC
(bsc#1012628).
- iwlwifi: mvm: properly cancel a session protection for P2P
(bsc#1012628).
- iwlwifi: mvm: write queue_sync_state only for sync
(bsc#1012628).
- KVM: s390: pv: Mark mm as protected after the set secure
parameters and improve cleanup (bsc#1012628).
- KVM: s390: remove diag318 reset code (bsc#1012628).
- batman-adv: set .owner to THIS_MODULE (bsc#1012628).
- usb: cdns3: gadget: fix some endian issues (bsc#1012628).
- usb: cdns3: gadget: calculate TD_SIZE based on TD (bsc#1012628).
- phy: qualcomm: usb: Fix SuperSpeed PHY OF dependency
(bsc#1012628).
- phy: qualcomm: Fix 28 nm Hi-Speed USB PHY OF dependency
(bsc#1012628).
- arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed
(bsc#1012628).
- bus: ti-sysc: suppress err msg for timers used as
clockevent/source (bsc#1012628).
- ARM: dts: dra76x: m_can: fix order of clocks (bsc#1012628).
- scsi: ufs: Fix race between shutdown and runtime resume flow
(bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_one() (bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_board()
(bsc#1012628).
- video: hyperv_fb: Fix the cache type when mapping the VRAM
(bsc#1012628).
- bnxt_en: Release PCI regions when DMA mask setup fails during
probe (bsc#1012628).
- block/keyslot-manager: prevent crash when num_slots=1
(bsc#1012628).
- cxgb4: fix the panic caused by non smac rewrite (bsc#1012628).
- dpaa2-eth: select XGMAC_MDIO for MDIO bus support (bsc#1012628).
- s390/qeth: make af_iucv TX notification call more robust
(bsc#1012628).
- s390/qeth: fix af_iucv notification race (bsc#1012628).
- s390/qeth: fix tear down of async TX buffers (bsc#1012628).
- drm/mediatek: dsi: Modify horizontal front/back porch byte
formula (bsc#1012628).
- bonding: wait for sysfs kobject destruction before freeing
struct slave (bsc#1012628).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1012628).
- ibmvnic: notify peers when failover and migration happen
(bsc#1012628).
- powerpc/64s: Fix allnoconfig build since uaccess flush
(bsc#1012628).
- iommu: Check return of __iommu_attach_device() (bsc#1012628).
- IB/mthca: fix return value of error branch in mthca_init_cq()
(bsc#1012628).
- i40e: Fix removing driver while bare-metal VFs pass traffic
(bsc#1012628).
- firmware: xilinx: Fix SD DLL node reset issue (bsc#1012628).
- spi: imx: fix the unbalanced spi runtime pm management
(bsc#1012628).
- io_uring: fix shift-out-of-bounds when round up cq size
(bsc#1012628).
- aquantia: Remove the build_skb path (bsc#1012628).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
(bsc#1012628).
- net: ena: handle bad request id in ena_netdev (bsc#1012628).
- net: ena: set initial DMA width to avoid intel iommu issue
(bsc#1012628).
- net: ena: fix packet's addresses for rx_offset feature
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq
(bsc#1012628).
- ibmvnic: enhance resetting status check during module exit
(bsc#1012628).
- optee: add writeback to valid memory type (bsc#1012628).
- x86/tboot: Don't disable swiotlb when iommu is forced on
(bsc#1012628).
- arm64: tegra: Wrong AON HSP reg property size (bsc#1012628).
- efi/efivars: Set generic ops before loading SSDT (bsc#1012628).
- efivarfs: revert "fix memory leak in efivarfs_create()"
(bsc#1012628).
- efi: EFI_EARLYCON should depend on EFI (bsc#1012628).
- riscv: Explicitly specify the build id style in vDSO Makefile
again (bsc#1012628).
- RISC-V: Add missing jump label initialization (bsc#1012628).
- RISC-V: fix barrier() use in <vdso/processor.h> (bsc#1012628).
- net: stmmac: fix incorrect merge of patch upstream
(bsc#1012628).
- enetc: Let the hardware auto-advance the taprio base-time of 0
(bsc#1012628).
- ptp: clockmatrix: bug fix for idtcm_strverscmp (bsc#1012628).
- drm/nouveau: fix relocations applying logic and a double-free
(bsc#1012628).
- can: gs_usb: fix endianess problem with candleLight firmware
(bsc#1012628).
- platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup
time (bsc#1012628).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment
(bsc#1012628).
- RDMA/hns: Fix wrong field of SRQ number the device supports
(bsc#1012628).
- RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP
(bsc#1012628).
- RDMA/hns: Bugfix for memory window mtpt configuration
(bsc#1012628).
- can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from
request_threaded_irq()'s flags (bsc#1012628).
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
(bsc#1012628).
- perf record: Synthesize cgroup events only if needed
(bsc#1012628).
- perf stat: Use proper cpu for shadow stats (bsc#1012628).
- perf probe: Fix to die_entrypc() returns error correctly
(bsc#1012628).
- USB: core: Change %pK for __user pointers to %px (bsc#1012628).
- usb: gadget: f_midi: Fix memleak in f_midi_alloc (bsc#1012628).
- USB: core: Fix regression in Hercules audio card (bsc#1012628).
- USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo
A630Z TIO built-in usb-audio card (bsc#1012628).
- usb: gadget: Fix memleak in gadgetfs_fill_super (bsc#1012628).
- irqchip/exiu: Fix the index of fwspec for IRQ type
(bsc#1012628).
- x86/mce: Do not overwrite no_way_out if mce_end() fails
(bsc#1012628).
- x86/speculation: Fix prctl() when
spectre_v2_user={seccomp,prctl},ibpb (bsc#1012628).
- x86/resctrl: Remove superfluous kernfs_get() calls to prevent
refcount leak (bsc#1012628).
- x86/resctrl: Add necessary kernfs_put() calls to prevent
refcount leak (bsc#1012628).
- drm/amdgpu: add rlc iram and dram firmware support
(bsc#1012628).
- commit 46922da
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks
(boo#1179082).
- commit 76a9256
- Update config files.
Refresh after SOUNDWIRE removal.
- commit fa3b6ea
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- commit 965157e
- Update config files: make CONFIG_SOUNDWIRE=m (bsc#1179201)
Also turned it off for unrelated platforms
- commit afd1f81
- Update
patches.kernel.org/5.9.11-181-sched-Fix-data-race-in-wakeup.patch
(bsc#1012628 bsc#1175893).
Add a bsc.
- commit d5a5c02
- dt-bindings: pwm: Add binding for RPi firmware PWM bus
(jsc#SLE-16543).
- staging: vchiq: Release firmware handle on unbind
(jsc#SLE-16543).
- soc: bcm: raspberrypi-power: Release firmware handle on unbind
(jsc#SLE-16543).
- - pwm: Add Raspberry Pi Firmware based PWM bus (jsc#SLE-16543).
- Update configs: Enable pwm driver on arm64/arm32
- supported.conf: Enable pwm driver
- input: raspberrypi-ts: Release firmware handle when not needed
(jsc#SLE-16543).
- gpio: raspberrypi-exp: Release firmware handle on unbind
(jsc#SLE-16543).
- firmware: raspberrypi: Keep count of all consumers
(jsc#SLE-16543).
- firmware: raspberrypi: Introduce devm_rpi_firmware_get()
(jsc#SLE-16543).
- clk: bcm: rpi: Release firmware handle on unbind
(jsc#SLE-16543).
- commit e8d4edd
==== kexec-tools ====
- prepare usrmerge (boo#1029961)
==== kgamma5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== khotkeys5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kinfocenter5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* weight main categories properly (kde#429153)
==== kmenuedit5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kscreen5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kscreenlocker ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libKScreenLocker5
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Use QuickControls 2 StackView (kde#429290)
* actually replace wallaper pages
==== ksysguard5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kwayland-integration ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kwayland-server ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kwin5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* xwl: No need to delete the source immediately
* xwl: No need to create createX11Source twice consecutively
* xwl: Do not refresh the x11 Clipboard while fetching (kde#424754)
* xwl: Include errors and warnings
* screencating: query for dmabuf availability before we start streaming
* wayland: Fix clipped thumbnails of client-side decorated apps (kde#428595)
* Fixed Toggle Night Color global shortcut, which used i18n in object name, leading to erratic behavior e.g. when system locale or translations changed. (kde#428024)
* Set setMoveResize(true) after stopping fullscreen and quick tiling (kde#427848)
* screencasting: don't crash if the cursor is too big for our buffer
* fix: magiclamp effect wrong direction.
* kcm/decorations: Fix border size updating for thumbnails
==== kwrited5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== libapparmor ====
Version update (3.0.0 -> 3.0.1)
- update to AppArmor 3.0.1
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- drop upstream patch changes-since-3.0.0.diff
==== libarchive ====
Version update (3.4.3 -> 3.5.0)
- Update to version 3.5.0
New features:
* mtree digest reader support (#1347)
* completed support for UTF-8 encoding conversion (#1389)
* minor API enhancements (#1258, #1405)
* support for system extended attributes (#1409)
* support for decompression of symbolic links in zipx archives (#1435)
Important bugfixes
* fixed extraction of archives with hard links pointing to itself (#1381)
* cpio fixes (#1387, #1388)
* fixed uninitialized size in rar5_read_data (#1408)
* fixed memory leaks in error case of archive_write_open() functions (#1456)
- Drop libarchive-3.4.3-fix_test_write_disk_secure.patch, fixed upstream.
==== libass ====
Version update (0.14.0 -> 0.15.0)
- Update to version 0.15.0
* Fix backwards/VSFilter-incompatible font sizes with FreeType
2.10+
* Improve speed via better caching
* Require HarfBuzz unconditionally to ensure good shaping for
complex scripts
* ass_set_use_margins(true) now simply places text on the whole
screen instead of attempting to tie it to video positioning
(set by the margin values) and failing in various ways when
margins are used to implement pan & scan in a video player
* Add ass_track_set_feature() & catch-all
ASS_FEATURE_INCOMPATIBLE_EXTENSIONS
* Add ASS_FEATURE_BIDI_BRACKETS to enable Unicode 6.3+ bracket
matching when applying the Unicode Bidirectional Algorithm
(incompatible with VSFilter; requires libass built with
FriBidi 1.0+)
* Fix stack overflow on deeply nested \t tags
* Fix positioning of events with leading line breaks
* Fix small but nonzero \bord becoming \bord0 (regression in
0.14.0)
* Measure BorderStyle=4 box padding from glyph border, not
from glyph fill
* Scale everything from script resolution if storage size is
not set (including borders and shadows regardless of
ScaledBorderAndShadow)
* Fix the default aspect ratio calculation when neither
ass_set_pixel_aspect() nor ass_set_aspect_ratio() is called
* Multiple fixes for karaoke override tags
* Handle memory allocation failures better:
avoid some crashes and produce images closer to truth
* Avoid some integer overflows
* Add internal infrastructure for regression testing
* Improve VSFilter compatibility:
+ Treat invalid nested \t tags like VSFilter
+ Make \t(T,T,...) at time exactly T use the post-transition
values
+ Make lines stack more like they do in VSFilter
+ Default ScaledBorderAndShadow to 0 (like VSFilter),
except for subtitles that were produced by old FFmpeg/Libav
+ Make shadow positioning with 3D transforms match VSFilter's
+ Cut out glyphs from border & shadow in all the same cases
as VSFilter
+ Match VSFilter on animated color tags with negative
acceleration
+ Fix parsing of some files that VSFilter accepts but libass
didn't by ignoring leading whitespace in each line of an
ASS file or CodecPrivate
+ Improve font selection with CoreText
+ Stop faux-bolding fonts that are too bold to get faux bold
in VSFilter
+ Ignore leading/trailing spaces when calculating height of
nonblank lines
+ Match VSFilter on \fade with large alpha value arguments
+ Stop splitting bitmaps on font substitution
+ Multiple fixes for Banner and Scroll effects
+ Multiple fixes for karaoke override tags
==== libgit2 ====
- require library required by pkg-config file
==== libinput ====
Version update (1.16.3 -> 1.16.4)
- Update to release 1.16.4
* Fix the termination of the readlink result
* udev: update rules to handle bind/unbind events
==== libkdecoration2 ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libkdecorations2-5 libkdecorations2private7
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== libkscreen2 ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libKF5Screen7 libkscreen2-plugin
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Fix build with newer Qt
==== libksysguard5 ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libksysguard5-helper libksysguard5-imports
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Do not insert non existing columns
* Write entries if face config changes (kde#429155,kde#429167,kde#429367)
* Delete compactRepresentation when switching faces (kde#424599)
==== libmodulemd ====
Version update (2.9.4 -> 2.10.0)
- Update to 2.10.0
+ Add modulemd-obsoletes
+ Add modulemd v3 format
- Fix build for 32-bit architectures with patch from upstream
+ Patch: 0001-Fix-integer-size-issue-on-32-bit-platforms.patch
==== libqt5-qtwayland ====
Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5
- Add upstream patch to fix a regression:
* 0001-Scanner-Avoid-accessing-dangling-pointers-in-destroy.patch
==== libva ====
Version update (2.9.0 -> 2.9.1)
Subpackages: libva-drm2 libva2
- update to 2.9.1:
* fix version mismatch between meson and autotools
==== libyui-qt ====
Version update (2.56.3 -> 2.56.4)
- Add folder-temp icon (related to jsc#SLE-16313).
- 2.56.4
==== llvm11 ====
- Add compiler-rt-dont-compile-assembly-files-as-c.patch to fix
build failure with newer CMake versions.
- Let CMake files in {llvm,clang}X-devel refer to the versioned
binaries that come with the package instead of the symlink
managed by update-alternatives. (boo#1178513)
==== milou5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== mozjs78 ====
Version update (78.4.0 -> 78.5.0)
- Update to version 78.5.0esr.
==== mutter ====
Version update (3.38.1 -> 3.38.2)
Subpackages: libmutter-7-0 mutter-data
- Update to version 3.38.2:
+ Fix unwanted position changes on window resize.
+ Fix _NET_WM_FRAME_DRAWN timestamps.
+ Fix missed redraws of newly-mapped actors.
+ (Temporarily) make Xwayland listen on abstract namespace socket
again.
+ Fix tiling to the correct monitor.
+ Fix background artifacts in magnifier.
+ Fix monitor tiling support on X11.
+ Fix device configuration not being picked up on X11.
+ Improve compatibility with Qt's wayland support.
+ Support tagging devices as primary GPU via udev.
+ Fix size hints with CSD.
+ Do not disable the X Security extension by default.
+ Fix unresponsive input after screen blank.
+ Improve tablet-mode-switch support.
+ Plugged memory leaks.
+ Fixed crashes.
+ Misc. bug fixes and cleanups.
+ Updated translations.
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Updatged to latest upstream, including:
* iscsiadm: Optimize the the verification of mode paramters
* iscsid: Poll timeout value to 1 minute for iscsid
* iscsiadm: fix host stats mode coredump
* iscsid: fix logging level when starting and shutting down daemon
* Updated iscsiadm man page.
* Fix memory leak in sysfs_get_str
* libopeniscsiusr: Compare with max int instead of max long
- Systemd unit files should not depend on network.target (bsc#1179440),
updating:
* open-iscsi-SUSE-latest.diff.bz2
==== pam ====
Version update (1.5.0 -> 1.5.1)
- Update to 1.5.1
- pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank [bsc#1179166]
- pam_faillock: added nodelay option to not set pam_fail_delay
- pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
==== perl-File-Listing ====
Version update (6.11 -> 6.14)
- updated to 6.14
see /usr/share/doc/packages/perl-File-Listing/Changes
6.14 2020-11-30 05:48:07 -0700
- Production version identical to 6.12_01
6.12_01 2020-11-27 16:13:15 -0700
- Handle default apache indexes (gh#20)
- Ignore certain known navigation links in apache indexes (gh#20)
- Support Win32 OpenSSH listing (gh#21 simon04++)
==== plasma-nm5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== plasma5-addons ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== plasma5-desktop ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Remove cmake checks for breeze decoration
* There is no Q_FALLTHROUGH in qml or js (kde#429574)
* Fix translation extraction (kde#429466)
* [kcms/users]: Fix 429313 (kde#429313)
* Use plasma theme icons in kickoff leave view
* Don't use visible property in procedural code to determine state (kde#408116)
* [panel] Fix dragging panel to resize for top and right panels (kde#429063)
==== plasma5-integration ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE sddm-theme-openSUSE
- Update to 5.20.4
==== plasma5-pa ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Remove count property from PulseObjectFilterModel (kde#427978)
==== plasma5-workspace ====
Version update (5.20.3 -> 5.20.4)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Fix Environment Canada weather domain.
* Fix build with newer Qt
* fix: Font files, kfontview and thumbnailer crash on Wayland (kde#401031)
* Readd searching for breeze decoration (kde#429298)
* [Notifications] Check pause button when job is paused
* The cursor previews are in a layout
* Revert "Use new simpler way to disable session management in services"
* [Tab switcher] Fix binding loop that spams the log (kde#410984)
==== podman ====
Version update (2.1.1 -> 2.2.0)
Subpackages: podman-cni-config
- Update to v2.2.0
* Features
- Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.
- Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.
- The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.
- The podman generate kube command now features support for exporting container's memory and CPU limits (#7855).
- The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).
- The podman play kube command now supports persistent volumes claims using Podman named volumes.
- The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).
- The podman play kube command now supports a --log-driver option to set the log driver for created containers.
- The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.
- The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).
- The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).
- The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.
- The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.
- The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container's logs (#7434).
- The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).
- The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.
- The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.
- The podman search command can now output JSON using the --format=json option.
- The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.
- The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.
- The --tls-verify and --authfile options have been enabled for use with remote Podman.
- The /etc/hosts file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).
- The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.
- The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.
- The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.
- The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.
- The podman pod ps command now supports a new filter status, that matches pods in a certain state.
* Changes
- The podman network rm --force command will now also remove pods that are using the network (#7791).
- The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.
- If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.
- Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).
- Many errors have been changed to remove repetition and be more clear as to what has gone wrong.
- The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.
- The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.
- Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).
- The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).
- A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.
- Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.
- The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).
- Remote Podman will no longer use settings from the client's containers.conf; defaults will instead be provided by the server's containers.conf (#7657).
- The podman network rm command now has a new alias, podman network remove (#8402).
* Bugfixes
- Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.
- Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).
- Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker's behavior.
- Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.
- Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.
- Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.
- Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).
- Fixed a bug where the podman untag --all command was not supported with remote Podman.
- Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).
- Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.
- Fixed a bug where Podman's handling of capabilities, specifically inheritable, did not match Docker's.
- Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).
- Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).
- Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).
- Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).
- Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).
- Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).
- Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).
- Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).
- Fixed a bug where the --format "table {{ .Field }}" option to numerous Podman commands ceased to function on Podman v2.0 and up.
- Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).
- Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).
- Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.
- Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).
- Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).
- Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).
- Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).
- Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.
- Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).
- Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).
- Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).
- Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.
- Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).
- Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).
- Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).
- Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.
- Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).
- Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...) (#8073).
- Fixed a bug where the podman ps command did not include information on all ports a container was publishing.
- Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.
- Fixed a bug where the podman wait command's --interval option did not work when units were not specified for the duration (#8088).
- Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).
- Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).
- Fixed a bug where the --extract option to podman cp was nonfunctional.
- Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).
- Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).
- Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).
- Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).
- Fixed a bug where the podman attach command would not exit when containers stopped (#8154).
- Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).
- Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).
- Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.
- Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).
- Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).
- Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).
- Fixed a bug where filters passed to podman volume list were not inclusive (#6765).
- Fixed a bug where the podman volume create command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).
- Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).
- Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).
- Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).
- Fixed a bug where the podman stats command did not show memory limits for containers (#8265).
- Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).
- Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).
- Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).
- Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.
- Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).
- Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.
- Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).
- Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.
- Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).
- Fixed a bug where the podman container ps alias for podman ps was missing (#8445).
* API
- The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.
- A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).
- The Compat Network Connect and Network Disconnect endpoints have been added.
- Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.
- The Compat Create endpoint for images now properly supports specifying images by digest.
- The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN instructions.
- The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.
- Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).
- Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.
- Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.
- Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).
- Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container's stop signal (#7917).
- Fixed a bug where the Compat Inspect endpoint for Containers formatted the container's create time incorrectly (#7860).
- Fixed a bug where the Compat Inspect endpoint for Containers did not include the container's Path, Args, and Restart Count.
- Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).
- Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.
- Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).
- Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).
- Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).
- Fixed a bug where the "no such image" error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.
- Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.
- Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.
- Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.
- Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.
==== polkit-kde-agent-5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== powerdevil5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== pulseaudio ====
Version update (13.0 -> 14.0)
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-module-bluetooth pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils
- Update to pulseaudio 14.0:
see details in:
https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/14.0/
- Build with --enable-stream-restore-clear-old-devices:
This is a bit destructive option, it will clear the old PA routing
once when upgraded prior to 14.0, but it's required for GNOME
(see the release notes above). It should be a one-off action,
and hopefully wouldn't bother too much.
- Drop obsoleted patches:
0001-alsa-mixer-path-test-Hide-unused-functions-when-buil.patch
0002-alsa-mixer-recognize-the-Speaker-Jack-control.patch
0003-alsa-mixer-add-support-for-SteelSeries-Arctis-Pro-20.patch
0004-alsa-mixer-Add-support-for-SteelSeries-Arctis-5-2019.patch
0005-alsa-mixer-add-support-for-LucidSound-LS31-and-creat.patch
0006-alsa-ucm-use-ucm2-name-for-the-direct-card-index-ope.patch
0007-alsa-ucm-add-mixer-IDs-to-ucm_items.patch
0008-alsa-mixer-handle-the-index-for-ALSA-mixer-element-i.patch
0009-alsa-mixer-improve-alsa_id_decode-function.patch
0010-alsa-ucm-Support-Playback-CaptureVolume.patch
0011-alsa-ucm-Fix-volume-control-based-on-review.patch
0012-alsa-ucm-use-the-correct-mixer-identifiers-as-first.patch
0013-alsa-ucm-add-support-for-master-volume.patch
0014-alsa-ucm-split-correctly-JackHWMute-device-names.patch
0015-alsa-ucm-fix-parsing-for-JackControl.patch
0016-alsa-ucm-add-comments-to-ucm_get_mixer_id.patch
0017-alsa-ucm-validate-access-to-PA_DEVICE_PORT_DATA.patch
0018-alsa-Skip-resume-PCM-if-hardware-doesn-t-support-it.patch
0019-alsa-ucm-parse-correctly-the-device-values.patch
0020-alsa-ucm-do-not-try-to-use-UCM-device-name-as-jack-n.patch
0021-alsa-util-do-not-try-to-guess-the-mixer-name-from-th.patch
0022-alsa-ucm-add-control-and-mixer-device-items.patch
0023-alsa-ucm-get-the-mixer-names-from-ucm-don-t-guess.patch
0024-alsa-ucm-use-the-proper-mixer-name-for-ucm-pcm-sink-.patch
0025-alsa-mixer-handle-interface-type-CARD-PCM-for-mixer-.patch
0026-alsa-mixer-Add-the-ability-to-pass-the-intended-role.patch
0027-alsa-mixer-Set-the-intended-role-of-Steelseries-Arct.patch
0028-alsa-rewrite-mixer-open-close-cache-mixer-accesses-i.patch
0029-alsa-ucm-add-support-for-HDMI-ELD.patch
0030-alsa-mixer-do-the-quick-card-number-lookup-to-save-m.patch
0031-alsa-mixer-improve-check-for-the-empty-path-set-for-.patch
0032-alsa-ucm-allow-to-set-profile-priority-from-UCM-valu.patch
0033-alsa-Document-that-mixer-elements-can-be-identified-.patch
0034-alsa-ucm-correct-the-channel-default-logic-stereo.patch
0035-alsa-ucm-do-not-assign-JackHWMute-when-JackControl-i.patch
0036-ucm-Don-t-log-errors-during-normal-operation.patch
0037-alsa-handle-unavailbale-HW-volume-in-UCM.patch
0038-alsa-ucm-use-the-right-profile-name.patch
0039-ucm-fix-the-port-ucm-device-activation-on-boot.patch
0040-alsa-sink-source-fix-the-mixer-initialization.patch
==== python-psutil ====
Version update (5.7.2 -> 5.7.3)
- update to 5.7.3:
- 809_: [FreeBSD] add support for `Process.rlimit()`.
- 893_: [BSD] add support for `Process.environ()` (patch by Armin Gruner)
- 1830_: [UNIX] `net_if_stats()`'s `isup` also checks whether the NIC is
running (meaning Wi-Fi or ethernet cable is connected).
- 1837_: [Linux] improved battery detection and charge "secsleft" calculation
- 1620_: [Linux] physical cpu_count() result is incorrect on systems with more
than one CPU socket.
- 1738_: [macOS] Process.exe() may raise FileNotFoundError if process is still
alive but the exe file which launched it got deleted.
- 1791_: [macOS] fix missing include for getpagesize().
- 1823_: [Windows] Process.open_files() may cause a segfault due to a NULL
pointer.
- 1838_: [Linux] sensors_battery(): if `percent` can be determined but not
the remaining values, still return a result instead of None.
- skip-obs.patch, skip_failing_tests.patch: rediff
==== python-pytz ====
Version update (2020.1 -> 2020.4)
- update to 2020.4:
* update to IANA 2020d timezone release
==== python-requests ====
Version update (2.24.0 -> 2.25.0)
- update to 2.25.0:
* Added support for NETRC environment variable. (#5643)
* Requests now supports urllib3 v1.26.
* Requests v2.25.x will be the last release series with support for Python 3.5.
- refreshed requests-no-hardcoded-version.patch
==== sed ====
- prepare usrmerge (boo#1029961)
==== snapper ====
Subpackages: libsnapper5
- do not override passwd after getpwuid_r et.al. calls
(gh#openSUSE/snapper#589)
- state in man-pages that ext4 support is discontinued
(gh#openSUSE/snapper#331)
- use C++11 regexes instead of own regcomp/regexec wrapper class
(see gh#openSUSE/snapper#583)
==== sqlite3 ====
Version update (3.33.0 -> 3.34.0)
- SQLite 3.34.0:
* Added the sqlite3_txn_state() interface for reporting on the
current transaction state of the database connection.
* Enhance recursive common table expressions to support two or more
recursive terms as is done by SQL Server, since this helps make
queries against graphs easier to write and faster to execute.\
* Improved error messages on CHECK constraint failures.
* The .read dot-command now accepts a pipeline in addition to a
filename.
* Added options --data-only and --nosys to the .dump dot-command.
* Added the --nosys option to the .schema dot-command.
* Table name quoting works correctly for the .import dot-command.
* The generate_series(START,END,STEP) table-valued function
extension is now built into the CLI.
* The .databases dot-command now show the status of each database
file as determined by sqlite3_db_readonly() and
sqlite3_txn_state().
* Added the --tabs command-line option that sets .mode tabs.
* The --init option reports an error if the file named as its
argument cannot be opened. The --init option also now honors the
- -bail option.
* Improved estimates for the cost of running a DISTINCT operator.
* When doing an UPDATE or DELETE using a multi-column index where
only a few of the earlier columns of the index are useful for the
index lookup, postpone doing the main table seek until after all
WHERE clause constraints have been evaluated, in case those
constraints can be covered by unused later terms of the index,
thus avoiding unnecessary main table seeks.
* The new OP_SeekScan opcode is used to improve performance of
multi-column index look-ups when later columns are constrained by
an IN operator.
* The BEGIN IMMEDIATE and BEGIN EXCLUSIVE commands now work even if
one or more attached database files are read-only.
* Enhanced FTS5 to support trigram indexes.
* Improved performance of WAL mode locking primitives in cases where
there are hundreds of connections all accessing the same database
file at once.
* Enhanced the carray() table-valued function to include a
single-argument form that is bound using the auxiliary
sqlite3_carray_bind() interface.
* The substr() SQL function can now also be called "substring()" for
compatibility with SQL Server.
* The syntax diagrams are now implemented as Pikchr scripts and
rendered as SVG for improved legibility and ease of maintenance.
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit f6104ea5f554233e34b94ffd92da8332c3bd7d8f
617aed9236 scope: on unified, make sure to unwatch all PIDs once they've been moved to the cgroup scope
- Don't post-require systemd-default-settings-branding anymore
This is actually not needed now that the branding package issues a
PID1 reloading every times it's being updated.
- Import commit 49caf8e37aba04841e5493ccc25e7edab462d95b
f8f7286527 units: restore sysfs conditions in sys-fs-fuse-connections.mount and sys-kernel-config.mount
e9c7158dc7 units: wait until some fs modules are entirely loaded before mounting their corresponding filesystem (bsc#1178631)
ac7ddc4201 Revert "units: skip modprobe@.service if the unit appears to be already loaded"
17310a1d19 core: serialize u->pids until the processes have been moved to the scope cgroup (bsc#1174436)
1416965614 meson: add option to skip installing to $sysconfdir
f71a1ef5d0 systemctl: give a nice hint about org.freedesktop.LogControl1 when applicable
20a3f9fd95 systemctl: immediately reject invalid log levels
9f67d2e57b systemctl: merge log_target(), log_level(), service_log_setting()
ddf7cf4872 systemctl: add service-log-{level,target} verbs
026d7d156d systemctl: list unit introspection verbs first, modification second
- systemd-default-settings is needed by %post scriptlet
- Revert the change that dropped %{release} from the package version
constraints used in Requires:
The release number is actually relevant since it can be increased
when some patches, which might touch multiple sub-packages of
systemd, are added/modified.
However the %{release} is still no more used in conflicts.
==== systemd-default-settings ====
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- Fix typo introduced by the previous change (bsc#1179183)
==== systemsettings5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Also load category when opening startup module in icon mode (kde#429306)
==== tslib ====
Version update (1.16 -> 1.22)
- update to 1.22:
* fix ts_uinput build on 32 bit arch on newer kernels
* ts_uinput: fix building on FreeBSD
* various fixes for cmake builds
* improved documentation for systemd
* new filter plugin: module evthres
* ts_calibrate: close framebuffer after validation. add timeout option -s for it
* support for screen-rotation in ts_calibrate and linear module
* add experimental module_raw input_evdev that needs libevdev
* new ts_calibrate --min_interval option to avoid inaccurate calibration
* add ts_calibrate --validate functionality to verify the calibration
* add ts_conf_get() and ts_conf_set() API
==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch:
ICU 68.1 no longer exposes FALSE and TRUE macros by default.
==== xdg-desktop-portal-kde ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-wayland
- U_Check-SetMap-request-length-carefully.patch
* XkbSetMap Out-Of-Bounds Access: Insufficient checks on the
lengths of the XkbSetMap request can lead to out of bounds
memory accesses in the X server. (ZDI-CAN 11572,
CVE-2020-14360, bsc#1174908)
- U_Fix-XkbSetDeviceInfo-and-SetDeviceIndicators-heap-ov.patch
* XkbSetDeviceInfo Heap-based Buffer Overflow: Insufficient
checks on input of the XkbSetDeviceInfo request can lead to a
buffer overflow on the head in the X server. (ZDI-CAN 11389,
CVE-2020-25712, bsc#1177596)
==== yast2 ====
Version update (4.3.44 -> 4.3.45)
- Yast::Arch add support to know if code is running in a PV Xen guest
(related to bsc#952253, bsc#1172742, and bsc#1179197).
- 4.3.45
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor (3.0.0 -> 3.0.1)
audit-secondary
autofs
busybox
busybox-links
elfutils (0.181 -> 0.182)
haproxy (2.3.0+git4.689d98154 -> 2.3.2+git0.d522db763)
kernel-source (5.9.11 -> 5.9.12)
kexec-tools
libapparmor (3.0.0 -> 3.0.1)
mozjs78 (78.4.0 -> 78.5.0)
open-iscsi
pam (1.5.0 -> 1.5.1)
podman (2.1.1 -> 2.2.0)
python-psutil (5.7.2 -> 5.7.3)
python-pytz (2020.1 -> 2020.4)
python-requests (2.24.0 -> 2.25.0)
sed
snapper
sqlite3 (3.33.0 -> 3.34.0)
systemd
systemd-default-settings
yast2 (4.3.44 -> 4.3.45)
=== Details ===
==== apparmor ====
Version update (3.0.0 -> 3.0.1)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- update to AppArmor 3.0.1
- minor additions to profiles and abstractions
- some bugfixes in libapparmor, apparmor_parser and the aa-* utils
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- removed upstream(ed) patches:
- changes-since-3.0.0.diff
- extra-profiles-fix-Pux.diff
- utils-fix-hotkey-conflict.diff
- Use apache provided variables for the module_directry:
+ Use %apache_libexecdir
+ Add apache-rpm-macros BuildRequires
==== audit-secondary ====
Subpackages: audit python3-audit
- prepare usrmerge (boo#1029961)
==== autofs ====
- automount-fix-master-wait.patch: Fix options string for master wait
(bsc#1178006)
- autofs-nsswitch-usr-etc.patch: Use /usr/etc/nsswitch.conf if
/etc/nsswitch.con is unavailable (bsc#1175238)
==== busybox ====
- prepare usrmerge (boo#1029961)
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-sed
- Add conflicts: bridge-utils to busybox-iproute2: both packages
provide /usr/sbin/brctl.
==== elfutils ====
Version update (0.181 -> 0.182)
Subpackages: libasm1 libdw1 libelf1
- Mention elfutils-rpmlintrc as a Source.
- Add rpmlintrc for
libdebuginfod1-dummy.s390x: E: shlib-policy-name-error (Badness: 10000) libdebuginfod1
which is expected as libdebuginfod1 and it's dummy library do share equal
soname.
- Update to version 0.182:
backends: Support for tilegx has been removed.
config: New /etc/profile.d files to provide default $DEBUGINFOD_URLS.
debuginfod: More efficient package traversal, tolerate various errors
during scanning, grooming progress is more visible and
interruptible, more prometheus metrics.
debuginfod-client: Now supports compressed (kernel) ELF images.
libdwfl: Add ZSTD compression support.
- Creatu dummy subpackages that can be used for build of packages
that are in bootstrap cycle.
- Add Provides for real packages.
==== haproxy ====
Version update (2.3.0+git4.689d98154 -> 2.3.2+git0.d522db763)
- Update to version 2.3.2+git0.d522db763:
* [RELEASE] Released version 2.3.2
* BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check
* DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section
* BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool
* MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main
* BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check
* DOC: Clarify %HP description in log-format
* DOC: better document the config file format and escaping/quoting rules
* BUG/MAJOR: peers: fix partial message decoding
* BUG/MEDIUM: http_act: Restore init of log-format list
* BUILD: Show the value of DEBUG= in haproxy -vv
* BUILD: Make DEBUG part of .build_opts
* MINOR: http_act: Add -m flag for del-header name matching method
* REGTESTS: converter: add url_dec test
* REGTESTS: Add sample_fetches/cook.vtc
* DOC: cache: Add new caching limitation information
* MEDIUM: cache: Change caching conditions
* BUG/MAJOR: filters: Always keep all offsets up to date during data filtering
* DOC: better describes how to configure a fallback crt
* BUG/MINOR: http_htx: Fix searching headers by substring
* BUG/MAJOR: connection: reset conn->owner when detaching from session list
* CLEANUP: connection: do not use conn->owner when the session is known
* DOC: clarify how to create a fallback crt
* BUILD: makefile: enable crypt(3) for OpenBSD
* BUG/MEDIUM: ssl/crt-list: fix error when no file found
* BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated
* BUG/MEDIUM: ssl: error when no certificate are found
* BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list
* BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages
* BUG/MINOR: ssl: segv on startup when AKID but no keyid
* DOC: add missing 3.10 in the summary
* BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests
* BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering
* CLEANUP: cfgparse: remove duplicate registration for transparent build options
* BUILD: http-htx: fix build warning regarding long type in printf
- Update to version 2.3.1+git0.bdd7178b8:
* [RELEASE] Released version 2.3.1
* REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2
* MINOR: peers: Add traces to peer_treat_updatemsg().
* REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken
* REGTEST: ssl: test wildcard and multi-type + exclusions
* MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error.
* MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status
* MINOR: init: Fix the prototype for per-thread free callbacks
* BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after
* MINOR: spoe: Don't close connection in sync mode on processing timeout
* BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet
* BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors
* MINOR: check: report error on incompatible connect proto
* MINOR: check: report error on incompatible proto
* BUG/MEDIUM: check: reuse srv proto only if using same mode
* BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches
* BUG/MINOR: http-fetch: Extract cookie value even when no cookie name
* BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages
* BUG/MINOR: peers: Missing TX cache entries reset.
* BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries.
* BUG/MINOR: stats: free dynamically stats fields/lines on shutdown
* BUG/MINOR: lua: set buffer size during map lookups
* BUG/MINOR: pattern: a sample marked as const could be written
==== kernel-source ====
Version update (5.9.11 -> 5.9.12)
- Linux 5.9.12 (bsc#1012628).
- io_uring: get an active ref_node from files_data (bsc#1012628).
- io_uring: order refnode recycling (bsc#1012628).
- spi: bcm-qspi: Fix use-after-free on unbind (bsc#1012628).
- spi: bcm2835: Fix use-after-free on unbind (bsc#1012628).
- ipv4: use IS_ENABLED instead of ifdef (bsc#1012628).
- IB/hfi1: Ensure correct mm is used at all times (bsc#1012628).
- RDMA/i40iw: Address an mmap handler exploit in i40iw
(bsc#1012628).
- btrfs: fix missing delalloc new bit for new delalloc ranges
(bsc#1012628).
- btrfs: tree-checker: add missing return after error in root_item
(bsc#1012628).
- btrfs: tree-checker: add missing returns after data_ref
alignment checks (bsc#1012628).
- btrfs: don't access possibly stale fs_info data for printing
duplicate device (bsc#1012628).
- btrfs: fix lockdep splat when reading qgroup config on mount
(bsc#1012628).
- rtc: pcf2127: fix a bug when not specify interrupts property
(bsc#1012628).
- s390: fix fpu restore in entry.S (bsc#1012628).
- mm: fix VM_BUG_ON(PageTail) and BUG_ON(PageWriteback)
(bsc#1012628).
- smb3: Call cifs reconnect from demultiplex thread (bsc#1012628).
- smb3: Avoid Mid pending list corruption (bsc#1012628).
- smb3: Handle error case during offload read path (bsc#1012628).
- cifs: fix a memleak with modefromsid (bsc#1012628).
- powerpc/64s: Fix KVM system reset handling when
CONFIG_PPC_PSERIES=y (bsc#1012628).
- powerpc/64s/exception: KVM Fix for host DSI being taken in
HPT guest MMU context (bsc#1012628).
- KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing
ESB page (bsc#1012628).
- KVM: arm64: vgic-v3: Drop the reporting of GICR_TYPER.Last
for userspace (bsc#1012628).
- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
(bsc#1012628).
- KVM: x86: Fix split-irqchip vs interrupt injection window
request (bsc#1012628).
- iommu/vt-d: Don't read VCCAP register unless it exists
(bsc#1012628).
- firmware: xilinx: Use hash-table for api feature check
(bsc#1012628).
- drm/amdgpu: fix SI UVD firmware validate resume fail
(bsc#1012628).
- io_uring: fix ITER_BVEC check (bsc#1012628).
- trace: fix potenial dangerous pointer (bsc#1012628).
- arm64: tegra: Correct the UART for Jetson Xavier NX
(bsc#1012628).
- arm64: tegra: Fix USB_VBUS_EN0 regulator on Jetson TX1
(bsc#1012628).
- arm64: pgtable: Fix pte_accessible() (bsc#1012628).
- arm64: pgtable: Ensure dirty bit is preserved across
pte_wrprotect() (bsc#1012628).
- drm/amdgpu: fix a page fault (bsc#1012628).
- drm/amdgpu: update golden setting for sienna_cichlid
(bsc#1012628).
- drm/amd/amdgpu: fix null pointer in runtime pm (bsc#1012628).
- drm/amd/display: Avoid HDCP initialization in devices without
output (bsc#1012628).
- HID: uclogic: Add ID for Trust Flex Design Tablet (bsc#1012628).
- HID: ite: Replace ABS_MISC 120/121 events with touchpad on/off
keypresses (bsc#1012628).
- HID: cypress: Support Varmilo Keyboards' media hotkeys
(bsc#1012628).
- HID: add support for Sega Saturn (bsc#1012628).
- Input: i8042 - allow insmod to succeed on devices without an
i8042 controller (bsc#1012628).
- HID: hid-sensor-hub: Fix issue with devices with no report ID
(bsc#1012628).
- staging: ralink-gdma: fix kconfig dependency bug for DMA_RALINK
(bsc#1012628).
- HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice
devices (bsc#1012628).
- dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant
(bsc#1012628).
- x86/xen: don't unbind uninitialized lock_kicker_irq
(bsc#1012628).
- kunit: fix display of failed expectations for strings
(bsc#1012628).
- HID: logitech-hidpp: Add HIDPP_CONSUMER_VENDOR_KEYS quirk for
the Dinovo Edge (bsc#1012628).
- HID: Add Logitech Dinovo Edge battery quirk (bsc#1012628).
- proc: don't allow async path resolution of /proc/self components
(bsc#1012628).
- nvme: free sq/cq dbbuf pointers when dbbuf set fails
(bsc#1012628).
- io_uring: handle -EOPNOTSUPP on path resolution (bsc#1012628).
- net: stmmac: dwmac_lib: enlarge dma reset timeout (bsc#1012628).
- vdpasim: fix "mac_pton" undefined error (bsc#1012628).
- vhost: add helper to check if a vq has been setup (bsc#1012628).
- vhost scsi: alloc cmds per vq instead of session (bsc#1012628).
- vhost scsi: fix cmd completion race (bsc#1012628).
- cpuidle: tegra: Annotate tegra_pm_set_cpu_in_lp2() with
RCU_NONIDLE (bsc#1012628).
- dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
(bsc#1012628).
- scsi: libiscsi: Fix NOP race condition (bsc#1012628).
- scsi: target: iscsi: Fix cmd abort fabric stop race
(bsc#1012628).
- lockdep: Put graph lock/unlock under lock_recursion protection
(bsc#1012628).
- perf/x86: fix sysfs type mismatches (bsc#1012628).
- xtensa: uaccess: Add missing __user to strncpy_from_user()
prototype (bsc#1012628).
- x86/dumpstack: Do not try to access user space code of other
tasks (bsc#1012628).
- net: dsa: mv88e6xxx: Wait for EEPROM done after HW reset
(bsc#1012628).
- bus: ti-sysc: Fix reset status check for modules with quirks
(bsc#1012628).
- bus: ti-sysc: Fix bogus resetdone warning on enable for cpsw
(bsc#1012628).
- ARM: OMAP2+: Manage MPU state properly for
omap_enter_idle_coupled() (bsc#1012628).
- phy: tegra: xusb: Fix dangling pointer on probe failure
(bsc#1012628).
- iwlwifi: mvm: use the HOT_SPOT_CMD to cancel an AUX ROC
(bsc#1012628).
- iwlwifi: mvm: properly cancel a session protection for P2P
(bsc#1012628).
- iwlwifi: mvm: write queue_sync_state only for sync
(bsc#1012628).
- KVM: s390: pv: Mark mm as protected after the set secure
parameters and improve cleanup (bsc#1012628).
- KVM: s390: remove diag318 reset code (bsc#1012628).
- batman-adv: set .owner to THIS_MODULE (bsc#1012628).
- usb: cdns3: gadget: fix some endian issues (bsc#1012628).
- usb: cdns3: gadget: calculate TD_SIZE based on TD (bsc#1012628).
- phy: qualcomm: usb: Fix SuperSpeed PHY OF dependency
(bsc#1012628).
- phy: qualcomm: Fix 28 nm Hi-Speed USB PHY OF dependency
(bsc#1012628).
- arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed
(bsc#1012628).
- bus: ti-sysc: suppress err msg for timers used as
clockevent/source (bsc#1012628).
- ARM: dts: dra76x: m_can: fix order of clocks (bsc#1012628).
- scsi: ufs: Fix race between shutdown and runtime resume flow
(bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_one() (bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_board()
(bsc#1012628).
- video: hyperv_fb: Fix the cache type when mapping the VRAM
(bsc#1012628).
- bnxt_en: Release PCI regions when DMA mask setup fails during
probe (bsc#1012628).
- block/keyslot-manager: prevent crash when num_slots=1
(bsc#1012628).
- cxgb4: fix the panic caused by non smac rewrite (bsc#1012628).
- dpaa2-eth: select XGMAC_MDIO for MDIO bus support (bsc#1012628).
- s390/qeth: make af_iucv TX notification call more robust
(bsc#1012628).
- s390/qeth: fix af_iucv notification race (bsc#1012628).
- s390/qeth: fix tear down of async TX buffers (bsc#1012628).
- drm/mediatek: dsi: Modify horizontal front/back porch byte
formula (bsc#1012628).
- bonding: wait for sysfs kobject destruction before freeing
struct slave (bsc#1012628).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1012628).
- ibmvnic: notify peers when failover and migration happen
(bsc#1012628).
- powerpc/64s: Fix allnoconfig build since uaccess flush
(bsc#1012628).
- iommu: Check return of __iommu_attach_device() (bsc#1012628).
- IB/mthca: fix return value of error branch in mthca_init_cq()
(bsc#1012628).
- i40e: Fix removing driver while bare-metal VFs pass traffic
(bsc#1012628).
- firmware: xilinx: Fix SD DLL node reset issue (bsc#1012628).
- spi: imx: fix the unbalanced spi runtime pm management
(bsc#1012628).
- io_uring: fix shift-out-of-bounds when round up cq size
(bsc#1012628).
- aquantia: Remove the build_skb path (bsc#1012628).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
(bsc#1012628).
- net: ena: handle bad request id in ena_netdev (bsc#1012628).
- net: ena: set initial DMA width to avoid intel iommu issue
(bsc#1012628).
- net: ena: fix packet's addresses for rx_offset feature
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq
(bsc#1012628).
- ibmvnic: enhance resetting status check during module exit
(bsc#1012628).
- optee: add writeback to valid memory type (bsc#1012628).
- x86/tboot: Don't disable swiotlb when iommu is forced on
(bsc#1012628).
- arm64: tegra: Wrong AON HSP reg property size (bsc#1012628).
- efi/efivars: Set generic ops before loading SSDT (bsc#1012628).
- efivarfs: revert "fix memory leak in efivarfs_create()"
(bsc#1012628).
- efi: EFI_EARLYCON should depend on EFI (bsc#1012628).
- riscv: Explicitly specify the build id style in vDSO Makefile
again (bsc#1012628).
- RISC-V: Add missing jump label initialization (bsc#1012628).
- RISC-V: fix barrier() use in <vdso/processor.h> (bsc#1012628).
- net: stmmac: fix incorrect merge of patch upstream
(bsc#1012628).
- enetc: Let the hardware auto-advance the taprio base-time of 0
(bsc#1012628).
- ptp: clockmatrix: bug fix for idtcm_strverscmp (bsc#1012628).
- drm/nouveau: fix relocations applying logic and a double-free
(bsc#1012628).
- can: gs_usb: fix endianess problem with candleLight firmware
(bsc#1012628).
- platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup
time (bsc#1012628).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment
(bsc#1012628).
- RDMA/hns: Fix wrong field of SRQ number the device supports
(bsc#1012628).
- RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP
(bsc#1012628).
- RDMA/hns: Bugfix for memory window mtpt configuration
(bsc#1012628).
- can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from
request_threaded_irq()'s flags (bsc#1012628).
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
(bsc#1012628).
- perf record: Synthesize cgroup events only if needed
(bsc#1012628).
- perf stat: Use proper cpu for shadow stats (bsc#1012628).
- perf probe: Fix to die_entrypc() returns error correctly
(bsc#1012628).
- USB: core: Change %pK for __user pointers to %px (bsc#1012628).
- usb: gadget: f_midi: Fix memleak in f_midi_alloc (bsc#1012628).
- USB: core: Fix regression in Hercules audio card (bsc#1012628).
- USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo
A630Z TIO built-in usb-audio card (bsc#1012628).
- usb: gadget: Fix memleak in gadgetfs_fill_super (bsc#1012628).
- irqchip/exiu: Fix the index of fwspec for IRQ type
(bsc#1012628).
- x86/mce: Do not overwrite no_way_out if mce_end() fails
(bsc#1012628).
- x86/speculation: Fix prctl() when
spectre_v2_user={seccomp,prctl},ibpb (bsc#1012628).
- x86/resctrl: Remove superfluous kernfs_get() calls to prevent
refcount leak (bsc#1012628).
- x86/resctrl: Add necessary kernfs_put() calls to prevent
refcount leak (bsc#1012628).
- drm/amdgpu: add rlc iram and dram firmware support
(bsc#1012628).
- commit 46922da
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks
(boo#1179082).
- commit 76a9256
- Update config files.
Refresh after SOUNDWIRE removal.
- commit fa3b6ea
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- commit 965157e
- Update config files: make CONFIG_SOUNDWIRE=m (bsc#1179201)
Also turned it off for unrelated platforms
- commit afd1f81
- Update
patches.kernel.org/5.9.11-181-sched-Fix-data-race-in-wakeup.patch
(bsc#1012628 bsc#1175893).
Add a bsc.
- commit d5a5c02
- dt-bindings: pwm: Add binding for RPi firmware PWM bus
(jsc#SLE-16543).
- staging: vchiq: Release firmware handle on unbind
(jsc#SLE-16543).
- soc: bcm: raspberrypi-power: Release firmware handle on unbind
(jsc#SLE-16543).
- - pwm: Add Raspberry Pi Firmware based PWM bus (jsc#SLE-16543).
- Update configs: Enable pwm driver on arm64/arm32
- supported.conf: Enable pwm driver
- input: raspberrypi-ts: Release firmware handle when not needed
(jsc#SLE-16543).
- gpio: raspberrypi-exp: Release firmware handle on unbind
(jsc#SLE-16543).
- firmware: raspberrypi: Keep count of all consumers
(jsc#SLE-16543).
- firmware: raspberrypi: Introduce devm_rpi_firmware_get()
(jsc#SLE-16543).
- clk: bcm: rpi: Release firmware handle on unbind
(jsc#SLE-16543).
- commit e8d4edd
==== kexec-tools ====
- prepare usrmerge (boo#1029961)
==== libapparmor ====
Version update (3.0.0 -> 3.0.1)
- update to AppArmor 3.0.1
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- drop upstream patch changes-since-3.0.0.diff
==== mozjs78 ====
Version update (78.4.0 -> 78.5.0)
- Update to version 78.5.0esr.
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Updatged to latest upstream, including:
* iscsiadm: Optimize the the verification of mode paramters
* iscsid: Poll timeout value to 1 minute for iscsid
* iscsiadm: fix host stats mode coredump
* iscsid: fix logging level when starting and shutting down daemon
* Updated iscsiadm man page.
* Fix memory leak in sysfs_get_str
* libopeniscsiusr: Compare with max int instead of max long
- Systemd unit files should not depend on network.target (bsc#1179440),
updating:
* open-iscsi-SUSE-latest.diff.bz2
==== pam ====
Version update (1.5.0 -> 1.5.1)
- Update to 1.5.1
- pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank [bsc#1179166]
- pam_faillock: added nodelay option to not set pam_fail_delay
- pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
==== podman ====
Version update (2.1.1 -> 2.2.0)
Subpackages: podman-cni-config
- Update to v2.2.0
* Features
- Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.
- Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.
- The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.
- The podman generate kube command now features support for exporting container's memory and CPU limits (#7855).
- The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).
- The podman play kube command now supports persistent volumes claims using Podman named volumes.
- The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).
- The podman play kube command now supports a --log-driver option to set the log driver for created containers.
- The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.
- The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).
- The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).
- The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.
- The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.
- The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container's logs (#7434).
- The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).
- The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.
- The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.
- The podman search command can now output JSON using the --format=json option.
- The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.
- The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.
- The --tls-verify and --authfile options have been enabled for use with remote Podman.
- The /etc/hosts file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).
- The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.
- The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.
- The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.
- The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.
- The podman pod ps command now supports a new filter status, that matches pods in a certain state.
* Changes
- The podman network rm --force command will now also remove pods that are using the network (#7791).
- The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.
- If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.
- Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).
- Many errors have been changed to remove repetition and be more clear as to what has gone wrong.
- The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.
- The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.
- Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).
- The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).
- A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.
- Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.
- The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).
- Remote Podman will no longer use settings from the client's containers.conf; defaults will instead be provided by the server's containers.conf (#7657).
- The podman network rm command now has a new alias, podman network remove (#8402).
* Bugfixes
- Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.
- Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).
- Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker's behavior.
- Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.
- Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.
- Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.
- Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).
- Fixed a bug where the podman untag --all command was not supported with remote Podman.
- Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).
- Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.
- Fixed a bug where Podman's handling of capabilities, specifically inheritable, did not match Docker's.
- Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).
- Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).
- Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).
- Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).
- Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).
- Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).
- Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).
- Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).
- Fixed a bug where the --format "table {{ .Field }}" option to numerous Podman commands ceased to function on Podman v2.0 and up.
- Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).
- Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).
- Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.
- Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).
- Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).
- Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).
- Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).
- Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.
- Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).
- Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).
- Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).
- Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.
- Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).
- Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).
- Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).
- Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.
- Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).
- Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...) (#8073).
- Fixed a bug where the podman ps command did not include information on all ports a container was publishing.
- Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.
- Fixed a bug where the podman wait command's --interval option did not work when units were not specified for the duration (#8088).
- Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).
- Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).
- Fixed a bug where the --extract option to podman cp was nonfunctional.
- Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).
- Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).
- Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).
- Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).
- Fixed a bug where the podman attach command would not exit when containers stopped (#8154).
- Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).
- Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).
- Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.
- Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).
- Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).
- Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).
- Fixed a bug where filters passed to podman volume list were not inclusive (#6765).
- Fixed a bug where the podman volume create command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).
- Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).
- Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).
- Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).
- Fixed a bug where the podman stats command did not show memory limits for containers (#8265).
- Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).
- Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).
- Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).
- Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.
- Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).
- Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.
- Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).
- Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.
- Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).
- Fixed a bug where the podman container ps alias for podman ps was missing (#8445).
* API
- The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.
- A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).
- The Compat Network Connect and Network Disconnect endpoints have been added.
- Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.
- The Compat Create endpoint for images now properly supports specifying images by digest.
- The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN instructions.
- The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.
- Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).
- Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.
- Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.
- Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).
- Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container's stop signal (#7917).
- Fixed a bug where the Compat Inspect endpoint for Containers formatted the container's create time incorrectly (#7860).
- Fixed a bug where the Compat Inspect endpoint for Containers did not include the container's Path, Args, and Restart Count.
- Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).
- Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.
- Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).
- Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).
- Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).
- Fixed a bug where the "no such image" error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.
- Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.
- Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.
- Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.
- Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.
==== python-psutil ====
Version update (5.7.2 -> 5.7.3)
- update to 5.7.3:
- 809_: [FreeBSD] add support for `Process.rlimit()`.
- 893_: [BSD] add support for `Process.environ()` (patch by Armin Gruner)
- 1830_: [UNIX] `net_if_stats()`'s `isup` also checks whether the NIC is
running (meaning Wi-Fi or ethernet cable is connected).
- 1837_: [Linux] improved battery detection and charge "secsleft" calculation
- 1620_: [Linux] physical cpu_count() result is incorrect on systems with more
than one CPU socket.
- 1738_: [macOS] Process.exe() may raise FileNotFoundError if process is still
alive but the exe file which launched it got deleted.
- 1791_: [macOS] fix missing include for getpagesize().
- 1823_: [Windows] Process.open_files() may cause a segfault due to a NULL
pointer.
- 1838_: [Linux] sensors_battery(): if `percent` can be determined but not
the remaining values, still return a result instead of None.
- skip-obs.patch, skip_failing_tests.patch: rediff
==== python-pytz ====
Version update (2020.1 -> 2020.4)
- update to 2020.4:
* update to IANA 2020d timezone release
==== python-requests ====
Version update (2.24.0 -> 2.25.0)
- update to 2.25.0:
* Added support for NETRC environment variable. (#5643)
* Requests now supports urllib3 v1.26.
* Requests v2.25.x will be the last release series with support for Python 3.5.
- refreshed requests-no-hardcoded-version.patch
==== sed ====
- prepare usrmerge (boo#1029961)
==== snapper ====
Subpackages: libsnapper5
- do not override passwd after getpwuid_r et.al. calls
(gh#openSUSE/snapper#589)
- state in man-pages that ext4 support is discontinued
(gh#openSUSE/snapper#331)
- use C++11 regexes instead of own regcomp/regexec wrapper class
(see gh#openSUSE/snapper#583)
==== sqlite3 ====
Version update (3.33.0 -> 3.34.0)
- SQLite 3.34.0:
* Added the sqlite3_txn_state() interface for reporting on the
current transaction state of the database connection.
* Enhance recursive common table expressions to support two or more
recursive terms as is done by SQL Server, since this helps make
queries against graphs easier to write and faster to execute.\
* Improved error messages on CHECK constraint failures.
* The .read dot-command now accepts a pipeline in addition to a
filename.
* Added options --data-only and --nosys to the .dump dot-command.
* Added the --nosys option to the .schema dot-command.
* Table name quoting works correctly for the .import dot-command.
* The generate_series(START,END,STEP) table-valued function
extension is now built into the CLI.
* The .databases dot-command now show the status of each database
file as determined by sqlite3_db_readonly() and
sqlite3_txn_state().
* Added the --tabs command-line option that sets .mode tabs.
* The --init option reports an error if the file named as its
argument cannot be opened. The --init option also now honors the
- -bail option.
* Improved estimates for the cost of running a DISTINCT operator.
* When doing an UPDATE or DELETE using a multi-column index where
only a few of the earlier columns of the index are useful for the
index lookup, postpone doing the main table seek until after all
WHERE clause constraints have been evaluated, in case those
constraints can be covered by unused later terms of the index,
thus avoiding unnecessary main table seeks.
* The new OP_SeekScan opcode is used to improve performance of
multi-column index look-ups when later columns are constrained by
an IN operator.
* The BEGIN IMMEDIATE and BEGIN EXCLUSIVE commands now work even if
one or more attached database files are read-only.
* Enhanced FTS5 to support trigram indexes.
* Improved performance of WAL mode locking primitives in cases where
there are hundreds of connections all accessing the same database
file at once.
* Enhanced the carray() table-valued function to include a
single-argument form that is bound using the auxiliary
sqlite3_carray_bind() interface.
* The substr() SQL function can now also be called "substring()" for
compatibility with SQL Server.
* The syntax diagrams are now implemented as Pikchr scripts and
rendered as SVG for improved legibility and ease of maintenance.
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit f6104ea5f554233e34b94ffd92da8332c3bd7d8f
617aed9236 scope: on unified, make sure to unwatch all PIDs once they've been moved to the cgroup scope
- Don't post-require systemd-default-settings-branding anymore
This is actually not needed now that the branding package issues a
PID1 reloading every times it's being updated.
- Import commit 49caf8e37aba04841e5493ccc25e7edab462d95b
f8f7286527 units: restore sysfs conditions in sys-fs-fuse-connections.mount and sys-kernel-config.mount
e9c7158dc7 units: wait until some fs modules are entirely loaded before mounting their corresponding filesystem (bsc#1178631)
ac7ddc4201 Revert "units: skip modprobe@.service if the unit appears to be already loaded"
17310a1d19 core: serialize u->pids until the processes have been moved to the scope cgroup (bsc#1174436)
1416965614 meson: add option to skip installing to $sysconfdir
f71a1ef5d0 systemctl: give a nice hint about org.freedesktop.LogControl1 when applicable
20a3f9fd95 systemctl: immediately reject invalid log levels
9f67d2e57b systemctl: merge log_target(), log_level(), service_log_setting()
ddf7cf4872 systemctl: add service-log-{level,target} verbs
026d7d156d systemctl: list unit introspection verbs first, modification second
- systemd-default-settings is needed by %post scriptlet
- Revert the change that dropped %{release} from the package version
constraints used in Requires:
The release number is actually relevant since it can be increased
when some patches, which might touch multiple sub-packages of
systemd, are added/modified.
However the %{release} is still no more used in conflicts.
==== systemd-default-settings ====
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- Fix typo introduced by the previous change (bsc#1179183)
==== yast2 ====
Version update (4.3.44 -> 4.3.45)
- Yast::Arch add support to know if code is running in a PV Xen guest
(related to bsc#952253, bsc#1172742, and bsc#1179197).
- 4.3.45
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
PackageKit
apparmor (3.0.0 -> 3.0.1)
busybox
fwupd (1.5.1 -> 1.5.2)
glibmm2_4 (2.64.4 -> 2.64.5)
gnome-shell (3.38.1 -> 3.38.2)
gnome-shell-extensions (3.38.1 -> 3.38.2)
kernel-source (5.9.11 -> 5.9.12)
libapparmor (3.0.0 -> 3.0.1)
libarchive (3.4.3 -> 3.5.0)
libyui-qt (2.56.3 -> 2.56.4)
mutter (3.38.1 -> 3.38.2)
open-vm-tools
podman (2.1.1 -> 2.2.0)
snapper
sqlite3 (3.33.0 -> 3.34.0)
webkit2gtk3
=== Details ===
==== PackageKit ====
Subpackages: PackageKit-backend-zypp libpackagekit-glib2-18
- Add PackageKit-zypp-cleanup-tmp-files.patch: Revert "Revert
"zypp: Clean up temporary files when PK quits""
(bsc#1169739 gh#hughsie/PackageKit/commit#cf73b01a).
==== apparmor ====
Version update (3.0.0 -> 3.0.1)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- update to AppArmor 3.0.1
- minor additions to profiles and abstractions
- some bugfixes in libapparmor, apparmor_parser and the aa-* utils
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- removed upstream(ed) patches:
- changes-since-3.0.0.diff
- extra-profiles-fix-Pux.diff
- utils-fix-hotkey-conflict.diff
- Use apache provided variables for the module_directry:
+ Use %apache_libexecdir
+ Add apache-rpm-macros BuildRequires
==== busybox ====
- prepare usrmerge (boo#1029961)
==== fwupd ====
Version update (1.5.1 -> 1.5.2)
Subpackages: libfwupd2 libfwupdplugin1 typelib-1_0-Fwupd-2_0
- Update to version 1.5.2:
+ ata: Add OUI quirk for Toshiba
+ libfwupd: Restore recognizing gpg and pkcs7 types still
+ Register the SoupSession gtype when required
+ Switch from libsoup to libcurl
+ Fix sync method when called from threads without a context
+ Move ABI check to Github actions
+ Enable github workflows
+ libfwupd: Add fwupd_client_download_file()
+ libfwupd: Add fwupd_client_get_user_agent()
+ Only download the remote metadata as required
+ Add breaks for fwupdate 12-7 (Closes: #960688)
+ Install modules-load configs in the correct directory
+ vli: Do not be clever replugging the MSP430 device
+ vli: Make some trivial debugging more specific to help debug
an issue
+ make gcab optional
+ Fall back to FAT32 internal partitions for detecting ESP
+ Add a flag to indicate if packages are supported
+ uefi: a new option for uefi configuration to use UEFI removable
path
+ Add a section to man page on scripting
+ synaptics-mst: Improve reliability by waiting 2 seconds after
writing data
+ hailuck: Add an plugin for the Pinebook Pro laptop
+ Allow setting global flags for FuHidDevice
+ Set the SMBIOS chassis type to portable if a DT battery exists
+ colorhug: Don't set the version format to triplet at startup
+ Allow components to set the icon from the metadata
+ colorhug: Fix detection of version on older firmware versions
+ bcm57xx: Fix reading vendor/device ids from firmware.
+ Remove HSI update and attestation suffixes
+ trivial: make dbxtool executable to fix snap build
+ Ignore an invalid vendor-id when adding releases for display
+ Notify the service manager when idle-quitting
- Refresh fwupd-bsc1130056-change-shim-path.patch
- Changes in BuildRequires:
+ Replace pkgconfig(libsoup-2.4) with pkgconfig(libcurl)
+ Replace pkgconfig(systemd) with pkgconfig(libsystemd)
- fwupd-msr.conf and fwupd-platform-integrity.conf are moved to
%{_modulesloaddir}.
==== glibmm2_4 ====
Version update (2.64.4 -> 2.64.5)
Subpackages: libgiomm-2_4-1 libglibmm-2_4-1
- Update to version 2.64.5:
+ gmmproc: Fix compatibility with gtkmm 3.24.2.
+ Build: Meson build: Fix Cocoa (macOS) detection.
==== gnome-shell ====
Version update (3.38.1 -> 3.38.2)
Subpackages: gnome-shell-calendar
- Update to version 3.38.2:
+ Handle @content properties in ease() functions.
+ Fix screencast indicator on Xorg.
+ Fix inline-replies in chat notifications.
+ Improve do-not-disturb support.
+ Fix mobile broadband support.
+ Improve app picker spacing on larger resolutions.
+ Plugged leaks.
+ Fixed crashes.
+ Misc. bug fixes and cleanups.
+ Updated translations.
- Drop 98234acd5b48a58c2d112b5edb3dddb85e04a643.patch: Fixed
upstream.
==== gnome-shell-extensions ====
Version update (3.38.1 -> 3.38.2)
Subpackages: gnome-shell-classic gnome-shell-classic-session
- Update to version 3.38.2:
+ window-list: Honor changes in skip-taskbar property.
+ window-list, workspace-indicator:
- Improve previews in workspace thumbs.
- Adjust to 3.38 changes.
+ auto-move: Improve behavior on multi-monitor setups.
+ windowNavigator: Adjust to 3.38 changes.
+ Misc. bug fixes.
==== kernel-source ====
Version update (5.9.11 -> 5.9.12)
- Linux 5.9.12 (bsc#1012628).
- io_uring: get an active ref_node from files_data (bsc#1012628).
- io_uring: order refnode recycling (bsc#1012628).
- spi: bcm-qspi: Fix use-after-free on unbind (bsc#1012628).
- spi: bcm2835: Fix use-after-free on unbind (bsc#1012628).
- ipv4: use IS_ENABLED instead of ifdef (bsc#1012628).
- IB/hfi1: Ensure correct mm is used at all times (bsc#1012628).
- RDMA/i40iw: Address an mmap handler exploit in i40iw
(bsc#1012628).
- btrfs: fix missing delalloc new bit for new delalloc ranges
(bsc#1012628).
- btrfs: tree-checker: add missing return after error in root_item
(bsc#1012628).
- btrfs: tree-checker: add missing returns after data_ref
alignment checks (bsc#1012628).
- btrfs: don't access possibly stale fs_info data for printing
duplicate device (bsc#1012628).
- btrfs: fix lockdep splat when reading qgroup config on mount
(bsc#1012628).
- rtc: pcf2127: fix a bug when not specify interrupts property
(bsc#1012628).
- s390: fix fpu restore in entry.S (bsc#1012628).
- mm: fix VM_BUG_ON(PageTail) and BUG_ON(PageWriteback)
(bsc#1012628).
- smb3: Call cifs reconnect from demultiplex thread (bsc#1012628).
- smb3: Avoid Mid pending list corruption (bsc#1012628).
- smb3: Handle error case during offload read path (bsc#1012628).
- cifs: fix a memleak with modefromsid (bsc#1012628).
- powerpc/64s: Fix KVM system reset handling when
CONFIG_PPC_PSERIES=y (bsc#1012628).
- powerpc/64s/exception: KVM Fix for host DSI being taken in
HPT guest MMU context (bsc#1012628).
- KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing
ESB page (bsc#1012628).
- KVM: arm64: vgic-v3: Drop the reporting of GICR_TYPER.Last
for userspace (bsc#1012628).
- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
(bsc#1012628).
- KVM: x86: Fix split-irqchip vs interrupt injection window
request (bsc#1012628).
- iommu/vt-d: Don't read VCCAP register unless it exists
(bsc#1012628).
- firmware: xilinx: Use hash-table for api feature check
(bsc#1012628).
- drm/amdgpu: fix SI UVD firmware validate resume fail
(bsc#1012628).
- io_uring: fix ITER_BVEC check (bsc#1012628).
- trace: fix potenial dangerous pointer (bsc#1012628).
- arm64: tegra: Correct the UART for Jetson Xavier NX
(bsc#1012628).
- arm64: tegra: Fix USB_VBUS_EN0 regulator on Jetson TX1
(bsc#1012628).
- arm64: pgtable: Fix pte_accessible() (bsc#1012628).
- arm64: pgtable: Ensure dirty bit is preserved across
pte_wrprotect() (bsc#1012628).
- drm/amdgpu: fix a page fault (bsc#1012628).
- drm/amdgpu: update golden setting for sienna_cichlid
(bsc#1012628).
- drm/amd/amdgpu: fix null pointer in runtime pm (bsc#1012628).
- drm/amd/display: Avoid HDCP initialization in devices without
output (bsc#1012628).
- HID: uclogic: Add ID for Trust Flex Design Tablet (bsc#1012628).
- HID: ite: Replace ABS_MISC 120/121 events with touchpad on/off
keypresses (bsc#1012628).
- HID: cypress: Support Varmilo Keyboards' media hotkeys
(bsc#1012628).
- HID: add support for Sega Saturn (bsc#1012628).
- Input: i8042 - allow insmod to succeed on devices without an
i8042 controller (bsc#1012628).
- HID: hid-sensor-hub: Fix issue with devices with no report ID
(bsc#1012628).
- staging: ralink-gdma: fix kconfig dependency bug for DMA_RALINK
(bsc#1012628).
- HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice
devices (bsc#1012628).
- dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant
(bsc#1012628).
- x86/xen: don't unbind uninitialized lock_kicker_irq
(bsc#1012628).
- kunit: fix display of failed expectations for strings
(bsc#1012628).
- HID: logitech-hidpp: Add HIDPP_CONSUMER_VENDOR_KEYS quirk for
the Dinovo Edge (bsc#1012628).
- HID: Add Logitech Dinovo Edge battery quirk (bsc#1012628).
- proc: don't allow async path resolution of /proc/self components
(bsc#1012628).
- nvme: free sq/cq dbbuf pointers when dbbuf set fails
(bsc#1012628).
- io_uring: handle -EOPNOTSUPP on path resolution (bsc#1012628).
- net: stmmac: dwmac_lib: enlarge dma reset timeout (bsc#1012628).
- vdpasim: fix "mac_pton" undefined error (bsc#1012628).
- vhost: add helper to check if a vq has been setup (bsc#1012628).
- vhost scsi: alloc cmds per vq instead of session (bsc#1012628).
- vhost scsi: fix cmd completion race (bsc#1012628).
- cpuidle: tegra: Annotate tegra_pm_set_cpu_in_lp2() with
RCU_NONIDLE (bsc#1012628).
- dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
(bsc#1012628).
- scsi: libiscsi: Fix NOP race condition (bsc#1012628).
- scsi: target: iscsi: Fix cmd abort fabric stop race
(bsc#1012628).
- lockdep: Put graph lock/unlock under lock_recursion protection
(bsc#1012628).
- perf/x86: fix sysfs type mismatches (bsc#1012628).
- xtensa: uaccess: Add missing __user to strncpy_from_user()
prototype (bsc#1012628).
- x86/dumpstack: Do not try to access user space code of other
tasks (bsc#1012628).
- net: dsa: mv88e6xxx: Wait for EEPROM done after HW reset
(bsc#1012628).
- bus: ti-sysc: Fix reset status check for modules with quirks
(bsc#1012628).
- bus: ti-sysc: Fix bogus resetdone warning on enable for cpsw
(bsc#1012628).
- ARM: OMAP2+: Manage MPU state properly for
omap_enter_idle_coupled() (bsc#1012628).
- phy: tegra: xusb: Fix dangling pointer on probe failure
(bsc#1012628).
- iwlwifi: mvm: use the HOT_SPOT_CMD to cancel an AUX ROC
(bsc#1012628).
- iwlwifi: mvm: properly cancel a session protection for P2P
(bsc#1012628).
- iwlwifi: mvm: write queue_sync_state only for sync
(bsc#1012628).
- KVM: s390: pv: Mark mm as protected after the set secure
parameters and improve cleanup (bsc#1012628).
- KVM: s390: remove diag318 reset code (bsc#1012628).
- batman-adv: set .owner to THIS_MODULE (bsc#1012628).
- usb: cdns3: gadget: fix some endian issues (bsc#1012628).
- usb: cdns3: gadget: calculate TD_SIZE based on TD (bsc#1012628).
- phy: qualcomm: usb: Fix SuperSpeed PHY OF dependency
(bsc#1012628).
- phy: qualcomm: Fix 28 nm Hi-Speed USB PHY OF dependency
(bsc#1012628).
- arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed
(bsc#1012628).
- bus: ti-sysc: suppress err msg for timers used as
clockevent/source (bsc#1012628).
- ARM: dts: dra76x: m_can: fix order of clocks (bsc#1012628).
- scsi: ufs: Fix race between shutdown and runtime resume flow
(bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_one() (bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_board()
(bsc#1012628).
- video: hyperv_fb: Fix the cache type when mapping the VRAM
(bsc#1012628).
- bnxt_en: Release PCI regions when DMA mask setup fails during
probe (bsc#1012628).
- block/keyslot-manager: prevent crash when num_slots=1
(bsc#1012628).
- cxgb4: fix the panic caused by non smac rewrite (bsc#1012628).
- dpaa2-eth: select XGMAC_MDIO for MDIO bus support (bsc#1012628).
- s390/qeth: make af_iucv TX notification call more robust
(bsc#1012628).
- s390/qeth: fix af_iucv notification race (bsc#1012628).
- s390/qeth: fix tear down of async TX buffers (bsc#1012628).
- drm/mediatek: dsi: Modify horizontal front/back porch byte
formula (bsc#1012628).
- bonding: wait for sysfs kobject destruction before freeing
struct slave (bsc#1012628).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1012628).
- ibmvnic: notify peers when failover and migration happen
(bsc#1012628).
- powerpc/64s: Fix allnoconfig build since uaccess flush
(bsc#1012628).
- iommu: Check return of __iommu_attach_device() (bsc#1012628).
- IB/mthca: fix return value of error branch in mthca_init_cq()
(bsc#1012628).
- i40e: Fix removing driver while bare-metal VFs pass traffic
(bsc#1012628).
- firmware: xilinx: Fix SD DLL node reset issue (bsc#1012628).
- spi: imx: fix the unbalanced spi runtime pm management
(bsc#1012628).
- io_uring: fix shift-out-of-bounds when round up cq size
(bsc#1012628).
- aquantia: Remove the build_skb path (bsc#1012628).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
(bsc#1012628).
- net: ena: handle bad request id in ena_netdev (bsc#1012628).
- net: ena: set initial DMA width to avoid intel iommu issue
(bsc#1012628).
- net: ena: fix packet's addresses for rx_offset feature
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq
(bsc#1012628).
- ibmvnic: enhance resetting status check during module exit
(bsc#1012628).
- optee: add writeback to valid memory type (bsc#1012628).
- x86/tboot: Don't disable swiotlb when iommu is forced on
(bsc#1012628).
- arm64: tegra: Wrong AON HSP reg property size (bsc#1012628).
- efi/efivars: Set generic ops before loading SSDT (bsc#1012628).
- efivarfs: revert "fix memory leak in efivarfs_create()"
(bsc#1012628).
- efi: EFI_EARLYCON should depend on EFI (bsc#1012628).
- riscv: Explicitly specify the build id style in vDSO Makefile
again (bsc#1012628).
- RISC-V: Add missing jump label initialization (bsc#1012628).
- RISC-V: fix barrier() use in <vdso/processor.h> (bsc#1012628).
- net: stmmac: fix incorrect merge of patch upstream
(bsc#1012628).
- enetc: Let the hardware auto-advance the taprio base-time of 0
(bsc#1012628).
- ptp: clockmatrix: bug fix for idtcm_strverscmp (bsc#1012628).
- drm/nouveau: fix relocations applying logic and a double-free
(bsc#1012628).
- can: gs_usb: fix endianess problem with candleLight firmware
(bsc#1012628).
- platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup
time (bsc#1012628).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment
(bsc#1012628).
- RDMA/hns: Fix wrong field of SRQ number the device supports
(bsc#1012628).
- RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP
(bsc#1012628).
- RDMA/hns: Bugfix for memory window mtpt configuration
(bsc#1012628).
- can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from
request_threaded_irq()'s flags (bsc#1012628).
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
(bsc#1012628).
- perf record: Synthesize cgroup events only if needed
(bsc#1012628).
- perf stat: Use proper cpu for shadow stats (bsc#1012628).
- perf probe: Fix to die_entrypc() returns error correctly
(bsc#1012628).
- USB: core: Change %pK for __user pointers to %px (bsc#1012628).
- usb: gadget: f_midi: Fix memleak in f_midi_alloc (bsc#1012628).
- USB: core: Fix regression in Hercules audio card (bsc#1012628).
- USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo
A630Z TIO built-in usb-audio card (bsc#1012628).
- usb: gadget: Fix memleak in gadgetfs_fill_super (bsc#1012628).
- irqchip/exiu: Fix the index of fwspec for IRQ type
(bsc#1012628).
- x86/mce: Do not overwrite no_way_out if mce_end() fails
(bsc#1012628).
- x86/speculation: Fix prctl() when
spectre_v2_user={seccomp,prctl},ibpb (bsc#1012628).
- x86/resctrl: Remove superfluous kernfs_get() calls to prevent
refcount leak (bsc#1012628).
- x86/resctrl: Add necessary kernfs_put() calls to prevent
refcount leak (bsc#1012628).
- drm/amdgpu: add rlc iram and dram firmware support
(bsc#1012628).
- commit 46922da
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks
(boo#1179082).
- commit 76a9256
- Update config files.
Refresh after SOUNDWIRE removal.
- commit fa3b6ea
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- commit 965157e
- Update config files: make CONFIG_SOUNDWIRE=m (bsc#1179201)
Also turned it off for unrelated platforms
- commit afd1f81
- Update
patches.kernel.org/5.9.11-181-sched-Fix-data-race-in-wakeup.patch
(bsc#1012628 bsc#1175893).
Add a bsc.
- commit d5a5c02
- dt-bindings: pwm: Add binding for RPi firmware PWM bus
(jsc#SLE-16543).
- staging: vchiq: Release firmware handle on unbind
(jsc#SLE-16543).
- soc: bcm: raspberrypi-power: Release firmware handle on unbind
(jsc#SLE-16543).
- - pwm: Add Raspberry Pi Firmware based PWM bus (jsc#SLE-16543).
- Update configs: Enable pwm driver on arm64/arm32
- supported.conf: Enable pwm driver
- input: raspberrypi-ts: Release firmware handle when not needed
(jsc#SLE-16543).
- gpio: raspberrypi-exp: Release firmware handle on unbind
(jsc#SLE-16543).
- firmware: raspberrypi: Keep count of all consumers
(jsc#SLE-16543).
- firmware: raspberrypi: Introduce devm_rpi_firmware_get()
(jsc#SLE-16543).
- clk: bcm: rpi: Release firmware handle on unbind
(jsc#SLE-16543).
- commit e8d4edd
==== libapparmor ====
Version update (3.0.0 -> 3.0.1)
- update to AppArmor 3.0.1
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- drop upstream patch changes-since-3.0.0.diff
==== libarchive ====
Version update (3.4.3 -> 3.5.0)
- Update to version 3.5.0
New features:
* mtree digest reader support (#1347)
* completed support for UTF-8 encoding conversion (#1389)
* minor API enhancements (#1258, #1405)
* support for system extended attributes (#1409)
* support for decompression of symbolic links in zipx archives (#1435)
Important bugfixes
* fixed extraction of archives with hard links pointing to itself (#1381)
* cpio fixes (#1387, #1388)
* fixed uninitialized size in rar5_read_data (#1408)
* fixed memory leaks in error case of archive_write_open() functions (#1456)
- Drop libarchive-3.4.3-fix_test_write_disk_secure.patch, fixed upstream.
==== libyui-qt ====
Version update (2.56.3 -> 2.56.4)
- Add folder-temp icon (related to jsc#SLE-16313).
- 2.56.4
==== mutter ====
Version update (3.38.1 -> 3.38.2)
Subpackages: libmutter-7-0 mutter-data
- Update to version 3.38.2:
+ Fix unwanted position changes on window resize.
+ Fix _NET_WM_FRAME_DRAWN timestamps.
+ Fix missed redraws of newly-mapped actors.
+ (Temporarily) make Xwayland listen on abstract namespace socket
again.
+ Fix tiling to the correct monitor.
+ Fix background artifacts in magnifier.
+ Fix monitor tiling support on X11.
+ Fix device configuration not being picked up on X11.
+ Improve compatibility with Qt's wayland support.
+ Support tagging devices as primary GPU via udev.
+ Fix size hints with CSD.
+ Do not disable the X Security extension by default.
+ Fix unresponsive input after screen blank.
+ Improve tablet-mode-switch support.
+ Plugged memory leaks.
+ Fixed crashes.
+ Misc. bug fixes and cleanups.
+ Updated translations.
==== open-vm-tools ====
Subpackages: libvmtools0
- Enable build on aarch64
==== podman ====
Version update (2.1.1 -> 2.2.0)
Subpackages: podman-cni-config
- Update to v2.2.0
* Features
- Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.
- Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.
- The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.
- The podman generate kube command now features support for exporting container's memory and CPU limits (#7855).
- The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).
- The podman play kube command now supports persistent volumes claims using Podman named volumes.
- The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).
- The podman play kube command now supports a --log-driver option to set the log driver for created containers.
- The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.
- The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).
- The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).
- The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.
- The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.
- The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container's logs (#7434).
- The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).
- The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.
- The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.
- The podman search command can now output JSON using the --format=json option.
- The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.
- The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.
- The --tls-verify and --authfile options have been enabled for use with remote Podman.
- The /etc/hosts file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).
- The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.
- The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.
- The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.
- The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.
- The podman pod ps command now supports a new filter status, that matches pods in a certain state.
* Changes
- The podman network rm --force command will now also remove pods that are using the network (#7791).
- The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.
- If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.
- Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).
- Many errors have been changed to remove repetition and be more clear as to what has gone wrong.
- The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.
- The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.
- Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).
- The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).
- A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.
- Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.
- The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).
- Remote Podman will no longer use settings from the client's containers.conf; defaults will instead be provided by the server's containers.conf (#7657).
- The podman network rm command now has a new alias, podman network remove (#8402).
* Bugfixes
- Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.
- Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).
- Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker's behavior.
- Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.
- Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.
- Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.
- Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).
- Fixed a bug where the podman untag --all command was not supported with remote Podman.
- Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).
- Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.
- Fixed a bug where Podman's handling of capabilities, specifically inheritable, did not match Docker's.
- Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).
- Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).
- Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).
- Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).
- Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).
- Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).
- Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).
- Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).
- Fixed a bug where the --format "table {{ .Field }}" option to numerous Podman commands ceased to function on Podman v2.0 and up.
- Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).
- Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).
- Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.
- Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).
- Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).
- Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).
- Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).
- Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.
- Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).
- Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).
- Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).
- Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.
- Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).
- Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).
- Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).
- Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.
- Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).
- Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...) (#8073).
- Fixed a bug where the podman ps command did not include information on all ports a container was publishing.
- Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.
- Fixed a bug where the podman wait command's --interval option did not work when units were not specified for the duration (#8088).
- Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).
- Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).
- Fixed a bug where the --extract option to podman cp was nonfunctional.
- Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).
- Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).
- Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).
- Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).
- Fixed a bug where the podman attach command would not exit when containers stopped (#8154).
- Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).
- Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).
- Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.
- Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).
- Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).
- Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).
- Fixed a bug where filters passed to podman volume list were not inclusive (#6765).
- Fixed a bug where the podman volume create command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).
- Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).
- Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).
- Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).
- Fixed a bug where the podman stats command did not show memory limits for containers (#8265).
- Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).
- Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).
- Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).
- Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.
- Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).
- Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.
- Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).
- Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.
- Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).
- Fixed a bug where the podman container ps alias for podman ps was missing (#8445).
* API
- The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.
- A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).
- The Compat Network Connect and Network Disconnect endpoints have been added.
- Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.
- The Compat Create endpoint for images now properly supports specifying images by digest.
- The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN instructions.
- The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.
- Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).
- Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.
- Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.
- Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).
- Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container's stop signal (#7917).
- Fixed a bug where the Compat Inspect endpoint for Containers formatted the container's create time incorrectly (#7860).
- Fixed a bug where the Compat Inspect endpoint for Containers did not include the container's Path, Args, and Restart Count.
- Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).
- Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.
- Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).
- Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).
- Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).
- Fixed a bug where the "no such image" error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.
- Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.
- Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.
- Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.
- Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.
==== snapper ====
Subpackages: libsnapper5
- do not override passwd after getpwuid_r et.al. calls
(gh#openSUSE/snapper#589)
- state in man-pages that ext4 support is discontinued
(gh#openSUSE/snapper#331)
- use C++11 regexes instead of own regcomp/regexec wrapper class
(see gh#openSUSE/snapper#583)
==== sqlite3 ====
Version update (3.33.0 -> 3.34.0)
- SQLite 3.34.0:
* Added the sqlite3_txn_state() interface for reporting on the
current transaction state of the database connection.
* Enhance recursive common table expressions to support two or more
recursive terms as is done by SQL Server, since this helps make
queries against graphs easier to write and faster to execute.\
* Improved error messages on CHECK constraint failures.
* The .read dot-command now accepts a pipeline in addition to a
filename.
* Added options --data-only and --nosys to the .dump dot-command.
* Added the --nosys option to the .schema dot-command.
* Table name quoting works correctly for the .import dot-command.
* The generate_series(START,END,STEP) table-valued function
extension is now built into the CLI.
* The .databases dot-command now show the status of each database
file as determined by sqlite3_db_readonly() and
sqlite3_txn_state().
* Added the --tabs command-line option that sets .mode tabs.
* The --init option reports an error if the file named as its
argument cannot be opened. The --init option also now honors the
- -bail option.
* Improved estimates for the cost of running a DISTINCT operator.
* When doing an UPDATE or DELETE using a multi-column index where
only a few of the earlier columns of the index are useful for the
index lookup, postpone doing the main table seek until after all
WHERE clause constraints have been evaluated, in case those
constraints can be covered by unused later terms of the index,
thus avoiding unnecessary main table seeks.
* The new OP_SeekScan opcode is used to improve performance of
multi-column index look-ups when later columns are constrained by
an IN operator.
* The BEGIN IMMEDIATE and BEGIN EXCLUSIVE commands now work even if
one or more attached database files are read-only.
* Enhanced FTS5 to support trigram indexes.
* Improved performance of WAL mode locking primitives in cases where
there are hundreds of connections all accessing the same database
file at once.
* Enhanced the carray() table-valued function to include a
single-argument form that is bound using the auxiliary
sqlite3_carray_bind() interface.
* The substr() SQL function can now also be called "substring()" for
compatibility with SQL Server.
* The syntax diagrams are now implemented as Pikchr scripts and
rendered as SVG for improved legibility and ease of maintenance.
==== webkit2gtk3 ====
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- 0001-ICU-68.1-no-longer-exposes-FALSE-and-TRUE-macros-by-.patch:
ICU 68.1 no longer exposes FALSE and TRUE macros by default.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor (3.0.0 -> 3.0.1)
autofs
busybox
kernel-source (5.9.11 -> 5.9.12)
libapparmor (3.0.0 -> 3.0.1)
open-vm-tools
podman (2.1.1 -> 2.2.0)
snapper
sqlite3 (3.33.0 -> 3.34.0)
=== Details ===
==== apparmor ====
Version update (3.0.0 -> 3.0.1)
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- update to AppArmor 3.0.1
- minor additions to profiles and abstractions
- some bugfixes in libapparmor, apparmor_parser and the aa-* utils
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- removed upstream(ed) patches:
- changes-since-3.0.0.diff
- extra-profiles-fix-Pux.diff
- utils-fix-hotkey-conflict.diff
- Use apache provided variables for the module_directry:
+ Use %apache_libexecdir
+ Add apache-rpm-macros BuildRequires
==== autofs ====
- automount-fix-master-wait.patch: Fix options string for master wait
(bsc#1178006)
- autofs-nsswitch-usr-etc.patch: Use /usr/etc/nsswitch.conf if
/etc/nsswitch.con is unavailable (bsc#1175238)
==== busybox ====
- prepare usrmerge (boo#1029961)
==== kernel-source ====
Version update (5.9.11 -> 5.9.12)
- Linux 5.9.12 (bsc#1012628).
- io_uring: get an active ref_node from files_data (bsc#1012628).
- io_uring: order refnode recycling (bsc#1012628).
- spi: bcm-qspi: Fix use-after-free on unbind (bsc#1012628).
- spi: bcm2835: Fix use-after-free on unbind (bsc#1012628).
- ipv4: use IS_ENABLED instead of ifdef (bsc#1012628).
- IB/hfi1: Ensure correct mm is used at all times (bsc#1012628).
- RDMA/i40iw: Address an mmap handler exploit in i40iw
(bsc#1012628).
- btrfs: fix missing delalloc new bit for new delalloc ranges
(bsc#1012628).
- btrfs: tree-checker: add missing return after error in root_item
(bsc#1012628).
- btrfs: tree-checker: add missing returns after data_ref
alignment checks (bsc#1012628).
- btrfs: don't access possibly stale fs_info data for printing
duplicate device (bsc#1012628).
- btrfs: fix lockdep splat when reading qgroup config on mount
(bsc#1012628).
- rtc: pcf2127: fix a bug when not specify interrupts property
(bsc#1012628).
- s390: fix fpu restore in entry.S (bsc#1012628).
- mm: fix VM_BUG_ON(PageTail) and BUG_ON(PageWriteback)
(bsc#1012628).
- smb3: Call cifs reconnect from demultiplex thread (bsc#1012628).
- smb3: Avoid Mid pending list corruption (bsc#1012628).
- smb3: Handle error case during offload read path (bsc#1012628).
- cifs: fix a memleak with modefromsid (bsc#1012628).
- powerpc/64s: Fix KVM system reset handling when
CONFIG_PPC_PSERIES=y (bsc#1012628).
- powerpc/64s/exception: KVM Fix for host DSI being taken in
HPT guest MMU context (bsc#1012628).
- KVM: PPC: Book3S HV: XIVE: Fix possible oops when accessing
ESB page (bsc#1012628).
- KVM: arm64: vgic-v3: Drop the reporting of GICR_TYPER.Last
for userspace (bsc#1012628).
- KVM: x86: handle !lapic_in_kernel case in kvm_cpu_*_extint
(bsc#1012628).
- KVM: x86: Fix split-irqchip vs interrupt injection window
request (bsc#1012628).
- iommu/vt-d: Don't read VCCAP register unless it exists
(bsc#1012628).
- firmware: xilinx: Use hash-table for api feature check
(bsc#1012628).
- drm/amdgpu: fix SI UVD firmware validate resume fail
(bsc#1012628).
- io_uring: fix ITER_BVEC check (bsc#1012628).
- trace: fix potenial dangerous pointer (bsc#1012628).
- arm64: tegra: Correct the UART for Jetson Xavier NX
(bsc#1012628).
- arm64: tegra: Fix USB_VBUS_EN0 regulator on Jetson TX1
(bsc#1012628).
- arm64: pgtable: Fix pte_accessible() (bsc#1012628).
- arm64: pgtable: Ensure dirty bit is preserved across
pte_wrprotect() (bsc#1012628).
- drm/amdgpu: fix a page fault (bsc#1012628).
- drm/amdgpu: update golden setting for sienna_cichlid
(bsc#1012628).
- drm/amd/amdgpu: fix null pointer in runtime pm (bsc#1012628).
- drm/amd/display: Avoid HDCP initialization in devices without
output (bsc#1012628).
- HID: uclogic: Add ID for Trust Flex Design Tablet (bsc#1012628).
- HID: ite: Replace ABS_MISC 120/121 events with touchpad on/off
keypresses (bsc#1012628).
- HID: cypress: Support Varmilo Keyboards' media hotkeys
(bsc#1012628).
- HID: add support for Sega Saturn (bsc#1012628).
- Input: i8042 - allow insmod to succeed on devices without an
i8042 controller (bsc#1012628).
- HID: hid-sensor-hub: Fix issue with devices with no report ID
(bsc#1012628).
- staging: ralink-gdma: fix kconfig dependency bug for DMA_RALINK
(bsc#1012628).
- HID: add HID_QUIRK_INCREMENT_USAGE_ON_DUPLICATE for Gamevice
devices (bsc#1012628).
- dmaengine: xilinx_dma: use readl_poll_timeout_atomic variant
(bsc#1012628).
- x86/xen: don't unbind uninitialized lock_kicker_irq
(bsc#1012628).
- kunit: fix display of failed expectations for strings
(bsc#1012628).
- HID: logitech-hidpp: Add HIDPP_CONSUMER_VENDOR_KEYS quirk for
the Dinovo Edge (bsc#1012628).
- HID: Add Logitech Dinovo Edge battery quirk (bsc#1012628).
- proc: don't allow async path resolution of /proc/self components
(bsc#1012628).
- nvme: free sq/cq dbbuf pointers when dbbuf set fails
(bsc#1012628).
- io_uring: handle -EOPNOTSUPP on path resolution (bsc#1012628).
- net: stmmac: dwmac_lib: enlarge dma reset timeout (bsc#1012628).
- vdpasim: fix "mac_pton" undefined error (bsc#1012628).
- vhost: add helper to check if a vq has been setup (bsc#1012628).
- vhost scsi: alloc cmds per vq instead of session (bsc#1012628).
- vhost scsi: fix cmd completion race (bsc#1012628).
- cpuidle: tegra: Annotate tegra_pm_set_cpu_in_lp2() with
RCU_NONIDLE (bsc#1012628).
- dmaengine: pl330: _prep_dma_memcpy: Fix wrong burst size
(bsc#1012628).
- scsi: libiscsi: Fix NOP race condition (bsc#1012628).
- scsi: target: iscsi: Fix cmd abort fabric stop race
(bsc#1012628).
- lockdep: Put graph lock/unlock under lock_recursion protection
(bsc#1012628).
- perf/x86: fix sysfs type mismatches (bsc#1012628).
- xtensa: uaccess: Add missing __user to strncpy_from_user()
prototype (bsc#1012628).
- x86/dumpstack: Do not try to access user space code of other
tasks (bsc#1012628).
- net: dsa: mv88e6xxx: Wait for EEPROM done after HW reset
(bsc#1012628).
- bus: ti-sysc: Fix reset status check for modules with quirks
(bsc#1012628).
- bus: ti-sysc: Fix bogus resetdone warning on enable for cpsw
(bsc#1012628).
- ARM: OMAP2+: Manage MPU state properly for
omap_enter_idle_coupled() (bsc#1012628).
- phy: tegra: xusb: Fix dangling pointer on probe failure
(bsc#1012628).
- iwlwifi: mvm: use the HOT_SPOT_CMD to cancel an AUX ROC
(bsc#1012628).
- iwlwifi: mvm: properly cancel a session protection for P2P
(bsc#1012628).
- iwlwifi: mvm: write queue_sync_state only for sync
(bsc#1012628).
- KVM: s390: pv: Mark mm as protected after the set secure
parameters and improve cleanup (bsc#1012628).
- KVM: s390: remove diag318 reset code (bsc#1012628).
- batman-adv: set .owner to THIS_MODULE (bsc#1012628).
- usb: cdns3: gadget: fix some endian issues (bsc#1012628).
- usb: cdns3: gadget: calculate TD_SIZE based on TD (bsc#1012628).
- phy: qualcomm: usb: Fix SuperSpeed PHY OF dependency
(bsc#1012628).
- phy: qualcomm: Fix 28 nm Hi-Speed USB PHY OF dependency
(bsc#1012628).
- arch: pgtable: define MAX_POSSIBLE_PHYSMEM_BITS where needed
(bsc#1012628).
- bus: ti-sysc: suppress err msg for timers used as
clockevent/source (bsc#1012628).
- ARM: dts: dra76x: m_can: fix order of clocks (bsc#1012628).
- scsi: ufs: Fix race between shutdown and runtime resume flow
(bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_one() (bsc#1012628).
- bnxt_en: fix error return code in bnxt_init_board()
(bsc#1012628).
- video: hyperv_fb: Fix the cache type when mapping the VRAM
(bsc#1012628).
- bnxt_en: Release PCI regions when DMA mask setup fails during
probe (bsc#1012628).
- block/keyslot-manager: prevent crash when num_slots=1
(bsc#1012628).
- cxgb4: fix the panic caused by non smac rewrite (bsc#1012628).
- dpaa2-eth: select XGMAC_MDIO for MDIO bus support (bsc#1012628).
- s390/qeth: make af_iucv TX notification call more robust
(bsc#1012628).
- s390/qeth: fix af_iucv notification race (bsc#1012628).
- s390/qeth: fix tear down of async TX buffers (bsc#1012628).
- drm/mediatek: dsi: Modify horizontal front/back porch byte
formula (bsc#1012628).
- bonding: wait for sysfs kobject destruction before freeing
struct slave (bsc#1012628).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1012628).
- ibmvnic: notify peers when failover and migration happen
(bsc#1012628).
- powerpc/64s: Fix allnoconfig build since uaccess flush
(bsc#1012628).
- iommu: Check return of __iommu_attach_device() (bsc#1012628).
- IB/mthca: fix return value of error branch in mthca_init_cq()
(bsc#1012628).
- i40e: Fix removing driver while bare-metal VFs pass traffic
(bsc#1012628).
- firmware: xilinx: Fix SD DLL node reset issue (bsc#1012628).
- spi: imx: fix the unbalanced spi runtime pm management
(bsc#1012628).
- io_uring: fix shift-out-of-bounds when round up cq size
(bsc#1012628).
- aquantia: Remove the build_skb path (bsc#1012628).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers
(bsc#1012628).
- net: ena: handle bad request id in ena_netdev (bsc#1012628).
- net: ena: set initial DMA width to avoid intel iommu issue
(bsc#1012628).
- net: ena: fix packet's addresses for rx_offset feature
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues
(bsc#1012628).
- ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq
(bsc#1012628).
- ibmvnic: enhance resetting status check during module exit
(bsc#1012628).
- optee: add writeback to valid memory type (bsc#1012628).
- x86/tboot: Don't disable swiotlb when iommu is forced on
(bsc#1012628).
- arm64: tegra: Wrong AON HSP reg property size (bsc#1012628).
- efi/efivars: Set generic ops before loading SSDT (bsc#1012628).
- efivarfs: revert "fix memory leak in efivarfs_create()"
(bsc#1012628).
- efi: EFI_EARLYCON should depend on EFI (bsc#1012628).
- riscv: Explicitly specify the build id style in vDSO Makefile
again (bsc#1012628).
- RISC-V: Add missing jump label initialization (bsc#1012628).
- RISC-V: fix barrier() use in <vdso/processor.h> (bsc#1012628).
- net: stmmac: fix incorrect merge of patch upstream
(bsc#1012628).
- enetc: Let the hardware auto-advance the taprio base-time of 0
(bsc#1012628).
- ptp: clockmatrix: bug fix for idtcm_strverscmp (bsc#1012628).
- drm/nouveau: fix relocations applying logic and a double-free
(bsc#1012628).
- can: gs_usb: fix endianess problem with candleLight firmware
(bsc#1012628).
- platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup
time (bsc#1012628).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment
(bsc#1012628).
- RDMA/hns: Fix wrong field of SRQ number the device supports
(bsc#1012628).
- RDMA/hns: Fix retry_cnt and rnr_cnt when querying QP
(bsc#1012628).
- RDMA/hns: Bugfix for memory window mtpt configuration
(bsc#1012628).
- can: m_can: m_can_open(): remove IRQF_TRIGGER_FALLING from
request_threaded_irq()'s flags (bsc#1012628).
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
(bsc#1012628).
- perf record: Synthesize cgroup events only if needed
(bsc#1012628).
- perf stat: Use proper cpu for shadow stats (bsc#1012628).
- perf probe: Fix to die_entrypc() returns error correctly
(bsc#1012628).
- USB: core: Change %pK for __user pointers to %px (bsc#1012628).
- usb: gadget: f_midi: Fix memleak in f_midi_alloc (bsc#1012628).
- USB: core: Fix regression in Hercules audio card (bsc#1012628).
- USB: quirks: Add USB_QUIRK_DISCONNECT_SUSPEND quirk for Lenovo
A630Z TIO built-in usb-audio card (bsc#1012628).
- usb: gadget: Fix memleak in gadgetfs_fill_super (bsc#1012628).
- irqchip/exiu: Fix the index of fwspec for IRQ type
(bsc#1012628).
- x86/mce: Do not overwrite no_way_out if mce_end() fails
(bsc#1012628).
- x86/speculation: Fix prctl() when
spectre_v2_user={seccomp,prctl},ibpb (bsc#1012628).
- x86/resctrl: Remove superfluous kernfs_get() calls to prevent
refcount leak (bsc#1012628).
- x86/resctrl: Add necessary kernfs_put() calls to prevent
refcount leak (bsc#1012628).
- drm/amdgpu: add rlc iram and dram firmware support
(bsc#1012628).
- commit 46922da
- rpm/kernel-{source,binary}.spec: do not include ghost symlinks
(boo#1179082).
- commit 76a9256
- Update config files.
Refresh after SOUNDWIRE removal.
- commit fa3b6ea
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- commit 965157e
- Update config files: make CONFIG_SOUNDWIRE=m (bsc#1179201)
Also turned it off for unrelated platforms
- commit afd1f81
- Update
patches.kernel.org/5.9.11-181-sched-Fix-data-race-in-wakeup.patch
(bsc#1012628 bsc#1175893).
Add a bsc.
- commit d5a5c02
- dt-bindings: pwm: Add binding for RPi firmware PWM bus
(jsc#SLE-16543).
- staging: vchiq: Release firmware handle on unbind
(jsc#SLE-16543).
- soc: bcm: raspberrypi-power: Release firmware handle on unbind
(jsc#SLE-16543).
- - pwm: Add Raspberry Pi Firmware based PWM bus (jsc#SLE-16543).
- Update configs: Enable pwm driver on arm64/arm32
- supported.conf: Enable pwm driver
- input: raspberrypi-ts: Release firmware handle when not needed
(jsc#SLE-16543).
- gpio: raspberrypi-exp: Release firmware handle on unbind
(jsc#SLE-16543).
- firmware: raspberrypi: Keep count of all consumers
(jsc#SLE-16543).
- firmware: raspberrypi: Introduce devm_rpi_firmware_get()
(jsc#SLE-16543).
- clk: bcm: rpi: Release firmware handle on unbind
(jsc#SLE-16543).
- commit e8d4edd
==== libapparmor ====
Version update (3.0.0 -> 3.0.1)
- update to AppArmor 3.0.1
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
for the detailed upstream changelog
- drop upstream patch changes-since-3.0.0.diff
==== open-vm-tools ====
Subpackages: libvmtools0
- Enable build on aarch64
==== podman ====
Version update (2.1.1 -> 2.2.0)
Subpackages: podman-cni-config
- Update to v2.2.0
* Features
- Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.
- Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.
- The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.
- The podman generate kube command now features support for exporting container's memory and CPU limits (#7855).
- The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).
- The podman play kube command now supports persistent volumes claims using Podman named volumes.
- The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).
- The podman play kube command now supports a --log-driver option to set the log driver for created containers.
- The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.
- The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).
- The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).
- The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.
- The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.
- The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container's logs (#7434).
- The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).
- The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.
- The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.
- The podman search command can now output JSON using the --format=json option.
- The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.
- The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.
- The --tls-verify and --authfile options have been enabled for use with remote Podman.
- The /etc/hosts file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).
- The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.
- The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.
- The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.
- The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.
- The podman pod ps command now supports a new filter status, that matches pods in a certain state.
* Changes
- The podman network rm --force command will now also remove pods that are using the network (#7791).
- The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.
- If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.
- Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).
- Many errors have been changed to remove repetition and be more clear as to what has gone wrong.
- The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.
- The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.
- Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).
- The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).
- A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.
- Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.
- The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).
- Remote Podman will no longer use settings from the client's containers.conf; defaults will instead be provided by the server's containers.conf (#7657).
- The podman network rm command now has a new alias, podman network remove (#8402).
* Bugfixes
- Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.
- Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).
- Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker's behavior.
- Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.
- Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.
- Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.
- Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).
- Fixed a bug where the podman untag --all command was not supported with remote Podman.
- Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).
- Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.
- Fixed a bug where Podman's handling of capabilities, specifically inheritable, did not match Docker's.
- Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).
- Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).
- Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).
- Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).
- Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).
- Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).
- Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).
- Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).
- Fixed a bug where the --format "table {{ .Field }}" option to numerous Podman commands ceased to function on Podman v2.0 and up.
- Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).
- Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).
- Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.
- Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).
- Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).
- Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).
- Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).
- Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.
- Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).
- Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).
- Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).
- Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.
- Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).
- Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).
- Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).
- Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.
- Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).
- Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...) (#8073).
- Fixed a bug where the podman ps command did not include information on all ports a container was publishing.
- Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.
- Fixed a bug where the podman wait command's --interval option did not work when units were not specified for the duration (#8088).
- Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).
- Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).
- Fixed a bug where the --extract option to podman cp was nonfunctional.
- Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).
- Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).
- Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).
- Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).
- Fixed a bug where the podman attach command would not exit when containers stopped (#8154).
- Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).
- Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).
- Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.
- Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).
- Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).
- Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).
- Fixed a bug where filters passed to podman volume list were not inclusive (#6765).
- Fixed a bug where the podman volume create command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).
- Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).
- Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).
- Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).
- Fixed a bug where the podman stats command did not show memory limits for containers (#8265).
- Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).
- Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).
- Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).
- Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.
- Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).
- Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.
- Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).
- Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.
- Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).
- Fixed a bug where the podman container ps alias for podman ps was missing (#8445).
* API
- The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.
- A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).
- The Compat Network Connect and Network Disconnect endpoints have been added.
- Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.
- The Compat Create endpoint for images now properly supports specifying images by digest.
- The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN instructions.
- The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.
- Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).
- Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.
- Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.
- Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).
- Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container's stop signal (#7917).
- Fixed a bug where the Compat Inspect endpoint for Containers formatted the container's create time incorrectly (#7860).
- Fixed a bug where the Compat Inspect endpoint for Containers did not include the container's Path, Args, and Restart Count.
- Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).
- Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.
- Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).
- Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).
- Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).
- Fixed a bug where the "no such image" error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.
- Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.
- Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.
- Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.
- Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.
==== snapper ====
Subpackages: libsnapper5
- do not override passwd after getpwuid_r et.al. calls
(gh#openSUSE/snapper#589)
- state in man-pages that ext4 support is discontinued
(gh#openSUSE/snapper#331)
- use C++11 regexes instead of own regcomp/regexec wrapper class
(see gh#openSUSE/snapper#583)
==== sqlite3 ====
Version update (3.33.0 -> 3.34.0)
- SQLite 3.34.0:
* Added the sqlite3_txn_state() interface for reporting on the
current transaction state of the database connection.
* Enhance recursive common table expressions to support two or more
recursive terms as is done by SQL Server, since this helps make
queries against graphs easier to write and faster to execute.\
* Improved error messages on CHECK constraint failures.
* The .read dot-command now accepts a pipeline in addition to a
filename.
* Added options --data-only and --nosys to the .dump dot-command.
* Added the --nosys option to the .schema dot-command.
* Table name quoting works correctly for the .import dot-command.
* The generate_series(START,END,STEP) table-valued function
extension is now built into the CLI.
* The .databases dot-command now show the status of each database
file as determined by sqlite3_db_readonly() and
sqlite3_txn_state().
* Added the --tabs command-line option that sets .mode tabs.
* The --init option reports an error if the file named as its
argument cannot be opened. The --init option also now honors the
- -bail option.
* Improved estimates for the cost of running a DISTINCT operator.
* When doing an UPDATE or DELETE using a multi-column index where
only a few of the earlier columns of the index are useful for the
index lookup, postpone doing the main table seek until after all
WHERE clause constraints have been evaluated, in case those
constraints can be covered by unused later terms of the index,
thus avoiding unnecessary main table seeks.
* The new OP_SeekScan opcode is used to improve performance of
multi-column index look-ups when later columns are constrained by
an IN operator.
* The BEGIN IMMEDIATE and BEGIN EXCLUSIVE commands now work even if
one or more attached database files are read-only.
* Enhanced FTS5 to support trigram indexes.
* Improved performance of WAL mode locking primitives in cases where
there are hundreds of connections all accessing the same database
file at once.
* Enhanced the carray() table-valued function to include a
single-argument form that is bound using the auxiliary
sqlite3_carray_bind() interface.
* The substr() SQL function can now also be called "substring()" for
compatibility with SQL Server.
* The syntax diagrams are now implemented as Pikchr scripts and
rendered as SVG for improved legibility and ease of maintenance.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa
Mesa-drivers
NetworkManager
audit-secondary
bluedevil5 (5.20.3 -> 5.20.4)
breeze (5.20.3 -> 5.20.4)
busybox-links
discover (5.20.3 -> 5.20.4)
drkonqi5 (5.20.3 -> 5.20.4)
elfutils (0.181 -> 0.182)
ffmpeg-4
kactivitymanagerd (5.20.3 -> 5.20.4)
kde-cli-tools5 (5.20.3 -> 5.20.4)
kexec-tools
kgamma5 (5.20.3 -> 5.20.4)
khotkeys5 (5.20.3 -> 5.20.4)
kinfocenter5 (5.20.3 -> 5.20.4)
kmenuedit5 (5.20.3 -> 5.20.4)
kscreen5 (5.20.3 -> 5.20.4)
kscreenlocker (5.20.3 -> 5.20.4)
ksysguard5 (5.20.3 -> 5.20.4)
kwayland-integration (5.20.3 -> 5.20.4)
kwayland-server (5.20.3 -> 5.20.4)
kwin5 (5.20.3 -> 5.20.4)
kwrited5 (5.20.3 -> 5.20.4)
libass (0.14.0 -> 0.15.0)
libgit2
libinput (1.16.3 -> 1.16.4)
libkdecoration2 (5.20.3 -> 5.20.4)
libkscreen2 (5.20.3 -> 5.20.4)
libksysguard5 (5.20.3 -> 5.20.4)
libqt5-qtwayland
libva (2.9.0 -> 2.9.1)
milou5 (5.20.3 -> 5.20.4)
mozjs78 (78.4.0 -> 78.5.0)
open-iscsi
pam (1.5.0 -> 1.5.1)
perl-File-Listing (6.11 -> 6.14)
plasma-nm5 (5.20.3 -> 5.20.4)
plasma5-addons (5.20.3 -> 5.20.4)
plasma5-desktop (5.20.3 -> 5.20.4)
plasma5-integration (5.20.3 -> 5.20.4)
plasma5-openSUSE
plasma5-pa (5.20.3 -> 5.20.4)
plasma5-workspace (5.20.3 -> 5.20.4)
polkit-kde-agent-5 (5.20.3 -> 5.20.4)
powerdevil5 (5.20.3 -> 5.20.4)
pulseaudio (13.0 -> 14.0)
python-psutil (5.7.2 -> 5.7.3)
python-pytz (2020.1 -> 2020.4)
python-requests (2.24.0 -> 2.25.0)
sed
systemd
systemd-default-settings
systemsettings5 (5.20.3 -> 5.20.4)
tslib (1.16 -> 1.22)
xdg-desktop-portal-kde (5.20.3 -> 5.20.4)
xorg-x11-server
yast2 (4.3.44 -> 4.3.45)
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- require llvm-devel *without* any explicit version number for
factory/TW to imply 'distro default llvm version', which we
usually bump up when a new stable llvm comes out
- use llvm11 on factory/TW and sle15-sp3/Leap 15.3
- enabled build of radeonsi DRI and VDPAU driver on aarch64
(boo#1179376)
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium
- require llvm-devel *without* any explicit version number for
factory/TW to imply 'distro default llvm version', which we
usually bump up when a new stable llvm comes out
- use llvm11 on factory/TW and sle15-sp3/Leap 15.3
- enabled build of radeonsi DRI and VDPAU driver on aarch64
(boo#1179376)
==== NetworkManager ====
Subpackages: libnm0 typelib-1_0-NM-1_0
- Provide service(network) and sysvinit(network) to be an alternative
to wicked-service
==== audit-secondary ====
Subpackages: audit python3-audit
- prepare usrmerge (boo#1029961)
==== bluedevil5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== breeze ====
Version update (5.20.3 -> 5.20.4)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-wallpapers libbreezecommon5-5
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Notify on color scheme changes (kde#428771)
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-psmisc busybox-sed
- Add conflicts: bridge-utils to busybox-iproute2: both packages
provide /usr/sbin/brctl.
==== discover ====
Version update (5.20.3 -> 5.20.4)
Subpackages: discover-backend-flatpak
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Fix incorrect usage of units on ApplicationDelegate
* Fix sidebar header/toolbar sizing and height
* Display title in application page
* pk: Set the Daemon locale at start
* Fix installation of local packages (kde#428125)
==== drkonqi5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== elfutils ====
Version update (0.181 -> 0.182)
Subpackages: libasm1 libdw1 libelf1
- Mention elfutils-rpmlintrc as a Source.
- Add rpmlintrc for
libdebuginfod1-dummy.s390x: E: shlib-policy-name-error (Badness: 10000) libdebuginfod1
which is expected as libdebuginfod1 and it's dummy library do share equal
soname.
- Update to version 0.182:
backends: Support for tilegx has been removed.
config: New /etc/profile.d files to provide default $DEBUGINFOD_URLS.
debuginfod: More efficient package traversal, tolerate various errors
during scanning, grooming progress is more visible and
interruptible, more prometheus metrics.
debuginfod-client: Now supports compressed (kernel) ELF images.
libdwfl: Add ZSTD compression support.
- Creatu dummy subpackages that can be used for build of packages
that are in bootstrap cycle.
- Add Provides for real packages.
==== ffmpeg-4 ====
Subpackages: libavcodec58_91 libavformat58_45 libavutil56_51 libswresample3_7
- Add ffmpeg_altivec_yuv2rgb_novsx.patch for ppc64 (BE) as per
https://trac.ffmpeg.org/ticket/8750
https://bugzilla.opensuse.org/show_bug.cgi?id=1179332
==== kactivitymanagerd ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kde-cli-tools5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kexec-tools ====
- prepare usrmerge (boo#1029961)
==== kgamma5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== khotkeys5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kinfocenter5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* weight main categories properly (kde#429153)
==== kmenuedit5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kscreen5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kscreenlocker ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libKScreenLocker5
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Use QuickControls 2 StackView (kde#429290)
* actually replace wallaper pages
==== ksysguard5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kwayland-integration ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kwayland-server ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== kwin5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* xwl: No need to delete the source immediately
* xwl: No need to create createX11Source twice consecutively
* xwl: Do not refresh the x11 Clipboard while fetching (kde#424754)
* xwl: Include errors and warnings
* screencating: query for dmabuf availability before we start streaming
* wayland: Fix clipped thumbnails of client-side decorated apps (kde#428595)
* Fixed Toggle Night Color global shortcut, which used i18n in object name, leading to erratic behavior e.g. when system locale or translations changed. (kde#428024)
* Set setMoveResize(true) after stopping fullscreen and quick tiling (kde#427848)
* screencasting: don't crash if the cursor is too big for our buffer
* fix: magiclamp effect wrong direction.
* kcm/decorations: Fix border size updating for thumbnails
==== kwrited5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== libass ====
Version update (0.14.0 -> 0.15.0)
- Update to version 0.15.0
* Fix backwards/VSFilter-incompatible font sizes with FreeType
2.10+
* Improve speed via better caching
* Require HarfBuzz unconditionally to ensure good shaping for
complex scripts
* ass_set_use_margins(true) now simply places text on the whole
screen instead of attempting to tie it to video positioning
(set by the margin values) and failing in various ways when
margins are used to implement pan & scan in a video player
* Add ass_track_set_feature() & catch-all
ASS_FEATURE_INCOMPATIBLE_EXTENSIONS
* Add ASS_FEATURE_BIDI_BRACKETS to enable Unicode 6.3+ bracket
matching when applying the Unicode Bidirectional Algorithm
(incompatible with VSFilter; requires libass built with
FriBidi 1.0+)
* Fix stack overflow on deeply nested \t tags
* Fix positioning of events with leading line breaks
* Fix small but nonzero \bord becoming \bord0 (regression in
0.14.0)
* Measure BorderStyle=4 box padding from glyph border, not
from glyph fill
* Scale everything from script resolution if storage size is
not set (including borders and shadows regardless of
ScaledBorderAndShadow)
* Fix the default aspect ratio calculation when neither
ass_set_pixel_aspect() nor ass_set_aspect_ratio() is called
* Multiple fixes for karaoke override tags
* Handle memory allocation failures better:
avoid some crashes and produce images closer to truth
* Avoid some integer overflows
* Add internal infrastructure for regression testing
* Improve VSFilter compatibility:
+ Treat invalid nested \t tags like VSFilter
+ Make \t(T,T,...) at time exactly T use the post-transition
values
+ Make lines stack more like they do in VSFilter
+ Default ScaledBorderAndShadow to 0 (like VSFilter),
except for subtitles that were produced by old FFmpeg/Libav
+ Make shadow positioning with 3D transforms match VSFilter's
+ Cut out glyphs from border & shadow in all the same cases
as VSFilter
+ Match VSFilter on animated color tags with negative
acceleration
+ Fix parsing of some files that VSFilter accepts but libass
didn't by ignoring leading whitespace in each line of an
ASS file or CodecPrivate
+ Improve font selection with CoreText
+ Stop faux-bolding fonts that are too bold to get faux bold
in VSFilter
+ Ignore leading/trailing spaces when calculating height of
nonblank lines
+ Match VSFilter on \fade with large alpha value arguments
+ Stop splitting bitmaps on font substitution
+ Multiple fixes for Banner and Scroll effects
+ Multiple fixes for karaoke override tags
==== libgit2 ====
- require library required by pkg-config file
==== libinput ====
Version update (1.16.3 -> 1.16.4)
- Update to release 1.16.4
* Fix the termination of the readlink result
* udev: update rules to handle bind/unbind events
==== libkdecoration2 ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libkdecorations2-5 libkdecorations2private7
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== libkscreen2 ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libKF5Screen7 libkscreen2-plugin
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Fix build with newer Qt
==== libksysguard5 ====
Version update (5.20.3 -> 5.20.4)
Subpackages: libksysguard5-helper libksysguard5-imports
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Do not insert non existing columns
* Write entries if face config changes (kde#429155,kde#429167,kde#429367)
* Delete compactRepresentation when switching faces (kde#424599)
==== libqt5-qtwayland ====
Subpackages: libQt5WaylandClient5 libQt5WaylandCompositor5
- Add upstream patch to fix a regression:
* 0001-Scanner-Avoid-accessing-dangling-pointers-in-destroy.patch
==== libva ====
Version update (2.9.0 -> 2.9.1)
Subpackages: libva-drm2 libva2
- update to 2.9.1:
* fix version mismatch between meson and autotools
==== milou5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== mozjs78 ====
Version update (78.4.0 -> 78.5.0)
- Update to version 78.5.0esr.
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Updatged to latest upstream, including:
* iscsiadm: Optimize the the verification of mode paramters
* iscsid: Poll timeout value to 1 minute for iscsid
* iscsiadm: fix host stats mode coredump
* iscsid: fix logging level when starting and shutting down daemon
* Updated iscsiadm man page.
* Fix memory leak in sysfs_get_str
* libopeniscsiusr: Compare with max int instead of max long
- Systemd unit files should not depend on network.target (bsc#1179440),
updating:
* open-iscsi-SUSE-latest.diff.bz2
==== pam ====
Version update (1.5.0 -> 1.5.1)
- Update to 1.5.1
- pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank [bsc#1179166]
- pam_faillock: added nodelay option to not set pam_fail_delay
- pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
==== perl-File-Listing ====
Version update (6.11 -> 6.14)
- updated to 6.14
see /usr/share/doc/packages/perl-File-Listing/Changes
6.14 2020-11-30 05:48:07 -0700
- Production version identical to 6.12_01
6.12_01 2020-11-27 16:13:15 -0700
- Handle default apache indexes (gh#20)
- Ignore certain known navigation links in apache indexes (gh#20)
- Support Win32 OpenSSH listing (gh#21 simon04++)
==== plasma-nm5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== plasma5-addons ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== plasma5-desktop ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Remove cmake checks for breeze decoration
* There is no Q_FALLTHROUGH in qml or js (kde#429574)
* Fix translation extraction (kde#429466)
* [kcms/users]: Fix 429313 (kde#429313)
* Use plasma theme icons in kickoff leave view
* Don't use visible property in procedural code to determine state (kde#408116)
* [panel] Fix dragging panel to resize for top and right panels (kde#429063)
==== plasma5-integration ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE sddm-theme-openSUSE
- Update to 5.20.4
==== plasma5-pa ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Remove count property from PulseObjectFilterModel (kde#427978)
==== plasma5-workspace ====
Version update (5.20.3 -> 5.20.4)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Fix Environment Canada weather domain.
* Fix build with newer Qt
* fix: Font files, kfontview and thumbnailer crash on Wayland (kde#401031)
* Readd searching for breeze decoration (kde#429298)
* [Notifications] Check pause button when job is paused
* The cursor previews are in a layout
* Revert "Use new simpler way to disable session management in services"
* [Tab switcher] Fix binding loop that spams the log (kde#410984)
==== polkit-kde-agent-5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== powerdevil5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== pulseaudio ====
Version update (13.0 -> 14.0)
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-module-bluetooth pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils
- Update to pulseaudio 14.0:
see details in:
https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/14.0/
- Build with --enable-stream-restore-clear-old-devices:
This is a bit destructive option, it will clear the old PA routing
once when upgraded prior to 14.0, but it's required for GNOME
(see the release notes above). It should be a one-off action,
and hopefully wouldn't bother too much.
- Drop obsoleted patches:
0001-alsa-mixer-path-test-Hide-unused-functions-when-buil.patch
0002-alsa-mixer-recognize-the-Speaker-Jack-control.patch
0003-alsa-mixer-add-support-for-SteelSeries-Arctis-Pro-20.patch
0004-alsa-mixer-Add-support-for-SteelSeries-Arctis-5-2019.patch
0005-alsa-mixer-add-support-for-LucidSound-LS31-and-creat.patch
0006-alsa-ucm-use-ucm2-name-for-the-direct-card-index-ope.patch
0007-alsa-ucm-add-mixer-IDs-to-ucm_items.patch
0008-alsa-mixer-handle-the-index-for-ALSA-mixer-element-i.patch
0009-alsa-mixer-improve-alsa_id_decode-function.patch
0010-alsa-ucm-Support-Playback-CaptureVolume.patch
0011-alsa-ucm-Fix-volume-control-based-on-review.patch
0012-alsa-ucm-use-the-correct-mixer-identifiers-as-first.patch
0013-alsa-ucm-add-support-for-master-volume.patch
0014-alsa-ucm-split-correctly-JackHWMute-device-names.patch
0015-alsa-ucm-fix-parsing-for-JackControl.patch
0016-alsa-ucm-add-comments-to-ucm_get_mixer_id.patch
0017-alsa-ucm-validate-access-to-PA_DEVICE_PORT_DATA.patch
0018-alsa-Skip-resume-PCM-if-hardware-doesn-t-support-it.patch
0019-alsa-ucm-parse-correctly-the-device-values.patch
0020-alsa-ucm-do-not-try-to-use-UCM-device-name-as-jack-n.patch
0021-alsa-util-do-not-try-to-guess-the-mixer-name-from-th.patch
0022-alsa-ucm-add-control-and-mixer-device-items.patch
0023-alsa-ucm-get-the-mixer-names-from-ucm-don-t-guess.patch
0024-alsa-ucm-use-the-proper-mixer-name-for-ucm-pcm-sink-.patch
0025-alsa-mixer-handle-interface-type-CARD-PCM-for-mixer-.patch
0026-alsa-mixer-Add-the-ability-to-pass-the-intended-role.patch
0027-alsa-mixer-Set-the-intended-role-of-Steelseries-Arct.patch
0028-alsa-rewrite-mixer-open-close-cache-mixer-accesses-i.patch
0029-alsa-ucm-add-support-for-HDMI-ELD.patch
0030-alsa-mixer-do-the-quick-card-number-lookup-to-save-m.patch
0031-alsa-mixer-improve-check-for-the-empty-path-set-for-.patch
0032-alsa-ucm-allow-to-set-profile-priority-from-UCM-valu.patch
0033-alsa-Document-that-mixer-elements-can-be-identified-.patch
0034-alsa-ucm-correct-the-channel-default-logic-stereo.patch
0035-alsa-ucm-do-not-assign-JackHWMute-when-JackControl-i.patch
0036-ucm-Don-t-log-errors-during-normal-operation.patch
0037-alsa-handle-unavailbale-HW-volume-in-UCM.patch
0038-alsa-ucm-use-the-right-profile-name.patch
0039-ucm-fix-the-port-ucm-device-activation-on-boot.patch
0040-alsa-sink-source-fix-the-mixer-initialization.patch
==== python-psutil ====
Version update (5.7.2 -> 5.7.3)
- update to 5.7.3:
- 809_: [FreeBSD] add support for `Process.rlimit()`.
- 893_: [BSD] add support for `Process.environ()` (patch by Armin Gruner)
- 1830_: [UNIX] `net_if_stats()`'s `isup` also checks whether the NIC is
running (meaning Wi-Fi or ethernet cable is connected).
- 1837_: [Linux] improved battery detection and charge "secsleft" calculation
- 1620_: [Linux] physical cpu_count() result is incorrect on systems with more
than one CPU socket.
- 1738_: [macOS] Process.exe() may raise FileNotFoundError if process is still
alive but the exe file which launched it got deleted.
- 1791_: [macOS] fix missing include for getpagesize().
- 1823_: [Windows] Process.open_files() may cause a segfault due to a NULL
pointer.
- 1838_: [Linux] sensors_battery(): if `percent` can be determined but not
the remaining values, still return a result instead of None.
- skip-obs.patch, skip_failing_tests.patch: rediff
==== python-pytz ====
Version update (2020.1 -> 2020.4)
- update to 2020.4:
* update to IANA 2020d timezone release
==== python-requests ====
Version update (2.24.0 -> 2.25.0)
- update to 2.25.0:
* Added support for NETRC environment variable. (#5643)
* Requests now supports urllib3 v1.26.
* Requests v2.25.x will be the last release series with support for Python 3.5.
- refreshed requests-no-hardcoded-version.patch
==== sed ====
- prepare usrmerge (boo#1029961)
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit f6104ea5f554233e34b94ffd92da8332c3bd7d8f
617aed9236 scope: on unified, make sure to unwatch all PIDs once they've been moved to the cgroup scope
- Don't post-require systemd-default-settings-branding anymore
This is actually not needed now that the branding package issues a
PID1 reloading every times it's being updated.
- Import commit 49caf8e37aba04841e5493ccc25e7edab462d95b
f8f7286527 units: restore sysfs conditions in sys-fs-fuse-connections.mount and sys-kernel-config.mount
e9c7158dc7 units: wait until some fs modules are entirely loaded before mounting their corresponding filesystem (bsc#1178631)
ac7ddc4201 Revert "units: skip modprobe@.service if the unit appears to be already loaded"
17310a1d19 core: serialize u->pids until the processes have been moved to the scope cgroup (bsc#1174436)
1416965614 meson: add option to skip installing to $sysconfdir
f71a1ef5d0 systemctl: give a nice hint about org.freedesktop.LogControl1 when applicable
20a3f9fd95 systemctl: immediately reject invalid log levels
9f67d2e57b systemctl: merge log_target(), log_level(), service_log_setting()
ddf7cf4872 systemctl: add service-log-{level,target} verbs
026d7d156d systemctl: list unit introspection verbs first, modification second
- systemd-default-settings is needed by %post scriptlet
- Revert the change that dropped %{release} from the package version
constraints used in Requires:
The release number is actually relevant since it can be increased
when some patches, which might touch multiple sub-packages of
systemd, are added/modified.
However the %{release} is still no more used in conflicts.
==== systemd-default-settings ====
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- Fix typo introduced by the previous change (bsc#1179183)
==== systemsettings5 ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- Changes since 5.20.3:
* Also load category when opening startup module in icon mode (kde#429306)
==== tslib ====
Version update (1.16 -> 1.22)
- update to 1.22:
* fix ts_uinput build on 32 bit arch on newer kernels
* ts_uinput: fix building on FreeBSD
* various fixes for cmake builds
* improved documentation for systemd
* new filter plugin: module evthres
* ts_calibrate: close framebuffer after validation. add timeout option -s for it
* support for screen-rotation in ts_calibrate and linear module
* add experimental module_raw input_evdev that needs libevdev
* new ts_calibrate --min_interval option to avoid inaccurate calibration
* add ts_calibrate --validate functionality to verify the calibration
* add ts_conf_get() and ts_conf_set() API
==== xdg-desktop-portal-kde ====
Version update (5.20.3 -> 5.20.4)
- Update to 5.20.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma-5.20.4
- No code changes since 5.20.3
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-wayland
- U_Check-SetMap-request-length-carefully.patch
* XkbSetMap Out-Of-Bounds Access: Insufficient checks on the
lengths of the XkbSetMap request can lead to out of bounds
memory accesses in the X server. (ZDI-CAN 11572,
CVE-2020-14360, bsc#1174908)
- U_Fix-XkbSetDeviceInfo-and-SetDeviceIndicators-heap-ov.patch
* XkbSetDeviceInfo Heap-based Buffer Overflow: Insufficient
checks on input of the XkbSetDeviceInfo request can lead to a
buffer overflow on the head in the X server. (ZDI-CAN 11389,
CVE-2020-25712, bsc#1177596)
==== yast2 ====
Version update (4.3.44 -> 4.3.45)
- Yast::Arch add support to know if code is running in a PV Xen guest
(related to bsc#952253, bsc#1172742, and bsc#1179197).
- 4.3.45
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
audit-secondary
busybox-links
elfutils (0.181 -> 0.182)
kexec-tools
mozjs78 (78.4.0 -> 78.5.0)
open-iscsi
pam (1.5.0 -> 1.5.1)
python-psutil (5.7.2 -> 5.7.3)
python-pytz (2020.1 -> 2020.4)
python-requests (2.24.0 -> 2.25.0)
sed
systemd
systemd-default-settings
yast2 (4.3.44 -> 4.3.45)
=== Details ===
==== audit-secondary ====
Subpackages: audit python3-audit
- prepare usrmerge (boo#1029961)
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-sed
- Add conflicts: bridge-utils to busybox-iproute2: both packages
provide /usr/sbin/brctl.
==== elfutils ====
Version update (0.181 -> 0.182)
Subpackages: libasm1 libdw1 libelf1
- Mention elfutils-rpmlintrc as a Source.
- Add rpmlintrc for
libdebuginfod1-dummy.s390x: E: shlib-policy-name-error (Badness: 10000) libdebuginfod1
which is expected as libdebuginfod1 and it's dummy library do share equal
soname.
- Update to version 0.182:
backends: Support for tilegx has been removed.
config: New /etc/profile.d files to provide default $DEBUGINFOD_URLS.
debuginfod: More efficient package traversal, tolerate various errors
during scanning, grooming progress is more visible and
interruptible, more prometheus metrics.
debuginfod-client: Now supports compressed (kernel) ELF images.
libdwfl: Add ZSTD compression support.
- Creatu dummy subpackages that can be used for build of packages
that are in bootstrap cycle.
- Add Provides for real packages.
==== kexec-tools ====
- prepare usrmerge (boo#1029961)
==== mozjs78 ====
Version update (78.4.0 -> 78.5.0)
- Update to version 78.5.0esr.
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Updatged to latest upstream, including:
* iscsiadm: Optimize the the verification of mode paramters
* iscsid: Poll timeout value to 1 minute for iscsid
* iscsiadm: fix host stats mode coredump
* iscsid: fix logging level when starting and shutting down daemon
* Updated iscsiadm man page.
* Fix memory leak in sysfs_get_str
* libopeniscsiusr: Compare with max int instead of max long
- Systemd unit files should not depend on network.target (bsc#1179440),
updating:
* open-iscsi-SUSE-latest.diff.bz2
==== pam ====
Version update (1.5.0 -> 1.5.1)
- Update to 1.5.1
- pam_unix: fixed CVE-2020-27780 - authentication bypass when a user
doesn't exist and root password is blank [bsc#1179166]
- pam_faillock: added nodelay option to not set pam_fail_delay
- pam_wheel: use pam_modutil_user_in_group to check for the group membership
with getgrouplist where it is available
==== python-psutil ====
Version update (5.7.2 -> 5.7.3)
- update to 5.7.3:
- 809_: [FreeBSD] add support for `Process.rlimit()`.
- 893_: [BSD] add support for `Process.environ()` (patch by Armin Gruner)
- 1830_: [UNIX] `net_if_stats()`'s `isup` also checks whether the NIC is
running (meaning Wi-Fi or ethernet cable is connected).
- 1837_: [Linux] improved battery detection and charge "secsleft" calculation
- 1620_: [Linux] physical cpu_count() result is incorrect on systems with more
than one CPU socket.
- 1738_: [macOS] Process.exe() may raise FileNotFoundError if process is still
alive but the exe file which launched it got deleted.
- 1791_: [macOS] fix missing include for getpagesize().
- 1823_: [Windows] Process.open_files() may cause a segfault due to a NULL
pointer.
- 1838_: [Linux] sensors_battery(): if `percent` can be determined but not
the remaining values, still return a result instead of None.
- skip-obs.patch, skip_failing_tests.patch: rediff
==== python-pytz ====
Version update (2020.1 -> 2020.4)
- update to 2020.4:
* update to IANA 2020d timezone release
==== python-requests ====
Version update (2.24.0 -> 2.25.0)
- update to 2.25.0:
* Added support for NETRC environment variable. (#5643)
* Requests now supports urllib3 v1.26.
* Requests v2.25.x will be the last release series with support for Python 3.5.
- refreshed requests-no-hardcoded-version.patch
==== sed ====
- prepare usrmerge (boo#1029961)
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit f6104ea5f554233e34b94ffd92da8332c3bd7d8f
617aed9236 scope: on unified, make sure to unwatch all PIDs once they've been moved to the cgroup scope
- Don't post-require systemd-default-settings-branding anymore
This is actually not needed now that the branding package issues a
PID1 reloading every times it's being updated.
- Import commit 49caf8e37aba04841e5493ccc25e7edab462d95b
f8f7286527 units: restore sysfs conditions in sys-fs-fuse-connections.mount and sys-kernel-config.mount
e9c7158dc7 units: wait until some fs modules are entirely loaded before mounting their corresponding filesystem (bsc#1178631)
ac7ddc4201 Revert "units: skip modprobe@.service if the unit appears to be already loaded"
17310a1d19 core: serialize u->pids until the processes have been moved to the scope cgroup (bsc#1174436)
1416965614 meson: add option to skip installing to $sysconfdir
f71a1ef5d0 systemctl: give a nice hint about org.freedesktop.LogControl1 when applicable
20a3f9fd95 systemctl: immediately reject invalid log levels
9f67d2e57b systemctl: merge log_target(), log_level(), service_log_setting()
ddf7cf4872 systemctl: add service-log-{level,target} verbs
026d7d156d systemctl: list unit introspection verbs first, modification second
- systemd-default-settings is needed by %post scriptlet
- Revert the change that dropped %{release} from the package version
constraints used in Requires:
The release number is actually relevant since it can be increased
when some patches, which might touch multiple sub-packages of
systemd, are added/modified.
However the %{release} is still no more used in conflicts.
==== systemd-default-settings ====
Subpackages: systemd-default-settings-branding-SLE systemd-default-settings-branding-openSUSE
- Fix typo introduced by the previous change (bsc#1179183)
==== yast2 ====
Version update (4.3.44 -> 4.3.45)
- Yast::Arch add support to know if code is running in a PV Xen guest
(related to bsc#952253, bsc#1172742, and bsc#1179197).
- 4.3.45
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
gnome-tweaks
libmodulemd (2.9.4 -> 2.10.0)
=== Details ===
==== gnome-tweaks ====
- Add gnome-tweaks-port-libhandy-1.patch: Port to using new handy.
==== libmodulemd ====
Version update (2.9.4 -> 2.10.0)
- Update to 2.10.0
+ Add modulemd-obsoletes
+ Add modulemd v3 format
- Fix build for 32-bit architectures with patch from upstream
+ Patch: 0001-Fix-integer-size-issue-on-32-bit-platforms.patch
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
haproxy (2.3.0+git4.689d98154 -> 2.3.2+git0.d522db763)
=== Details ===
==== haproxy ====
Version update (2.3.0+git4.689d98154 -> 2.3.2+git0.d522db763)
- Update to version 2.3.2+git0.d522db763:
* [RELEASE] Released version 2.3.2
* BUG/MINOR: http-fetch: Fix smp_fetch_body() when called from a health-check
* DOC: config: Move req.hdrs and req.hdrs_bin in L7 samples fetches section
* BUG/MAJOR: tcpcheck: Allocate input and output buffers from the buffer pool
* MINOR: tcpcheck: Don't handle anymore in-progress send rules in tcpcheck_main
* BUG/MINOR: tcpcheck: Don't forget to reset tcp-check flags on new kind of check
* DOC: Clarify %HP description in log-format
* DOC: better document the config file format and escaping/quoting rules
* BUG/MAJOR: peers: fix partial message decoding
* BUG/MEDIUM: http_act: Restore init of log-format list
* BUILD: Show the value of DEBUG= in haproxy -vv
* BUILD: Make DEBUG part of .build_opts
* MINOR: http_act: Add -m flag for del-header name matching method
* REGTESTS: converter: add url_dec test
* REGTESTS: Add sample_fetches/cook.vtc
* DOC: cache: Add new caching limitation information
* MEDIUM: cache: Change caching conditions
* BUG/MAJOR: filters: Always keep all offsets up to date during data filtering
* DOC: better describes how to configure a fallback crt
* BUG/MINOR: http_htx: Fix searching headers by substring
* BUG/MAJOR: connection: reset conn->owner when detaching from session list
* CLEANUP: connection: do not use conn->owner when the session is known
* DOC: clarify how to create a fallback crt
* BUILD: makefile: enable crypt(3) for OpenBSD
* BUG/MEDIUM: ssl/crt-list: fix error when no file found
* BUG/MINOR: ssl/crt-list: load bundle in crt-list only if activated
* BUG/MEDIUM: ssl: error when no certificate are found
* BUG/MEDIUM: ssl/crt-list: bundle support broken in crt-list
* BUG/MEDIUM: http-ana: Don't eval http-after-response ruleset on empty messages
* BUG/MINOR: ssl: segv on startup when AKID but no keyid
* DOC: add missing 3.10 in the summary
* BUG/MINOR: http-ana: Don't wait for the body of CONNECT requests
* BUG/MEDIUM: filters: Forward all filtered data at the end of http filtering
* CLEANUP: cfgparse: remove duplicate registration for transparent build options
* BUILD: http-htx: fix build warning regarding long type in printf
- Update to version 2.3.1+git0.bdd7178b8:
* [RELEASE] Released version 2.3.1
* REGTEST: make ssl_client_samples and ssl_server_samples require to 2.2
* MINOR: peers: Add traces to peer_treat_updatemsg().
* REGTEST: ssl: mark reg-tests/ssl/ssl_crt-list_filters.vtc as broken
* REGTEST: ssl: test wildcard and multi-type + exclusions
* MINOR: cfgparse: tighten the scope of newnameserver variable, free it on error.
* MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status
* MINOR: init: Fix the prototype for per-thread free callbacks
* BUG/MINOR: tcpcheck: Don't warn on unused rules if check option is after
* MINOR: spoe: Don't close connection in sync mode on processing timeout
* BUG/MAJOR: spoe: Be sure to remove all references on a released spoe applet
* BUG/MINOR: http-htx: Handle warnings when parsing http-error and http-errors
* MINOR: check: report error on incompatible connect proto
* MINOR: check: report error on incompatible proto
* BUG/MEDIUM: check: reuse srv proto only if using same mode
* BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches
* BUG/MINOR: http-fetch: Extract cookie value even when no cookie name
* BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages
* BUG/MINOR: peers: Missing TX cache entries reset.
* BUG/MINOR: peers: Do not ignore a protocol error for dictionary entries.
* BUG/MINOR: stats: free dynamically stats fields/lines on shutdown
* BUG/MINOR: lua: set buffer size during map lookups
* BUG/MINOR: pattern: a sample marked as const could be written
1
0