openSUSE Kubic
Threads by month
- ----- 2024 -----
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
February 2020
- 4 participants
- 39 discussions
25 Feb '20
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
aaa_base (84.87+git20200206.ed897a1 -> 84.87+git20200207.27e2c61)
bash
btrfsprogs (5.4 -> 5.4.1)
c-ares (1.15.0+20191108 -> 1.15.0+20200117)
chrony
cloud-init
conmon
coreutils
cryptsetup (2.1.0 -> 2.3.0)
curl
elfutils (0.177 -> 0.178)
glib2 (2.62.4 -> 2.62.5)
glibc (2.30 -> 2.31)
gpg2
grep (3.3 -> 3.4)
grub2
installation-images-MicroOS (14.454 -> 14.456)
iproute2 (5.4 -> 5.5.0)
issue-generator (1.7 -> 1.8)
kernel-firmware (20200122 -> 20200207)
kexec-tools
libcap (2.25 -> 2.32)
libeconf (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
libssh
libtirpc
libxcrypt (4.4.10 -> 4.4.12)
libzypp (17.22.0 -> 17.22.1)
microos-tools (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
mozilla-nss (3.48 -> 3.49.2)
nano (4.7 -> 4.8)
ncurses (6.1 -> 6.2)
open-lldp
openssh
patterns-microos
permissions (1550_20191205 -> 1550_20200213)
podman (1.7.0 -> 1.8.0)
popt
python-decorator (4.4.0 -> 4.4.1)
python-packaging (19.2 -> 20.1)
python-pyOpenSSL (19.0.0 -> 19.1.0)
python-pyparsing (2.4.5 -> 2.4.6)
python-urllib3 (1.25.6 -> 1.25.8)
readline
rpm-config-SUSE (0.g45 -> 0.g52)
sudo (1.8.28p1 -> 1.8.31)
system-users
systemd
tallow (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
tar
toolbox (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
=== Details ===
==== aaa_base ====
Version update (84.87+git20200206.ed897a1 -> 84.87+git20200207.27e2c61)
- Update to version 84.87+git20200207.27e2c61:
* change rp_filter to 2 to follow the current default (bsc#1160735)
==== bash ====
- Add official patch bash50-012
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch bash50-013
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch bash50-014
If the current line is empty, using the emacs C-xC-e binding to enter the
editor will edit the previous command instead of the current (empty) one.
- Add official patch bash50-015
If alias expansion is enabled when processing the command argument to the
`-c' option, an alias is defined in that command, and the command ends with
the invocation of that alias, the shell's command parser can prematurely
terminate before the entire command is executed.
- Add official patch bash50-016
Bash waits too long to reap /dev/fd process substitutions used as redirections
with loops and group commands, which can lead to file descriptor exhaustion.
==== btrfsprogs ====
Version update (5.4 -> 5.4.1)
Subpackages: btrfsprogs-udev-rules libbtrfs0
- Update to 5.4.1
* build: fix docbook5 build
* check: do extra verification of extent items, inode items and chunks
* qgroup: return ENOTCONN if quotas not running (needs updated kernel)
* other: various test fixups
==== c-ares ====
Version update (1.15.0+20191108 -> 1.15.0+20200117)
- Upgrade to latest snapshot from 2020-01-17
- disable-live-tests.patch: refreshed
- regression.patch: fix a regression in DNS results that contain
both A and AAAA answers.
- Add netcfg as the build requirement and runtime requirement.
ares_getaddrinfo function uses the getservbyport_r function which
requires the /etc/services file to function properly. That config
file is provided by the netcfg package. Unit tests rely on it
too, hence it has to be a build dependency as well.
- Switch to cmake-based build.
Some packages need the cmake build files.
==== chrony ====
- Add chrony-test-update-processing-of-packet-log.patch in order
to fix test-suite failure.
- Update clknetsim to version 79ffe44 (fixes boo#1162964).
- Backport chrony-test-fix-util-unit-test-for-NTP-era-split.patch.
==== cloud-init ====
- Add cloud-init-long-pass.patch (bsc#1162936, CVE-2020-8632)
+ Increase the default length of generated passwords
- Add cloud-init-use-different-random-src.diff (bsc#1162937, CVE-2020-8631)
+ Use non-deterministic generator for password generation.
- Update cloud-init-write-routes.patch (bsc#1163178)
+ Entries in the routes definition have changed causing a traceback
during rout config file writing. This patch update addresses the
issue by extracting the new entries properly.
==== conmon ====
- Update to v2.0.10 (bsc#1160460, bsc#1164390, jsc#ECO-1048,
jsc#SLE-11485, jsc#SLE-11331):
- journal logging: write to /dev/null instead of -1
- Add TimedOutMessage to config to share with go code
- Fix format string to limit the size of the string to 10
characters
- Persist oom files on cgroup v2
- Revert the check for the OOM counter on cgroups v1 before
writing OOM file
- Add --persist-dir flag to allow important container files to be
written to a persistent directory
- Check OOM counter on cgroups v1 before writing OOM file
- Use splice(2) to copy from stdin
- Kill the process group on timeout
- Add --persist-dir to allow callers to specify a directory that
conmon should mirror certain important files that should persist
reboots (right now, just the container exit file)
- Fix tight loop on OOM
- Add log level trace
- Separate handling of log reopen events and terminal resize events
- Add CONN_SOCK_BUF_SIZE to config
- Fix bug to close the sync pipe before exit command
- Set masterfd_stdout before registering ctrl_cb
- Upstream has an actual description, use it instead of just
duplicating the summary again.
- Use `%make_build` macro instead of `%{__make}`
- Use `%make_install` macro instead of `%{__make} install`
- Use `%{_bindir}` macro instead of `%{_usr}/bin`
- Change `PREFIX` to not contain `%{buildroot}` and use the
`$DESTDIR` variable
- Initial release v2.0.0
==== coreutils ====
- disable single and testsuite builds in rings/staging
- remove duplicate "coreutils" in flavor to make it look nicer in OBS
- minor: remove obsolete comment in spec file.
- switch to multibuild
- add coreutils-single subpackage that contains a single binary coreutils tool
similar to busybox
- package LC_CTIME directories also in lang package
- split off doc package
- remove info macros, handled by file trigger nowadays
==== cryptsetup ====
Version update (2.1.0 -> 2.3.0)
Subpackages: libcryptsetup12
- Update to 2.3.0 (include release notes for 2.2.0)
* BITLK (Windows BitLocker compatible) device access
* Veritysetup now supports activation with additional PKCS7 signature
of root hash through --root-hash-signature option.
* Integritysetup now calculates hash integrity size according to algorithm
instead of requiring an explicit tag size.
* Integritysetup now supports fixed padding for dm-integrity devices.
* A lot of fixes to online LUKS2 reecryption.
* Add crypt_resume_by_volume_key() function to libcryptsetup.
If a user has a volume key available, the LUKS device can be resumed
directly using the provided volume key.
No keyslot derivation is needed, only the key digest is checked.
* Implement active device suspend info.
Add CRYPT_ACTIVATE_SUSPENDED bit to crypt_get_active_device() flags
that informs the caller that device is suspended (luksSuspend).
* Allow --test-passphrase for a detached header.
Before this fix, we required a data device specified on the command
line even though it was not necessary for the passphrase check.
* Allow --key-file option in legacy offline encryption.
The option was ignored for LUKS1 encryption initialization.
* Export memory safe functions.
To make developing of some extensions simpler, we now export
functions to handle memory with proper wipe on deallocation.
* Fail crypt_keyslot_get_pbkdf for inactive LUKS1 keyslot.
* Add optional global serialization lock for memory hard PBKDF.
* Abort conversion to LUKS1 with incompatible sector size that is
not supported in LUKS1.
* Report error (-ENOENT) if no LUKS keyslots are available. User can now
distinguish between a wrong passphrase and no keyslot available.
* Fix a possible segfault in detached header handling (double free).
* Add integritysetup support for bitmap mode introduced in Linux kernel 5.2.
* The libcryptsetup now keeps all file descriptors to underlying device
open during the whole lifetime of crypt device context to avoid excessive
scanning in udev (udev run scan on every descriptor close).
* The luksDump command now prints more info for reencryption keyslot
(when a device is in-reencryption).
* New --device-size parameter is supported for LUKS2 reencryption.
* New --resume-only parameter is supported for LUKS2 reencryption.
* The repair command now tries LUKS2 reencryption recovery if needed.
* If reencryption device is a file image, an interactive dialog now
asks if reencryption should be run safely in offline mode
(if autodetection of active devices failed).
* Fix activation through a token where dm-crypt volume key was not
set through keyring (but using old device-mapper table parameter mode).
* Online reencryption can now retain all keyslots (if all passphrases
are provided). Note that keyslot numbers will change in this case.
* Allow volume key file to be used if no LUKS2 keyslots are present.
* Print a warning if online reencrypt is called over LUKS1 (not supported).
* Fix TCRYPT KDF failure in FIPS mode.
* Remove FIPS mode restriction for crypt_volume_key_get.
* Reduce keyslots area size in luksFormat when the header device is too small.
* Make resize action accept --device-size parameter (supports units suffix).
==== curl ====
Subpackages: libcurl4
- Eliminate curl-mini: The reason for this to exist was that cmake
pulled in curl into too many places, causing build cycles. A new
cmake-mini was generated, eliminating that need.
==== elfutils ====
Version update (0.177 -> 0.178)
Subpackages: libasm1 libdw1 libelf1
- Re-add libelf1 to baselibs.conf: we still generate a
libelf-devel-32bit, which is only installable if libelf1-21bit
also exists.
- Exclude debuginfod sub-packages and move them to elfutils-debuginfod.
- Avoid double-shipping libdebuginfo.so.1 in two different
subpackages. Fixup RPM group.
- Split libdebuginfod1 into libdebuginfod1 and debuginfod-client.
Add Requires for these packages.
- Rename debuginfod-client package to libdebuginfod1 in
order to fulfil SLPP violation.
- Fix variable references in specfile
- Use %fillupdir macros for proper sysconfig export.
- Update to version 0.178:
debuginfod: New server, client tool and library to index and fetch
ELF/DWARF files addressed by build-id through HTTP.
doc: There are now some manual pages for functions and tools.
backends: The libebl libraries are no longer dynamically loaded through
dlopen, but are now compiled into libdw.so directly.
readelf: -n, --notes now takes an optional "SECTION" argument.
- p and -x now also handle section numbers.
New option --dyn-sym to show just the dynamic symbol table.
libcpu: Add RISC-V disassembler.
libdw: Abbrevs and DIEs can now be read concurrently by multiple
threads through the same Dwarf handle.
libdwfl: Will try to use debuginfod when installed as fallback to
retrieve ELF and DWARF debug data files by build-id.
- remove dwelf_elf_e_machine_string.patch.
- remove unused libebl-plugins and libebl-devel subpackages
- new subpackages debuginfod-client, debuginfod-client-devel and
debuginfod added
- main package binaries are explicitely listed and man pages
for the binaries are included
- Add remove-run-large-elf-file.sh.patch in order to remove
running run-large-elf-file.sh (it hit OOM).
==== glib2 ====
Version update (2.62.4 -> 2.62.5)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0
- Update to version 2.62.5:
+ Fix potential relative read when calling g_printerr(), which
could lead to a denial of service from a setuid-root process
being used to block access to the TTY for another user.
+ Fix SOCKS proxy resolver sometimes not being used when
resolving addresses via Happy Eyeballs (CVE-2020-6750).
+ Several other Happy Eyeballs fixes for address resolution.
+ Fix parsing of full Julian day range from `$TZ` environment
variable.
+ Several race condition/crash fixes.
+ Bugs fixed: glgo#GNOME/GLib#1919, glgo#GNOME/GLib#1995,
glgo#GNOME/GLib#1999, glgo#GNOME/GLib!1323,
glgo#GNOME/GLib!1331, glgo#GNOME/GLib!1352,
glgo#GNOME/GLib!1361, glgo#GNOME/GLib!1365,
glgo#GNOME/GLib!1370, glgo#GNOME/GLib!1371.
+ Updated translations.
- No longer recommend -lang: supplements are in use
==== glibc ====
Version update (2.30 -> 2.31)
Subpackages: glibc-locale glibc-locale-base
- nsswitch.conf: comment out initgroups setting, so that it defaults to
the group setting (bsc#1164075)
- fix-locking-in-_IO_cleanup.patch: update to latest version
- Update to glibc 2.31
* The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to
enable features from the draft ISO C2X standard
* The <math.h> functions that round their results to a narrower type now
have corresponding type-generic macros in <tgmath.h>
* The function pthread_clockjoin_np has been added, enabling join with a
terminated thread with a specific clock
* New locale added: mnw_MM (Mon language spoken in Myanmar).
* The DNS stub resolver will optionally send the AD (authenticated data) bit
in queries if the trust-ad option is set via the options directive in
/etc/resolv.conf (or if RES_TRUSTAD is set in _res.options)
* The totalorder and totalordermag functions, and the corresponding
functions for other floating-point types, now take pointer arguments to
avoid signaling NaNs possibly being converted to quiet NaNs in argument
passing
* The obsolete function stime is no longer available to newly linked
binaries, and its declaration has been removed from <time.h>
* The gettimeofday function no longer reports information about a
system-wide time zone
* If a lazy binding failure happens during dlopen, during the execution of
an ELF constructor, the process is now terminated
- malloc-info-whitespace.patch, riscv-vfork.patch,
prefer-map-32bit-exec.patch, backtrace-powerpc.patch,
ldconfig-dynstr.patch: Removed.
- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC
(bsc#1158996, BZ #25423)
- Drop support for pluggable gconv modules (bsc#1159851)
==== gpg2 ====
- Fix build with GCC-10: [bsc#1160394]
* Always use EXTERN_UNLESS_MAIN_MODULE pattern
* In GCC-10, the default option -fcommon will change to -fno-common
- Add gpg2-gcc10-build-fno-common.patch
==== grep ====
Version update (3.3 -> 3.4)
- Switch back to system regex to avoid undefined behaviour
- grep 3.4:
* new --no-ignore-case option causes grep to observe case
distinctions, overriding any previous -i (--ignore-case) option
* '.' no longer matches some invalid byte sequences in UTF-8 locales
* grep -Fw can no longer false match in non-UTF-8 multibyte locales
* The exit status of 'grep -L' is no longer incorrect when standard
output is /dev/null
* fix some performance bugs
- drop test-pcre-jitstack.diff
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix grub hangs after loading rogue image without valid signature for uefi
secure boot (bsc#1159102)
* grub2-verifiers-fix-system-freeze-if-verify-failed.patch
- From Stefan Seyfried <seife(a)novell.slipkontur.de> : Fix grub2-install fails
with "not a directory" error (boo#1161641, bsc#1162403)
* grub2-install-fix-not-a-directory-error.patch
==== installation-images-MicroOS ====
Version update (14.454 -> 14.456)
- merge gh#openSUSE/installation-images#357
- move gconv files into initrd (bsc#1161701)
- netcfg has moved files to /usr/etc
- 14.456
- merge gh#openSUSE/installation-images#356
- remove explicit dependency on openssl package
- mount /proc in chroot environment during image build (bsc#1160594)
- fix package version comparing
- 14.455
==== iproute2 ====
Version update (5.4 -> 5.5.0)
- Update to new upstream version 5.5
* bridge: support fdb get
* devlink: command line option to switch netns
* devlink: all changing netns on reload
* devlink: new timestamp format for health report dump
* ip: support for alternative device names
* ip link: support to get SR-IOV VF node GUID and port GUID
* ip neigh: support get
* rdma: relax requirement to have PID for HW objects
* rdma: stat show mr
* ss: allow dumping kTLS info
* tc: support action flags
* tc flower: support masked port destination and source match
* tc pie: add dq_rate_estimator option
* tipc: new commands to set TIPC AEAD key
* more json support
- drop patches obsoleted by version upgrade:
* ss-fix-end-of-line-printing-in-misc-ss.c.patch
* no-double-definitions.patch
* Revert-emp-fix-warning-on-deprecated-bison-directive.patch
* Revert-tc-ematch-fix-deprecated-yacc-warning.patch
- refresh
* split-link-and-compile-steps-for-binaries.patch
==== issue-generator ====
Version update (1.7 -> 1.8)
- Update to version 1.8
- Handle network interface renames
==== kernel-firmware ====
Version update (20200122 -> 20200207)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20200207 (git commit 6f89735800fe):
* rtl_nic: update firmware for RTL8153A
* rtl_bt: Update RTL8822C BT FW to V0x0998_C2B4
* linux-firmware: add firmware for MT7622
* linux-firmware: add version 2 for MT7615E
* amdgpu: update to latest navi10 firmware from 19.50
* Revert "radeon: update oland rlc microcode from amdgpu"
* amlogic: update video decoder firmwares
* amdgpu: add renoir firmware for 19.50
* amdgpu: update raven2 firmware for 19.50
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.12.A.13
* qca: update bluetooth firmware for QCA6174
- Update topics and alias list
==== kexec-tools ====
- Fix build errors on old distributions
* kexec-tools-video-capability.patch
* kexec-tools-SYS_getrandom.patch
==== libcap ====
Version update (2.25 -> 2.32)
- Update to version 2.32:
* Bug fix for fakeroot incompatibility (boo#1162014)
* Slight perf improvement for cap_get_bound().
* C++ support for psx header inclusion.
* Some new testing features for capsh
- Update to version 2.31:
* primarily a documentation update
* fix libpam.pc to not require libpsx.pc
* changed the text format of the default output of getpcap
- Build using -ffat-lto-objects for static library
- Update to version 2.30:
* BUGFIX: arm and i386 fixes C and Go setgroups choice - used
wrong syscall in 2.29.
* cleaned up make clean and make install to actually work as
intended
* updated Gentoo libpsx.pc file from Lars Wendler
* refactored the way libpsx linkage with libcap performed mutual
discovery.
* Previously (2.28) libpsx had an API call overridden by libcap
using weak linkage function in libpsx. In 2.30 this is reversed,
namely libpsx provides the stronger function and libcap has a
weak "no-op" version.
* a bit more consistency in handling the 'all' sets in libcap
(C) and libcap/cap (Go). Namely, they both dynamically discover
the number of capabilities named by the kernel and use this as
the definition of 'all' for the current runtime.
+ libcap (C) exports cap_max_bit() to export the number of
supported capabilities
+ libcap/cap (Go) exports cap.MaxBits() for this same value.
- For changes for older releases see:
* https://sites.google.com/site/fullycapable/release-notes-for-libcap
- Add glibc-static-devel as build requirement as tests need it
- Install libpsx.a as it seems to be needed in some cases:
* https://bugs.gentoo.org/703912
==== libeconf ====
Version update (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
- Update to version 0.3.5+git20200203.3144b69:
* Release version 0.3.5
* Use float.h instead of obsolete gnuism values.h
* Remove gnuism (strdupa)
* Check for empty value (NULL pointer) before calling strdup.
- Update to version 0.3.4+git20200121.febebf2:
* Release version 0.3.4
* Fix buffer overflow in econf_readDirs
* Fix parsing of quoted strings, and values starting with delimiters
* tests: add test for quoted strings
* tests: tst-configdirs5: fix config dir paths
==== libssh ====
Subpackages: libssh-config libssh4
- Drop the hack to pull curl-mini: we moved the split a bit higher
up and now have a non-curl linked variant of cmake in
openSUSE:Factory.
==== libtirpc ====
Subpackages: libtirpc-netconfig libtirpc3
- Backport upstream fix daed7ee ("Avoid multiple-definiton with gcc -fno-common")
to fix build error with gcc flag -fno-common (bsc#1160875).
Tested on gcc-9 and gcc-10.
0001-Avoid-multiple-definiton-with-gcc-fno-common.patch
- Skip unneeded autogen.sh run (configure is up-to-date), drop
dependencies: libtool, autoconf
- Replace krb5-mini-devel/krb5-devel with pkgconfig(krb5)
==== libxcrypt ====
Version update (4.4.10 -> 4.4.12)
- Update to version 4.4.12
* Another fix for GCC v10.x, which occurs on s390 architectures only.
- Update to version 4.4.11
* Fixes for GCC v10.x
* Change how the known-answer tests are parallelized
- gcc10.patch: remove
==== libzypp ====
Version update (17.22.0 -> 17.22.1)
- update translations
- Replace mongoose/webrick with nginx in test suite.
This patch makes use of nginx to replace the current WebServer
mongoose implementation. Also adds support for registering
callback functions for certain URL requests via FCGI, making it
possible to mock HTTP responses and test more complex HTTP setups.
- boost: Fix deprecated auto_unit_test.hpp includes.
- Disable zchunk on Leap-15.0 and SLE15-* while there is no libzck.
- Fix decision whether to download ZCHUNK files.
libzypp and libsolv must both be able to read the format.
- version 17.22.1 (22)
==== microos-tools ====
Version update (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
- Update to version 1.0+git20200214.c7654a7:
* Remove btrfsQuota, snapper list provides now the same informations
* Adjust README.md
==== mozilla-nss ====
Version update (3.48 -> 3.49.2)
- update to NSS 3.49.2
Fixed bugs:
* Fix compilation problems with NEON-specific code in freebl
(bmo#1608327)
* Fix a taskcluster issue with Python 2 / Python 3 (bmo#1608895)
- update to NSS 3.49.1
3.49.1
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49.1_re…
* Cache the most recent PBKDF2 password hash, to speed up repeated
SDR operations, important with the increased KDF iteration counts (bmo#1606992)
3.49
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_rele…
* The legacy DBM database, libnssdbm, is no longer built by default
when using gyp builds (bmo#1594933)
* several bugfixes
==== nano ====
Version update (4.7 -> 4.8)
- update to 4.8:
* When something is pasted into nano, suppress auto-indentation
* paste can be undone as a whole with a single M-U
* Improve handling of lock files on start-up
* Shift+Meta+letter key combos can be bound with 'bind Sh-M-letter'
* A custom nanorc file can be specified on the command line, with
- f filename or --rcfile=filename
==== ncurses ====
Version update (6.1 -> 6.2)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Add ncurses patch 20200215
+ improve manual page for panel library, extending the portability
section as well as documenting error-returns.
+ show tic's version when installing terminal database in run_tic.sh
+ correct check for gcc vs other compilers used in ncurses 6.0, from
FreeBSD patch by Kyle Evans (cf: 20150725).
+ add notes for 6.2 to INSTALL.
- Update to ncurses 6.2 (patch 20200212)
* Add 20200212 6.2 release for upload to ftp.gnu.org
+ update release notes
+ minor build-fixes, mostly to test-package scripts
* Add ncurses patch20200208
+ modify check for sizeof(wchar_t) to ensure it gives useful result
when cross-compiling.
+ drop assumption in configure script that Cygwin's linker is broken.
+ define NCURSES_BROKEN_LINKER if the broken-linker feature is used,
to simplify configure-checks for ncurses-examples.
* Add ncurses patch20200202
+ reassert copyright on ncurses, per discussion in ncurses FAQ:
https://invisible-island.net/ncurses/ncurses.faq.html#relicensed
* Add ncurses patch20200201
+ modify comparison in make_hash.c to correct a special case in
collision handling for Caps-hpux11
+ add testing utility report_hashing to check hash-tables used for
terminfo and termcap names.
+ fix a missing prototype for _nc_free_and_exit().
+ update a few comments about tack 1.07
+ use an awk script to split too-long pathnames used in Ada95 sample
programs for explain.txt
- Update to tack 1.9 (patch 20200202)
* Update copyright and license. Also, portability fixes.
- Adopt patch ncurses-5.7-tack.dif
- Adopt patch ncurses-6.1.dif which is now ncurses-6.2.dif
- Add ncurses patch 20200118
+ expanded description of XM in user_caps.5
+ improve xm example for xterm+x11mouse, xterm+sm+1006 -TD
+ add history section to curs_slk.3x and curs_terminfo.3x manpages.
+ update alacritty entries for 0.4.0 (prompted by patch by
Christian Durr) -TD
+ correct spelling errors found with codespell.
+ fix for test/configure, from xterm #352.
- Add ncurses patch 20200111
+ improve configure macros which check for the X11/Intrinsic.h header,
to accommodate recent MacOS changes.
+ suppress gcc's -Winline warning; it has not been useful for some time
+ update config.guess, config.sub
==== open-lldp ====
Subpackages: liblldp_clif1
- BuildRequire pkgconfig(systemd) instead of systemd directly:
allow OBS to shortcut through the -mini flavors.
==== openssh ====
- Add patches to fix the sandbox blocking glibc on 32bit platforms
(boo#1164061):
* openssh-8.1p1-seccomp-clock_nanosleep_time64.patch
* openssh-8.1p1-seccomp-clock_gettime64.patch
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap
- Move fcoe-utils and irqbalance to hardware pattern, not useful
on guest install.
- Introduce MicroOS Desktop patterns [boo#1163453]
==== permissions ====
Version update (1550_20191205 -> 1550_20200213)
Subpackages: chkstat permissions-config
- Update to version 20200213:
* remove obsolete/broken entries for rcp/rsh/rlogin
* chkstat: handle symlinks in final path elements correctly
* Revert "Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)""
* Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)"
- Update to version 20200204:
* mariadb: settings for new auth_pam_tool (bsc#1160285)
* chkstat:
- add read-only fallback when /proc is not mounted (bsc#1160764)
- capability handling fixes (bsc#1161779)
- better error message when refusing to fix dir perms (#32)
- Update to version 20200127:
* fix paths of ksysguard whitelisting
* fix zero-termination of error message for overly long paths
==== podman ====
Version update (1.7.0 -> 1.8.0)
Subpackages: podman-cni-config
- Remove: 0001-clarify-container-prune-force.patch because it's now
included in the release
- Update podman to v1.8.0:
* Features
- The podman system service command has been added, providing a
preview of Podman's new Docker-compatible API. This API is
still very new, and not yet ready for production use, but is
available for early testing
- Rootless Podman now uses Rootlesskit for port forwarding,
which should greatly improve performance and capabilities
- The podman untag command has been added to remove tags from
images without deleting them
- The podman inspect command on images now displays previous
names they used
- The podman generate systemd command now supports a --new
option to generate service files that create and run new
containers instead of managing existing containers
- Support for --log-opt tag= to set logging tags has been added
to the journald log driver
- Added support for using Seccomp profiles embedded in images
for podman run and podman create via the new --seccomp-policy
CLI flag
- The podman play kube command now honors pull policy
* Bugfixes
- Fixed a bug where the podman cp command would not copy the
contents of directories when paths ending in /. were given
- Fixed a bug where the podman play kube command did not
properly locate Seccomp profiles specified relative to
localhost
- Fixed a bug where the podman info command for remote Podman
did not show registry information
- Fixed a bug where the podman exec command did not support
having input piped into it
- Fixed a bug where the podman cp command with rootless Podman
on CGroups v2 systems did not properly determine if the
container could be paused while copying
- Fixed a bug where the podman container prune --force command
could possible remove running containers if they were started
while the command was running
- Fixed a bug where Podman, when run as root, would not
properly configure slirp4netns networking when requested
- Fixed a bug where podman run --userns=keep-id did not work
when the user had a UID over 65535
- Fixed a bug where rootless podman run and podman create with
the --userns=keep-id option could change permissions on
/run/user/$UID and break KDE
- Fixed a bug where rootless Podman could not be run in a
systemd service on systems using CGroups v2
- Fixed a bug where podman inspect would show CPUShares as 0,
instead of the default (1024), when it was not explicitly set
- Fixed a bug where podman-remote push would segfault
- Fixed a bug where image healthchecks were not shown in the
output of podman inspect
- Fixed a bug where named volumes created with containers from
pre-1.6.3 releases of Podman would be autoremoved with their
containers if the --rm flag was given, even if they were
given names
- Fixed a bug where podman history was not computing image
sizes correctly
- Fixed a bug where Podman would not error on invalid values to
the --sort flag to podman images
- Fixed a bug where providing a name for the image made by
podman commit was mandatory, not optional as it should be
- Fixed a bug where the remote Podman client would append an
extra " to %PATH
- Fixed a bug where the podman build command would sometimes
ignore the -f option and build the wrong Containerfile
- Fixed a bug where the podman ps --filter command would only
filter running containers, instead of all containers, if
- -all was not passed
- Fixed a bug where the podman load command on compressed
images would leave an extra copy on disk
- Fixed a bug where the podman restart command would not
properly clean up the network, causing it to function
differently from podman stop; podman start
- Fixed a bug where setting the --memory-swap flag to podman
create and podman run to -1 (to indicate unlimited) was not
supported
* Misc
- Initial work on version 2 of the Podman remote API has been
merged, but is still in an alpha state and not ready for use.
Read more here
- Many formatting corrections have been made to the manpages
- The changes to address (#5009) may cause anonymous volumes
created by Podman versions 1.6.3 to 1.7.0 to not be removed
when their container is removed
- Updated vendored Buildah to v1.13.1
- Updated vendored containers/storage to v1.15.8
- Updated vendored containers/image to v5.2.0
==== popt ====
- fix URLs, rpm5.org is no more
==== python-decorator ====
Version update (4.4.0 -> 4.4.1)
- update to 4.4.1:
Changed the description to "Decorators for Humans" are requested by
several users. Fixed a .rst bug in the description as seen in PyPI.
==== python-packaging ====
Version update (19.2 -> 20.1)
- add issue_254.patch to fix tests under non-x86_64 pplatforms
- Update to 20.1
* Fix a bug caused by reuse of an exhausted iterator.
* Add type hints
* Add proper trove classifiers for PyPy support
* Scale back depending on ctypes for manylinux support detection
* Use sys.implementation.name where appropriate for packaging.tags
* Expand upon the API provded by packaging.tags
* Officially support Python 3.8
* Add major, minor, and micro aliases to packaging.version.Version
* Properly mark packaging has being fully typed by adding a py.typed file
==== python-pyOpenSSL ====
Version update (19.0.0 -> 19.1.0)
- Update to v19.1
* Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType,
X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType.
Use the classes without the ``Type`` suffix instead.
* The minimum ``cryptography`` version is now 2.8
* Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback,
OpenSSL.SSL.Context.set_npn_select_callback, and
OpenSSL.SSL.Connection.get_next_proto_negotiated
ALPN should be used instead.
* Support bytearray in SSL.Connection.send() by using cffi's from_buffer
* The OpenSSL.SSL.Context.set_alpn_select_callback can return a new
NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake
to complete without an application protocol.
==== python-pyparsing ====
Version update (2.4.5 -> 2.4.6)
- update to 2.4.6
* Fixed typos in White mapping of whitespace characters, to use
correct "\u" prefix instead of "u".
* fix bug in left-associative ternary operators defined using
infixNotation. First reported on StackOverflow by user Jeronimo.
* Backport of pyparsing_test namespace from 3.0.0, including
TestParseResultsAsserts mixin class defining unittest-helper
methods:
. def assertParseResultsEquals(
self, result, expected_list=None, expected_dict=None, msg=None)
. def assertParseAndCheckList(
self, expr, test_string, expected_list, msg=None, verbose=True)
. def assertParseAndCheckDict(
self, expr, test_string, expected_dict, msg=None, verbose=True)
. def assertRunTestResults(
self, run_tests_report, expected_parse_results=None, msg=None)
. def assertRaisesParseException(self, exc_type=ParseException, msg=None)
==== python-urllib3 ====
Version update (1.25.6 -> 1.25.8)
- update to 1.25.8
* Drop support for EOL Python 3.4
* Optimize _encode_invalid_chars
* Preserve chunked parameter on retries
* Allow unset SERVER_SOFTWARE in App Engine
* Fix issue where URL fragment was sent within the request target.
* Fix issue where an empty query section in a URL would fail to parse.
* Remove TLS 1.3 support in SecureTransport due to Apple removing support.
==== readline ====
- Add official patch readline80-002
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch readline80-003
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch readline80-004
If writing the history file fails, and renaming the backup history file fails,
it's possible for readline's history code to return the wrong error to its
caller.
==== rpm-config-SUSE ====
Version update (0.g45 -> 0.g52)
- Update to version 0.g52:
* Make deprecated %install_info not fail when used within if/fi construct
- Update to version 0.g50:
* Add missing changelog entries and fix authors
* Add ldconfig_scriptlets macros for RH/Fedora compatibility
* move %install_info to file triggers (boo#1152105)
==== sudo ====
Version update (1.8.28p1 -> 1.8.31)
- Update to 1.8.31
Major changes between version 1.8.31 and 1.8.30:
* This version fixes a potential security issue that can lead to
a buffer overflow if the pwfeedback option is enabled in
sudoers [CVE-2019-18634] [bsc#1162202]
* The sudoedit_checkdir option now treats a user-owned directory
as writable, even if it does not have the write bit set at the
time of check. Symbolic links will no longer be followed by
sudoedit in any user-owned directory. Bug #912.
* Fixed a crash introduced in sudo 1.8.30 when suspending sudo
at the password prompt. Bug #914.
* Fixed compilation on systems where the mmap MAP_ANON flag is
not available. Bug #915.
Major changes between version 1.8.30 and 1.8.29:
* Sudo now closes file descriptors before changing uids. This
prevents a non-root process from interfering with sudo's ability
to close file descriptors on systems that support the prlimit(2)
system call.
* Sudo now treats an attempt to run sudo sudoedit as simply
sudoedit If the sudoers file contains a fully-qualified path
to sudoedit, sudo will now treat it simply as sudoedit
(with no path). Visudo will will now treat a fully-qualified
path to sudoedit as an error. Bug #871.
* Fixed a bug introduced in sudo 1.8.28 where sudo would warn
about a missing /etc/environment file on AIX and Linux when
PAM is not enabled. Bug #907.
* Fixed a bug on Linux introduced in sudo 1.8.29 that prevented
the askpass program from running due to an unlimited stack size
resource limit. Bug #908.
* If a group provider plugin has optional arguments, the argument
list passed to the plugin is now NULL terminated as per the
documentation.
* The user's time stamp file is now only updated if both authentication
and approval phases succeed. This is consistent with the behavior
of sudo prior to version 1.8.23. Bug #910.
* The new allow_unknown_runas_id sudoers setting can be used to
enable or disable the use of unknown user or group IDs.
Previously, sudo would always allow unknown user or group IDs if
the sudoers entry permitted it, including via the ALL alias.
As of sudo 1.8.30, the admin must explicitly enable support for
unknown IDs.
* The new runas_check_shell sudoers setting can be used to require
that the runas user have a shell listed in the /etc/shells file.
On many systems, users such as bin, do not have a valid shell and
this flag can be used to prevent commands from being run as
those users.
* Fixed a problem restoring the SELinux tty context during reboot
if mctransd is killed before sudo finishes. GitHub Issue #17.
* Fixed an intermittent warning on NetBSD when sudo restores the
initial stack size limit.
Major changes between version 1.8.29 and 1.8.28p1:
* The cvtsudoers command will now reject non-LDIF input when
converting from LDIF format to sudoers or JSON formats.
* The new log_allowed and log_denied sudoers settings make it
possible to disable logging and auditing of allowed and/or
denied commands.
* The umask is now handled differently on systems with PAM or
login.conf. If the umask is explicitly set in sudoers, that
value is used regardless of what PAM or login.conf may specify.
However, if the umask is not explicitly set in sudoers, PAM or
login.conf may now override the default sudoers umask. Bug #900.
* For make install, the sudoers file is no longer checked for syntax
errors when DESTDIR is set. The default sudoers file includes the
contents of /etc/sudoers.d which may not be readable as non-root.
Bug #902.
* Sudo now sets most resource limits to their maximum value to avoid
problems caused by insufficient resources, such as an inability to
allocate memory or open files and pipes. Fixed a regression introduced
in sudo 1.8.28 where sudo would refuse to run if the parent process was
not associated with a session. This was due to sudo passing a session
ID of -1 to the plugin.
- refresh sudo-sudoers.patch
==== system-users ====
Subpackages: system-group-hardware system-group-wheel system-user-nobody
- Add tss user for TPM tools (boo#1162360).
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit f8adabc2b1f3e3ad150e7a3bfa88341eda5a8a57 (merge v244.2)
77c04ce5c2 hwdb: update to v245-rc1
b4eb884824 Fix typo in function name
e2d4cb9843 polkit: when authorizing via PK let's re-resolve callback/userdata instead of caching it
83bfc0d8dd sd-bus: introduce API for re-enqueuing incoming messages
5926f9f172 polkit: use structured initialization
0697d0d972 polkit: on async pk requests, re-validate action/details
2589995acd polkit: reuse some common bus message appending code
5b2442d5c3 bus-polkit: rename return error parameter to ret_error
0a19ff7004 shared: split out polkit stuff from bus-util.c ? bus-polkit.c
1325dfb577 test: adapt to the new capsh format
3538fafb47 meson: update efi path detection to gnu-efi-3.0.11
3034855a5b presets: "disable" all passive targets by default
c2e3046819 shared/sysctl-util: normalize repeated slashes or dots to a single value
6f4364046f dhcp6: do not use T1 and T2 longer than one provided by the lease
0ed6cda28d network: fix implicit type conversion warning by GCC-10
f6a5c02d26 bootspec: parse random-seed-mode line in loader.conf
ddc5dca8a7 sd-boot: fix typo
2bbbe9ae41 test: Synchronize journal before reading from it
072485d661 sd-bus: fix introspection bug in signal parameter names
80af3cf5e3 efi: fix build.
[...]
- Use suse.pool.ntp.org server pool on SLE (jsc#SLE-7683)
- Drop scripts-udev-convert-lib-udev-path.sh
Nobody should need it these days.
==== tallow ====
Version update (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
- Update to version 21+git20200213.865ec91:
* Add tallow.patterns man page
* Add extra path for firewall-cmd
- Drop 0001-Add-extra-path-for-firewall-cmd.patch, accepted upstream
==== tar ====
- No longer recommend -lang: supplements are in use.
==== toolbox ====
Version update (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
- Update to version 1.0+git20200217.cd18bfb:
* Multiple toolboxes, with different names
* Configure `sudo` access for an user toolbox
* Correctly setup the user
* Add -u|--user parameter
* Handle arguments with 'getopt'
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
25 Feb '20
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
aaa_base (84.87+git20200206.ed897a1 -> 84.87+git20200207.27e2c61)
bash
btrfsprogs (5.4 -> 5.4.1)
c-ares (1.15.0+20191108 -> 1.15.0+20200117)
chrony
cloud-init
conmon
coreutils
cri-o (1.16.1 -> 1.17.0)
cryptsetup (2.1.0 -> 2.3.0)
curl
elfutils (0.177 -> 0.178)
etcd (3.3.15 -> 3.4.3)
glib2 (2.62.4 -> 2.62.5)
glibc (2.30 -> 2.31)
gpg2
grep (3.3 -> 3.4)
grub2
haproxy (2.1.1+git0.4ae521379 -> 2.1.3+git0.5c020bbdd)
installation-images-MicroOS (14.454 -> 14.456)
iproute2 (5.4 -> 5.5.0)
issue-generator (1.7 -> 1.8)
k9s (0.13.0 -> 0.15.2)
kail (0.13.0 -> 0.14.2)
kernel-firmware (20200122 -> 20200207)
kexec-tools
kubernetes (1.17.0 -> 1.17.2)
libcap (2.25 -> 2.32)
libeconf (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
libssh
libtirpc
libxcrypt (4.4.10 -> 4.4.12)
libzypp (17.22.0 -> 17.22.1)
microos-tools (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
mozilla-nss (3.48 -> 3.49.2)
nano (4.7 -> 4.8)
ncurses (6.1 -> 6.2)
nfs-utils
open-lldp
openssh
patterns-microos
permissions (1550_20191205 -> 1550_20200213)
podman (1.7.0 -> 1.8.0)
popt
python-decorator (4.4.0 -> 4.4.1)
python-packaging (19.2 -> 20.1)
python-pyOpenSSL (19.0.0 -> 19.1.0)
python-pyparsing (2.4.5 -> 2.4.6)
python-urllib3 (1.25.6 -> 1.25.8)
rdma-core
readline
rook (1.2.2+git0.g73593a1b -> 1.2.4+git9.gd747507e)
rpm-config-SUSE (0.g45 -> 0.g52)
sudo (1.8.28p1 -> 1.8.31)
system-users
systemd
tallow (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
tar
toolbox (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
=== Details ===
==== aaa_base ====
Version update (84.87+git20200206.ed897a1 -> 84.87+git20200207.27e2c61)
- Update to version 84.87+git20200207.27e2c61:
* change rp_filter to 2 to follow the current default (bsc#1160735)
==== bash ====
- Add official patch bash50-012
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch bash50-013
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch bash50-014
If the current line is empty, using the emacs C-xC-e binding to enter the
editor will edit the previous command instead of the current (empty) one.
- Add official patch bash50-015
If alias expansion is enabled when processing the command argument to the
`-c' option, an alias is defined in that command, and the command ends with
the invocation of that alias, the shell's command parser can prematurely
terminate before the entire command is executed.
- Add official patch bash50-016
Bash waits too long to reap /dev/fd process substitutions used as redirections
with loops and group commands, which can lead to file descriptor exhaustion.
==== btrfsprogs ====
Version update (5.4 -> 5.4.1)
Subpackages: btrfsprogs-udev-rules libbtrfs0
- Update to 5.4.1
* build: fix docbook5 build
* check: do extra verification of extent items, inode items and chunks
* qgroup: return ENOTCONN if quotas not running (needs updated kernel)
* other: various test fixups
==== c-ares ====
Version update (1.15.0+20191108 -> 1.15.0+20200117)
- Upgrade to latest snapshot from 2020-01-17
- disable-live-tests.patch: refreshed
- regression.patch: fix a regression in DNS results that contain
both A and AAAA answers.
- Add netcfg as the build requirement and runtime requirement.
ares_getaddrinfo function uses the getservbyport_r function which
requires the /etc/services file to function properly. That config
file is provided by the netcfg package. Unit tests rely on it
too, hence it has to be a build dependency as well.
- Switch to cmake-based build.
Some packages need the cmake build files.
==== chrony ====
- Add chrony-test-update-processing-of-packet-log.patch in order
to fix test-suite failure.
- Update clknetsim to version 79ffe44 (fixes boo#1162964).
- Backport chrony-test-fix-util-unit-test-for-NTP-era-split.patch.
==== cloud-init ====
- Add cloud-init-long-pass.patch (bsc#1162936, CVE-2020-8632)
+ Increase the default length of generated passwords
- Add cloud-init-use-different-random-src.diff (bsc#1162937, CVE-2020-8631)
+ Use non-deterministic generator for password generation.
- Update cloud-init-write-routes.patch (bsc#1163178)
+ Entries in the routes definition have changed causing a traceback
during rout config file writing. This patch update addresses the
issue by extracting the new entries properly.
==== conmon ====
- Update to v2.0.10 (bsc#1160460, bsc#1164390, jsc#ECO-1048,
jsc#SLE-11485, jsc#SLE-11331):
- journal logging: write to /dev/null instead of -1
- Add TimedOutMessage to config to share with go code
- Fix format string to limit the size of the string to 10
characters
- Persist oom files on cgroup v2
- Revert the check for the OOM counter on cgroups v1 before
writing OOM file
- Add --persist-dir flag to allow important container files to be
written to a persistent directory
- Check OOM counter on cgroups v1 before writing OOM file
- Use splice(2) to copy from stdin
- Kill the process group on timeout
- Add --persist-dir to allow callers to specify a directory that
conmon should mirror certain important files that should persist
reboots (right now, just the container exit file)
- Fix tight loop on OOM
- Add log level trace
- Separate handling of log reopen events and terminal resize events
- Add CONN_SOCK_BUF_SIZE to config
- Fix bug to close the sync pipe before exit command
- Set masterfd_stdout before registering ctrl_cb
- Upstream has an actual description, use it instead of just
duplicating the summary again.
- Use `%make_build` macro instead of `%{__make}`
- Use `%make_install` macro instead of `%{__make} install`
- Use `%{_bindir}` macro instead of `%{_usr}/bin`
- Change `PREFIX` to not contain `%{buildroot}` and use the
`$DESTDIR` variable
- Initial release v2.0.0
==== coreutils ====
- disable single and testsuite builds in rings/staging
- remove duplicate "coreutils" in flavor to make it look nicer in OBS
- minor: remove obsolete comment in spec file.
- switch to multibuild
- add coreutils-single subpackage that contains a single binary coreutils tool
similar to busybox
- package LC_CTIME directories also in lang package
- split off doc package
- remove info macros, handled by file trigger nowadays
==== cri-o ====
Version update (1.16.1 -> 1.17.0)
Subpackages: cri-o-kubeadm-criconfig
- Put default configuration in /etc/crio/crio.conf.d/00-default.conf
in replacement for /etc/crio/crio.conf
- Uncomment default apparmor profile to always fallback to the
default one
- Remove prevent-local-loopback-teardown-rh1754154.patch which is
now included in upstream
- Update to v1.17.0:
* Major Changes
- Allow CRI-O to manage IPC and UTS namespaces, in addition to
Network
- Add support for drop-in configuration files
- Added image pull and network setup metrics
- Image decryption support
- Remove unneeded host_ip configuration value
* Minor Changes
- Setup container environment variables before user
- Move default version file location to a tmpfs
- Failures to stop the network will now cause a stop sandbox
request to fail
- Persist container exit codes across reboot
- Add conmonmon: a conmon monitoring loop to protect against
conmon being OOM'd
- Add namespaces{-_}dir CLI and config option
- Add disk usage for ListContainerStats
- Introduce new runtime field to restrict devices in privileged
mode
==== cryptsetup ====
Version update (2.1.0 -> 2.3.0)
Subpackages: libcryptsetup12
- Update to 2.3.0 (include release notes for 2.2.0)
* BITLK (Windows BitLocker compatible) device access
* Veritysetup now supports activation with additional PKCS7 signature
of root hash through --root-hash-signature option.
* Integritysetup now calculates hash integrity size according to algorithm
instead of requiring an explicit tag size.
* Integritysetup now supports fixed padding for dm-integrity devices.
* A lot of fixes to online LUKS2 reecryption.
* Add crypt_resume_by_volume_key() function to libcryptsetup.
If a user has a volume key available, the LUKS device can be resumed
directly using the provided volume key.
No keyslot derivation is needed, only the key digest is checked.
* Implement active device suspend info.
Add CRYPT_ACTIVATE_SUSPENDED bit to crypt_get_active_device() flags
that informs the caller that device is suspended (luksSuspend).
* Allow --test-passphrase for a detached header.
Before this fix, we required a data device specified on the command
line even though it was not necessary for the passphrase check.
* Allow --key-file option in legacy offline encryption.
The option was ignored for LUKS1 encryption initialization.
* Export memory safe functions.
To make developing of some extensions simpler, we now export
functions to handle memory with proper wipe on deallocation.
* Fail crypt_keyslot_get_pbkdf for inactive LUKS1 keyslot.
* Add optional global serialization lock for memory hard PBKDF.
* Abort conversion to LUKS1 with incompatible sector size that is
not supported in LUKS1.
* Report error (-ENOENT) if no LUKS keyslots are available. User can now
distinguish between a wrong passphrase and no keyslot available.
* Fix a possible segfault in detached header handling (double free).
* Add integritysetup support for bitmap mode introduced in Linux kernel 5.2.
* The libcryptsetup now keeps all file descriptors to underlying device
open during the whole lifetime of crypt device context to avoid excessive
scanning in udev (udev run scan on every descriptor close).
* The luksDump command now prints more info for reencryption keyslot
(when a device is in-reencryption).
* New --device-size parameter is supported for LUKS2 reencryption.
* New --resume-only parameter is supported for LUKS2 reencryption.
* The repair command now tries LUKS2 reencryption recovery if needed.
* If reencryption device is a file image, an interactive dialog now
asks if reencryption should be run safely in offline mode
(if autodetection of active devices failed).
* Fix activation through a token where dm-crypt volume key was not
set through keyring (but using old device-mapper table parameter mode).
* Online reencryption can now retain all keyslots (if all passphrases
are provided). Note that keyslot numbers will change in this case.
* Allow volume key file to be used if no LUKS2 keyslots are present.
* Print a warning if online reencrypt is called over LUKS1 (not supported).
* Fix TCRYPT KDF failure in FIPS mode.
* Remove FIPS mode restriction for crypt_volume_key_get.
* Reduce keyslots area size in luksFormat when the header device is too small.
* Make resize action accept --device-size parameter (supports units suffix).
==== curl ====
Subpackages: libcurl4
- Eliminate curl-mini: The reason for this to exist was that cmake
pulled in curl into too many places, causing build cycles. A new
cmake-mini was generated, eliminating that need.
==== elfutils ====
Version update (0.177 -> 0.178)
Subpackages: libasm1 libdw1 libelf1
- Re-add libelf1 to baselibs.conf: we still generate a
libelf-devel-32bit, which is only installable if libelf1-21bit
also exists.
- Exclude debuginfod sub-packages and move them to elfutils-debuginfod.
- Avoid double-shipping libdebuginfo.so.1 in two different
subpackages. Fixup RPM group.
- Split libdebuginfod1 into libdebuginfod1 and debuginfod-client.
Add Requires for these packages.
- Rename debuginfod-client package to libdebuginfod1 in
order to fulfil SLPP violation.
- Fix variable references in specfile
- Use %fillupdir macros for proper sysconfig export.
- Update to version 0.178:
debuginfod: New server, client tool and library to index and fetch
ELF/DWARF files addressed by build-id through HTTP.
doc: There are now some manual pages for functions and tools.
backends: The libebl libraries are no longer dynamically loaded through
dlopen, but are now compiled into libdw.so directly.
readelf: -n, --notes now takes an optional "SECTION" argument.
- p and -x now also handle section numbers.
New option --dyn-sym to show just the dynamic symbol table.
libcpu: Add RISC-V disassembler.
libdw: Abbrevs and DIEs can now be read concurrently by multiple
threads through the same Dwarf handle.
libdwfl: Will try to use debuginfod when installed as fallback to
retrieve ELF and DWARF debug data files by build-id.
- remove dwelf_elf_e_machine_string.patch.
- remove unused libebl-plugins and libebl-devel subpackages
- new subpackages debuginfod-client, debuginfod-client-devel and
debuginfod added
- main package binaries are explicitely listed and man pages
for the binaries are included
- Add remove-run-large-elf-file.sh.patch in order to remove
running run-large-elf-file.sh (it hit OOM).
==== etcd ====
Version update (3.3.15 -> 3.4.3)
- Update to version 3.4.3:
* version: 3.4.3
* *: use Go 1.12.12
* rafthttp: add 3.4 stream type
* etcdserver: strip patch version in metrics
* etcdserver: strip patch version in cluster version
* etcdserver: unset old cluster version in metrics
* Add version, tag and branch checks to release script
* scripts: fix read failure prompt in release; use https for git clone.
* version: 3.4.2
* etcdserver: trace compaction request; add return parameter 'trace' to applierV3.Compaction() mvcc: trace compaction request; add input parameter 'trace' to KV.Compact()
* etcdserver: trace raft requests.
* etcdserver: add put request steps. mvcc: add put request steps; add trace to KV.Write() as input parameter.
* pkg: use zap logger to format the structure log output.
* pkg: add field to record additional detail of trace; add stepThreshold to reduce log volume.
* pkg: create package traceutil for tracing. mvcc: add tracing steps:range from the in-memory index tree; range from boltdb. etcdserver: add tracing steps: agreement among raft nodes before linerized reading; authentication; filter and sort kv pairs; assemble the response.
* clientv3: Replace endpoint.ParseHostPort with net.SplitHostPort to fix IPv6 client endpoints
* clientv3: Set authority used in cert checks to host of endpoint
* tests/e2e: fix metrics tests
* etcdctl: fix member add command
* scripts/build-binary: fix darwin tar commands
* scripts/release: fix SHA256SUMS command
* version: 3.4.1
* scripts/release: fix docker push command
* integration: fix bug in for loop, make it break properly
* embed: expose ZapLoggerBuilder
* vendor: upgrade to gRPC v1.23.1
==== glib2 ====
Version update (2.62.4 -> 2.62.5)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0
- Update to version 2.62.5:
+ Fix potential relative read when calling g_printerr(), which
could lead to a denial of service from a setuid-root process
being used to block access to the TTY for another user.
+ Fix SOCKS proxy resolver sometimes not being used when
resolving addresses via Happy Eyeballs (CVE-2020-6750).
+ Several other Happy Eyeballs fixes for address resolution.
+ Fix parsing of full Julian day range from `$TZ` environment
variable.
+ Several race condition/crash fixes.
+ Bugs fixed: glgo#GNOME/GLib#1919, glgo#GNOME/GLib#1995,
glgo#GNOME/GLib#1999, glgo#GNOME/GLib!1323,
glgo#GNOME/GLib!1331, glgo#GNOME/GLib!1352,
glgo#GNOME/GLib!1361, glgo#GNOME/GLib!1365,
glgo#GNOME/GLib!1370, glgo#GNOME/GLib!1371.
+ Updated translations.
- No longer recommend -lang: supplements are in use
==== glibc ====
Version update (2.30 -> 2.31)
Subpackages: glibc-locale glibc-locale-base
- nsswitch.conf: comment out initgroups setting, so that it defaults to
the group setting (bsc#1164075)
- fix-locking-in-_IO_cleanup.patch: update to latest version
- Update to glibc 2.31
* The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to
enable features from the draft ISO C2X standard
* The <math.h> functions that round their results to a narrower type now
have corresponding type-generic macros in <tgmath.h>
* The function pthread_clockjoin_np has been added, enabling join with a
terminated thread with a specific clock
* New locale added: mnw_MM (Mon language spoken in Myanmar).
* The DNS stub resolver will optionally send the AD (authenticated data) bit
in queries if the trust-ad option is set via the options directive in
/etc/resolv.conf (or if RES_TRUSTAD is set in _res.options)
* The totalorder and totalordermag functions, and the corresponding
functions for other floating-point types, now take pointer arguments to
avoid signaling NaNs possibly being converted to quiet NaNs in argument
passing
* The obsolete function stime is no longer available to newly linked
binaries, and its declaration has been removed from <time.h>
* The gettimeofday function no longer reports information about a
system-wide time zone
* If a lazy binding failure happens during dlopen, during the execution of
an ELF constructor, the process is now terminated
- malloc-info-whitespace.patch, riscv-vfork.patch,
prefer-map-32bit-exec.patch, backtrace-powerpc.patch,
ldconfig-dynstr.patch: Removed.
- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC
(bsc#1158996, BZ #25423)
- Drop support for pluggable gconv modules (bsc#1159851)
==== gpg2 ====
- Fix build with GCC-10: [bsc#1160394]
* Always use EXTERN_UNLESS_MAIN_MODULE pattern
* In GCC-10, the default option -fcommon will change to -fno-common
- Add gpg2-gcc10-build-fno-common.patch
==== grep ====
Version update (3.3 -> 3.4)
- Switch back to system regex to avoid undefined behaviour
- grep 3.4:
* new --no-ignore-case option causes grep to observe case
distinctions, overriding any previous -i (--ignore-case) option
* '.' no longer matches some invalid byte sequences in UTF-8 locales
* grep -Fw can no longer false match in non-UTF-8 multibyte locales
* The exit status of 'grep -L' is no longer incorrect when standard
output is /dev/null
* fix some performance bugs
- drop test-pcre-jitstack.diff
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix grub hangs after loading rogue image without valid signature for uefi
secure boot (bsc#1159102)
* grub2-verifiers-fix-system-freeze-if-verify-failed.patch
- From Stefan Seyfried <seife(a)novell.slipkontur.de> : Fix grub2-install fails
with "not a directory" error (boo#1161641, bsc#1162403)
* grub2-install-fix-not-a-directory-error.patch
==== haproxy ====
Version update (2.1.1+git0.4ae521379 -> 2.1.3+git0.5c020bbdd)
- Remove unsupported options from example haproxy.cfg
- Make haproxy useable for containers
- Use sysusers.d to create users.
- Use systemd_ordering instead of requiring systemd.
- Own vim syntax directory instead of requiring vim. This also
solves the problem the directory got never removed if vim is
updated before haproxy.
- Update to version 2.1.3+git0.5c020bbdd:
* [RELEASE] Released version 2.1.3
* BUG/MINOR: tcp: don't try to set defaultmss when value is negative
* BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a redirect
* BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is reported
* MINOR: htx/channel: Add a function to copy an HTX message in a channel's buffer
* MINOR: htx: Add a function to append an HTX message to another one
* DOC: word converter ignores delimiters at the start or end of input string
* MINOR: build: add aix72-gcc build TARGET and power{8,9} CPUs
* BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
* BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init
* BUG/MEDIUM: listener: only consider running threads when resuming listeners
* BUG/MINOR: dns: allow 63 char in hostname
* BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit
* DOC: schematic of the SSL certificates architecture
* BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init
* SCRIPTS: announce-release: allow the user to force to overwrite old files
* SCRIPTS: announce-release: place the send command in the mail's header
* CONTRIB: debug: also support reading values from stdin
* MINOR: acl: Warn when an ACL is named 'or'
* CONTRIB: debug: support reporting multiple values at once
* CONTRIB: debug: add the possibility to decode the value as certain types only
* CONTRIB: debug: add missing flags SF_HTX and SF_MUX
* BUG/MINOR: ssl: clear the SSL errors on DH loading failure
* BUG/MINOR: ssl: we may only ignore the first 64 errors
* BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty.
* BUG/MEDIUM: memory: Add a rwlock before freeing memory.
* MINOR: memory: Only init the pool spinlock once.
* BUG/MEDIUM: memory_pool: Update the seq number in pool_flush().
* BUG/MEDIUM: connections: Don't forget to unlock when killing a connection.
* BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
* BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer.
* BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error
* BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack
* BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure.
* MINOR: lua: Add HLUA_PREPEND_C?PATH build option
* MINOR: lua: Add lua-prepend-path configuration option
* MINOR: lua: Add hlua_prepend_path function
* BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines
* BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers"
* BUG/MINOR: stktable: report the current proxy name in error messages
* BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
* BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert"
* BUG/MINOR: ssl: typo in previous patch
* BUG/MINOR: ssl: memory leak w/ the ocsp_issuer
* BUG/MINOR: ssl: increment issuer refcount if in chain
* CLEANUP: stats: shut up a wrong null-deref warning from gcc 9.2
* BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded
* BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent
* BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst.
* BUG/MINOR: http_act: don't check capture id in backend
* MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive
* BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak
* BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak
* BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak
* BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing
* BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing
* BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
* BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters
* BUILD: pattern: include errno.h
* BUG/MINOR: 51d: Fix bug when HTX is enabled
* BUG/MINOR: dns: Make dns_query_id_seed unsigned
* BUG/MINOR: cache: Fix leak of cache name in error path
* BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
* BUG/MEDIUM: connection: add a mux flag to indicate splice usability
* BUG/MINOR: stream: don't mistake match rules for store-request rules
* BUG/MEDIUM: cli: _getsocks must send the peers sockets
* REGTEST: add sample_fetches/hashes.vtc to validate hashes
* BUG/MAJOR: hashes: fix the signedness of the hash inputs
* BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed().
* BUG/MEDIUM: mworker: remain in mworker mode during reload
* REGTEST: mcli/mcli_start_progs: start 2 programs
* BUG/MINOR: cli/mworker: can't start haproxy with 2 programs
* BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary
* BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch
* BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send()
* BUG/MEDIUM: tasks: Use the MT macros in tasklet_free().
* BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached
* BUG/MEDIUM: session: do not report a failure when rejecting a session
* BUG/MINOR: channel: inject output data at the end of output
* BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied
* BUG/MINOR: proxy: Fix input data copy when an error is captured
* BUG/MINOR: h1: Report the right error position when a header value is invalid
* MINOR: ssl: Remove unused variable "need_out".
* MINOR: config: disable busy polling on old processes
* BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection.
* BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready.
* BUG/MINOR: checks: refine which errno values are really errors.
- Update to version 2.1.2+git0.d5b6759b5:
* [RELEASE] Released version 2.1.2
* BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
* BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
* BUG/MINOR: state-file: do not leak memory on parse errors
* BUG/MINOR: state-file: do not store duplicates in the global tree
* BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
* BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
* BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
* MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
* BUG/MEDIUM: ssl: Revamp the way early data are handled.
* BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
* MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
* MINOR: http: add a new "replace-path" action
* MINOR: debug: support logging to various sinks
* BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
* MINOR: sample: Validate the number of bits for the sha2 converter
* BUG/MINOR: sample: always check converters' arguments
* BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
* DOC: clarify the fact that replace-uri works on a full URI
- drop the udev buildrequires completely
==== installation-images-MicroOS ====
Version update (14.454 -> 14.456)
- merge gh#openSUSE/installation-images#357
- move gconv files into initrd (bsc#1161701)
- netcfg has moved files to /usr/etc
- 14.456
- merge gh#openSUSE/installation-images#356
- remove explicit dependency on openssl package
- mount /proc in chroot environment during image build (bsc#1160594)
- fix package version comparing
- 14.455
==== iproute2 ====
Version update (5.4 -> 5.5.0)
- Update to new upstream version 5.5
* bridge: support fdb get
* devlink: command line option to switch netns
* devlink: all changing netns on reload
* devlink: new timestamp format for health report dump
* ip: support for alternative device names
* ip link: support to get SR-IOV VF node GUID and port GUID
* ip neigh: support get
* rdma: relax requirement to have PID for HW objects
* rdma: stat show mr
* ss: allow dumping kTLS info
* tc: support action flags
* tc flower: support masked port destination and source match
* tc pie: add dq_rate_estimator option
* tipc: new commands to set TIPC AEAD key
* more json support
- drop patches obsoleted by version upgrade:
* ss-fix-end-of-line-printing-in-misc-ss.c.patch
* no-double-definitions.patch
* Revert-emp-fix-warning-on-deprecated-bison-directive.patch
* Revert-tc-ematch-fix-deprecated-yacc-warning.patch
- refresh
* split-link-and-compile-steps-for-binaries.patch
==== issue-generator ====
Version update (1.7 -> 1.8)
- Update to version 1.8
- Handle network interface renames
==== k9s ====
Version update (0.13.0 -> 0.15.2)
- Update to version 0.15.2
- Many bug fixes
- Many new features
==== kail ====
Version update (0.13.0 -> 0.14.2)
- Update to version 0.14.2
- Capture logs from terminated containers
- Update vendor.tar.gz
==== kernel-firmware ====
Version update (20200122 -> 20200207)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20200207 (git commit 6f89735800fe):
* rtl_nic: update firmware for RTL8153A
* rtl_bt: Update RTL8822C BT FW to V0x0998_C2B4
* linux-firmware: add firmware for MT7622
* linux-firmware: add version 2 for MT7615E
* amdgpu: update to latest navi10 firmware from 19.50
* Revert "radeon: update oland rlc microcode from amdgpu"
* amlogic: update video decoder firmwares
* amdgpu: add renoir firmware for 19.50
* amdgpu: update raven2 firmware for 19.50
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.12.A.13
* qca: update bluetooth firmware for QCA6174
- Update topics and alias list
==== kexec-tools ====
- Fix build errors on old distributions
* kexec-tools-video-capability.patch
* kexec-tools-SYS_getrandom.patch
==== kubernetes ====
Version update (1.17.0 -> 1.17.2)
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet
- Update to version 1.17.2:
* [1.17] No-op whitespace fix to CHANGELOG-1.17 to trigger a new 1.17 build
* Add/Update CHANGELOG-1.17.md for v1.17.1.
* Drop version from static openapi json file
* Update to golang(a)1.13.5
* Revert reflector changes from PR #83520 from 1.17
* Fix IPv6 addresses lost issue in pure ipv6 vsphere environment
* Fix unit test to run in non-gce environments
* fix: azure disk could not mounted on Standard_DC4s/DC2s instances
* Use legacyscheme's types rather than testapi ones
* Fix nil pointer dereference in the azure provider
* Add unit test for extended ipv4 service IP range
* Revert "remove ipallocator in favor of k/utils net package"
* It fixes a bug where AAD token obtained by kubectl is incompatible with on-behalf-of flow and oidc.
* Allocate map when out points to nil map
* fix: azure data disk should use same key as os disk by default
* Check FileInfo against nil during walk of container dir path
* Add UID precondition to kubelet pod status patch updates
* Add cache for VMSS.
* Fix build break - Hyperkube image needs kubelet/kubectl
* Include cloud/gcp in e2e.test
* Do not swallow timeout in manageReplicas
* Sync the status of static Pods
* Increase Burst limit for discovery client
* Update v1.17.0 CHANGELOG to match final draft
* Fix LoadBalancer rule checking so that no unexpected LoadBalancer updates are made
* Fix broken SELinux detection
* Add/Update CHANGELOG-1.17.md for v1.17.0.
* Kubernetes version v1.17.1-beta.0 openapi-spec file updates
* Deflake kubectl custom printing test
* Move hostdns.conf out of cni directory.
==== libcap ====
Version update (2.25 -> 2.32)
- Update to version 2.32:
* Bug fix for fakeroot incompatibility (boo#1162014)
* Slight perf improvement for cap_get_bound().
* C++ support for psx header inclusion.
* Some new testing features for capsh
- Update to version 2.31:
* primarily a documentation update
* fix libpam.pc to not require libpsx.pc
* changed the text format of the default output of getpcap
- Build using -ffat-lto-objects for static library
- Update to version 2.30:
* BUGFIX: arm and i386 fixes C and Go setgroups choice - used
wrong syscall in 2.29.
* cleaned up make clean and make install to actually work as
intended
* updated Gentoo libpsx.pc file from Lars Wendler
* refactored the way libpsx linkage with libcap performed mutual
discovery.
* Previously (2.28) libpsx had an API call overridden by libcap
using weak linkage function in libpsx. In 2.30 this is reversed,
namely libpsx provides the stronger function and libcap has a
weak "no-op" version.
* a bit more consistency in handling the 'all' sets in libcap
(C) and libcap/cap (Go). Namely, they both dynamically discover
the number of capabilities named by the kernel and use this as
the definition of 'all' for the current runtime.
+ libcap (C) exports cap_max_bit() to export the number of
supported capabilities
+ libcap/cap (Go) exports cap.MaxBits() for this same value.
- For changes for older releases see:
* https://sites.google.com/site/fullycapable/release-notes-for-libcap
- Add glibc-static-devel as build requirement as tests need it
- Install libpsx.a as it seems to be needed in some cases:
* https://bugs.gentoo.org/703912
==== libeconf ====
Version update (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
- Update to version 0.3.5+git20200203.3144b69:
* Release version 0.3.5
* Use float.h instead of obsolete gnuism values.h
* Remove gnuism (strdupa)
* Check for empty value (NULL pointer) before calling strdup.
- Update to version 0.3.4+git20200121.febebf2:
* Release version 0.3.4
* Fix buffer overflow in econf_readDirs
* Fix parsing of quoted strings, and values starting with delimiters
* tests: add test for quoted strings
* tests: tst-configdirs5: fix config dir paths
==== libssh ====
Subpackages: libssh-config libssh4
- Drop the hack to pull curl-mini: we moved the split a bit higher
up and now have a non-curl linked variant of cmake in
openSUSE:Factory.
==== libtirpc ====
Subpackages: libtirpc-netconfig libtirpc3
- Backport upstream fix daed7ee ("Avoid multiple-definiton with gcc -fno-common")
to fix build error with gcc flag -fno-common (bsc#1160875).
Tested on gcc-9 and gcc-10.
0001-Avoid-multiple-definiton-with-gcc-fno-common.patch
- Skip unneeded autogen.sh run (configure is up-to-date), drop
dependencies: libtool, autoconf
- Replace krb5-mini-devel/krb5-devel with pkgconfig(krb5)
==== libxcrypt ====
Version update (4.4.10 -> 4.4.12)
- Update to version 4.4.12
* Another fix for GCC v10.x, which occurs on s390 architectures only.
- Update to version 4.4.11
* Fixes for GCC v10.x
* Change how the known-answer tests are parallelized
- gcc10.patch: remove
==== libzypp ====
Version update (17.22.0 -> 17.22.1)
- update translations
- Replace mongoose/webrick with nginx in test suite.
This patch makes use of nginx to replace the current WebServer
mongoose implementation. Also adds support for registering
callback functions for certain URL requests via FCGI, making it
possible to mock HTTP responses and test more complex HTTP setups.
- boost: Fix deprecated auto_unit_test.hpp includes.
- Disable zchunk on Leap-15.0 and SLE15-* while there is no libzck.
- Fix decision whether to download ZCHUNK files.
libzypp and libsolv must both be able to read the format.
- version 17.22.1 (22)
==== microos-tools ====
Version update (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
- Update to version 1.0+git20200214.c7654a7:
* Remove btrfsQuota, snapper list provides now the same informations
* Adjust README.md
==== mozilla-nss ====
Version update (3.48 -> 3.49.2)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.49.2
Fixed bugs:
* Fix compilation problems with NEON-specific code in freebl
(bmo#1608327)
* Fix a taskcluster issue with Python 2 / Python 3 (bmo#1608895)
- update to NSS 3.49.1
3.49.1
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49.1_re…
* Cache the most recent PBKDF2 password hash, to speed up repeated
SDR operations, important with the increased KDF iteration counts (bmo#1606992)
3.49
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.49_rele…
* The legacy DBM database, libnssdbm, is no longer built by default
when using gyp builds (bmo#1594933)
* several bugfixes
==== nano ====
Version update (4.7 -> 4.8)
- update to 4.8:
* When something is pasted into nano, suppress auto-indentation
* paste can be undone as a whole with a single M-U
* Improve handling of lock files on start-up
* Shift+Meta+letter key combos can be bound with 'bind Sh-M-letter'
* A custom nanorc file can be specified on the command line, with
- f filename or --rcfile=filename
==== ncurses ====
Version update (6.1 -> 6.2)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Add ncurses patch 20200215
+ improve manual page for panel library, extending the portability
section as well as documenting error-returns.
+ show tic's version when installing terminal database in run_tic.sh
+ correct check for gcc vs other compilers used in ncurses 6.0, from
FreeBSD patch by Kyle Evans (cf: 20150725).
+ add notes for 6.2 to INSTALL.
- Update to ncurses 6.2 (patch 20200212)
* Add 20200212 6.2 release for upload to ftp.gnu.org
+ update release notes
+ minor build-fixes, mostly to test-package scripts
* Add ncurses patch20200208
+ modify check for sizeof(wchar_t) to ensure it gives useful result
when cross-compiling.
+ drop assumption in configure script that Cygwin's linker is broken.
+ define NCURSES_BROKEN_LINKER if the broken-linker feature is used,
to simplify configure-checks for ncurses-examples.
* Add ncurses patch20200202
+ reassert copyright on ncurses, per discussion in ncurses FAQ:
https://invisible-island.net/ncurses/ncurses.faq.html#relicensed
* Add ncurses patch20200201
+ modify comparison in make_hash.c to correct a special case in
collision handling for Caps-hpux11
+ add testing utility report_hashing to check hash-tables used for
terminfo and termcap names.
+ fix a missing prototype for _nc_free_and_exit().
+ update a few comments about tack 1.07
+ use an awk script to split too-long pathnames used in Ada95 sample
programs for explain.txt
- Update to tack 1.9 (patch 20200202)
* Update copyright and license. Also, portability fixes.
- Adopt patch ncurses-5.7-tack.dif
- Adopt patch ncurses-6.1.dif which is now ncurses-6.2.dif
- Add ncurses patch 20200118
+ expanded description of XM in user_caps.5
+ improve xm example for xterm+x11mouse, xterm+sm+1006 -TD
+ add history section to curs_slk.3x and curs_terminfo.3x manpages.
+ update alacritty entries for 0.4.0 (prompted by patch by
Christian Durr) -TD
+ correct spelling errors found with codespell.
+ fix for test/configure, from xterm #352.
- Add ncurses patch 20200111
+ improve configure macros which check for the X11/Intrinsic.h header,
to accommodate recent MacOS changes.
+ suppress gcc's -Winline warning; it has not been useful for some time
+ update config.guess, config.sub
==== nfs-utils ====
Subpackages: libnfsidmap1 nfs-client
- Update to version 2.4.3
Dropped patches (accepted upstream):
- 0001-nfs.conf-allow-empty-assignments.patch
- 0002-Let-systemd-know-when-rpc.statd-is-needed.patch
- 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch
- 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch
- 0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch
- 0006-conffile-allow-optional-include-files.patch
- 0007-statd-user-from-sm
- 0008-mountd-Initialize-logging-early.patch
Dropped patches (upstream used different solution):
- 0009-Allow-compilation-to-succeed-with-fno-common.patch (btw this used
Patch0: instead of Patch10:) (boo#1160405)
Add nfsdcld - NFSv4 Client Tracking Daemon, add nfsdcld.service and enable it
for nfs-kernel-server, add man page
Add clddb-tool - tool for downgrading the nfsdcld sqlite database schema,
add man page
Removed osd_login (dropped in upstream in 2.3.4 rc1)
- 0009-Allow-compilation-to-succeed-with-fno-common.patch
Allow compilation to success with -fno-common
(boo#1160405)
==== open-lldp ====
Subpackages: liblldp_clif1
- BuildRequire pkgconfig(systemd) instead of systemd directly:
allow OBS to shortcut through the -mini flavors.
==== openssh ====
- Add patches to fix the sandbox blocking glibc on 32bit platforms
(boo#1164061):
* openssh-8.1p1-seccomp-clock_nanosleep_time64.patch
* openssh-8.1p1-seccomp-clock_gettime64.patch
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap
- Move fcoe-utils and irqbalance to hardware pattern, not useful
on guest install.
- Introduce MicroOS Desktop patterns [boo#1163453]
==== permissions ====
Version update (1550_20191205 -> 1550_20200213)
Subpackages: chkstat permissions-config
- Update to version 20200213:
* remove obsolete/broken entries for rcp/rsh/rlogin
* chkstat: handle symlinks in final path elements correctly
* Revert "Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)""
* Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)"
- Update to version 20200204:
* mariadb: settings for new auth_pam_tool (bsc#1160285)
* chkstat:
- add read-only fallback when /proc is not mounted (bsc#1160764)
- capability handling fixes (bsc#1161779)
- better error message when refusing to fix dir perms (#32)
- Update to version 20200127:
* fix paths of ksysguard whitelisting
* fix zero-termination of error message for overly long paths
==== podman ====
Version update (1.7.0 -> 1.8.0)
Subpackages: podman-cni-config
- Remove: 0001-clarify-container-prune-force.patch because it's now
included in the release
- Update podman to v1.8.0:
* Features
- The podman system service command has been added, providing a
preview of Podman's new Docker-compatible API. This API is
still very new, and not yet ready for production use, but is
available for early testing
- Rootless Podman now uses Rootlesskit for port forwarding,
which should greatly improve performance and capabilities
- The podman untag command has been added to remove tags from
images without deleting them
- The podman inspect command on images now displays previous
names they used
- The podman generate systemd command now supports a --new
option to generate service files that create and run new
containers instead of managing existing containers
- Support for --log-opt tag= to set logging tags has been added
to the journald log driver
- Added support for using Seccomp profiles embedded in images
for podman run and podman create via the new --seccomp-policy
CLI flag
- The podman play kube command now honors pull policy
* Bugfixes
- Fixed a bug where the podman cp command would not copy the
contents of directories when paths ending in /. were given
- Fixed a bug where the podman play kube command did not
properly locate Seccomp profiles specified relative to
localhost
- Fixed a bug where the podman info command for remote Podman
did not show registry information
- Fixed a bug where the podman exec command did not support
having input piped into it
- Fixed a bug where the podman cp command with rootless Podman
on CGroups v2 systems did not properly determine if the
container could be paused while copying
- Fixed a bug where the podman container prune --force command
could possible remove running containers if they were started
while the command was running
- Fixed a bug where Podman, when run as root, would not
properly configure slirp4netns networking when requested
- Fixed a bug where podman run --userns=keep-id did not work
when the user had a UID over 65535
- Fixed a bug where rootless podman run and podman create with
the --userns=keep-id option could change permissions on
/run/user/$UID and break KDE
- Fixed a bug where rootless Podman could not be run in a
systemd service on systems using CGroups v2
- Fixed a bug where podman inspect would show CPUShares as 0,
instead of the default (1024), when it was not explicitly set
- Fixed a bug where podman-remote push would segfault
- Fixed a bug where image healthchecks were not shown in the
output of podman inspect
- Fixed a bug where named volumes created with containers from
pre-1.6.3 releases of Podman would be autoremoved with their
containers if the --rm flag was given, even if they were
given names
- Fixed a bug where podman history was not computing image
sizes correctly
- Fixed a bug where Podman would not error on invalid values to
the --sort flag to podman images
- Fixed a bug where providing a name for the image made by
podman commit was mandatory, not optional as it should be
- Fixed a bug where the remote Podman client would append an
extra " to %PATH
- Fixed a bug where the podman build command would sometimes
ignore the -f option and build the wrong Containerfile
- Fixed a bug where the podman ps --filter command would only
filter running containers, instead of all containers, if
- -all was not passed
- Fixed a bug where the podman load command on compressed
images would leave an extra copy on disk
- Fixed a bug where the podman restart command would not
properly clean up the network, causing it to function
differently from podman stop; podman start
- Fixed a bug where setting the --memory-swap flag to podman
create and podman run to -1 (to indicate unlimited) was not
supported
* Misc
- Initial work on version 2 of the Podman remote API has been
merged, but is still in an alpha state and not ready for use.
Read more here
- Many formatting corrections have been made to the manpages
- The changes to address (#5009) may cause anonymous volumes
created by Podman versions 1.6.3 to 1.7.0 to not be removed
when their container is removed
- Updated vendored Buildah to v1.13.1
- Updated vendored containers/storage to v1.15.8
- Updated vendored containers/image to v5.2.0
==== popt ====
- fix URLs, rpm5.org is no more
==== python-decorator ====
Version update (4.4.0 -> 4.4.1)
- update to 4.4.1:
Changed the description to "Decorators for Humans" are requested by
several users. Fixed a .rst bug in the description as seen in PyPI.
==== python-packaging ====
Version update (19.2 -> 20.1)
- add issue_254.patch to fix tests under non-x86_64 pplatforms
- Update to 20.1
* Fix a bug caused by reuse of an exhausted iterator.
* Add type hints
* Add proper trove classifiers for PyPy support
* Scale back depending on ctypes for manylinux support detection
* Use sys.implementation.name where appropriate for packaging.tags
* Expand upon the API provded by packaging.tags
* Officially support Python 3.8
* Add major, minor, and micro aliases to packaging.version.Version
* Properly mark packaging has being fully typed by adding a py.typed file
==== python-pyOpenSSL ====
Version update (19.0.0 -> 19.1.0)
- Update to v19.1
* Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType,
X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType.
Use the classes without the ``Type`` suffix instead.
* The minimum ``cryptography`` version is now 2.8
* Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback,
OpenSSL.SSL.Context.set_npn_select_callback, and
OpenSSL.SSL.Connection.get_next_proto_negotiated
ALPN should be used instead.
* Support bytearray in SSL.Connection.send() by using cffi's from_buffer
* The OpenSSL.SSL.Context.set_alpn_select_callback can return a new
NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake
to complete without an application protocol.
==== python-pyparsing ====
Version update (2.4.5 -> 2.4.6)
- update to 2.4.6
* Fixed typos in White mapping of whitespace characters, to use
correct "\u" prefix instead of "u".
* fix bug in left-associative ternary operators defined using
infixNotation. First reported on StackOverflow by user Jeronimo.
* Backport of pyparsing_test namespace from 3.0.0, including
TestParseResultsAsserts mixin class defining unittest-helper
methods:
. def assertParseResultsEquals(
self, result, expected_list=None, expected_dict=None, msg=None)
. def assertParseAndCheckList(
self, expr, test_string, expected_list, msg=None, verbose=True)
. def assertParseAndCheckDict(
self, expr, test_string, expected_dict, msg=None, verbose=True)
. def assertRunTestResults(
self, run_tests_report, expected_parse_results=None, msg=None)
. def assertRaisesParseException(self, exc_type=ParseException, msg=None)
==== python-urllib3 ====
Version update (1.25.6 -> 1.25.8)
- update to 1.25.8
* Drop support for EOL Python 3.4
* Optimize _encode_invalid_chars
* Preserve chunked parameter on retries
* Allow unset SERVER_SOFTWARE in App Engine
* Fix issue where URL fragment was sent within the request target.
* Fix issue where an empty query section in a URL would fail to parse.
* Remove TLS 1.3 support in SecureTransport due to Apple removing support.
==== rdma-core ====
Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1
- Eliminate the curl-mini trickery for Tumbleweed: curl-mini is
being eliminated in favor of cmake-mini: the original plan to
split the cycle at curl did not work out in the long run.
==== readline ====
- Add official patch readline80-002
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch readline80-003
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch readline80-004
If writing the history file fails, and renaming the backup history file fails,
it's possible for readline's history code to return the wrong error to its
caller.
==== rook ====
Version update (1.2.2+git0.g73593a1b -> 1.2.4+git9.gd747507e)
- ceph: populate CSI configmap for external cluster
- Update to v1.2.4:
* Stop garbage collector from deleting the CSI driver unexpectedly (#4820)
* Upgrade legacy OSDs created with partitions created by Rook (#4799)
* Ability to set the pool target_size_ratio (#4803)
* Improve detection of drain-canaries and log significant nodedrain scheduling events (#4679)
* Sort flexvolume docs and update for kubespray (#4747)
* Add OpenShift common issues documentation (#4764)
* Improved integration test when cleaning devices (#4796)
==== rpm-config-SUSE ====
Version update (0.g45 -> 0.g52)
- Update to version 0.g52:
* Make deprecated %install_info not fail when used within if/fi construct
- Update to version 0.g50:
* Add missing changelog entries and fix authors
* Add ldconfig_scriptlets macros for RH/Fedora compatibility
* move %install_info to file triggers (boo#1152105)
==== sudo ====
Version update (1.8.28p1 -> 1.8.31)
- Update to 1.8.31
Major changes between version 1.8.31 and 1.8.30:
* This version fixes a potential security issue that can lead to
a buffer overflow if the pwfeedback option is enabled in
sudoers [CVE-2019-18634] [bsc#1162202]
* The sudoedit_checkdir option now treats a user-owned directory
as writable, even if it does not have the write bit set at the
time of check. Symbolic links will no longer be followed by
sudoedit in any user-owned directory. Bug #912.
* Fixed a crash introduced in sudo 1.8.30 when suspending sudo
at the password prompt. Bug #914.
* Fixed compilation on systems where the mmap MAP_ANON flag is
not available. Bug #915.
Major changes between version 1.8.30 and 1.8.29:
* Sudo now closes file descriptors before changing uids. This
prevents a non-root process from interfering with sudo's ability
to close file descriptors on systems that support the prlimit(2)
system call.
* Sudo now treats an attempt to run sudo sudoedit as simply
sudoedit If the sudoers file contains a fully-qualified path
to sudoedit, sudo will now treat it simply as sudoedit
(with no path). Visudo will will now treat a fully-qualified
path to sudoedit as an error. Bug #871.
* Fixed a bug introduced in sudo 1.8.28 where sudo would warn
about a missing /etc/environment file on AIX and Linux when
PAM is not enabled. Bug #907.
* Fixed a bug on Linux introduced in sudo 1.8.29 that prevented
the askpass program from running due to an unlimited stack size
resource limit. Bug #908.
* If a group provider plugin has optional arguments, the argument
list passed to the plugin is now NULL terminated as per the
documentation.
* The user's time stamp file is now only updated if both authentication
and approval phases succeed. This is consistent with the behavior
of sudo prior to version 1.8.23. Bug #910.
* The new allow_unknown_runas_id sudoers setting can be used to
enable or disable the use of unknown user or group IDs.
Previously, sudo would always allow unknown user or group IDs if
the sudoers entry permitted it, including via the ALL alias.
As of sudo 1.8.30, the admin must explicitly enable support for
unknown IDs.
* The new runas_check_shell sudoers setting can be used to require
that the runas user have a shell listed in the /etc/shells file.
On many systems, users such as bin, do not have a valid shell and
this flag can be used to prevent commands from being run as
those users.
* Fixed a problem restoring the SELinux tty context during reboot
if mctransd is killed before sudo finishes. GitHub Issue #17.
* Fixed an intermittent warning on NetBSD when sudo restores the
initial stack size limit.
Major changes between version 1.8.29 and 1.8.28p1:
* The cvtsudoers command will now reject non-LDIF input when
converting from LDIF format to sudoers or JSON formats.
* The new log_allowed and log_denied sudoers settings make it
possible to disable logging and auditing of allowed and/or
denied commands.
* The umask is now handled differently on systems with PAM or
login.conf. If the umask is explicitly set in sudoers, that
value is used regardless of what PAM or login.conf may specify.
However, if the umask is not explicitly set in sudoers, PAM or
login.conf may now override the default sudoers umask. Bug #900.
* For make install, the sudoers file is no longer checked for syntax
errors when DESTDIR is set. The default sudoers file includes the
contents of /etc/sudoers.d which may not be readable as non-root.
Bug #902.
* Sudo now sets most resource limits to their maximum value to avoid
problems caused by insufficient resources, such as an inability to
allocate memory or open files and pipes. Fixed a regression introduced
in sudo 1.8.28 where sudo would refuse to run if the parent process was
not associated with a session. This was due to sudo passing a session
ID of -1 to the plugin.
- refresh sudo-sudoers.patch
==== system-users ====
Subpackages: system-group-hardware system-group-wheel system-user-bin system-user-daemon system-user-nobody
- Add tss user for TPM tools (boo#1162360).
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit f8adabc2b1f3e3ad150e7a3bfa88341eda5a8a57 (merge v244.2)
77c04ce5c2 hwdb: update to v245-rc1
b4eb884824 Fix typo in function name
e2d4cb9843 polkit: when authorizing via PK let's re-resolve callback/userdata instead of caching it
83bfc0d8dd sd-bus: introduce API for re-enqueuing incoming messages
5926f9f172 polkit: use structured initialization
0697d0d972 polkit: on async pk requests, re-validate action/details
2589995acd polkit: reuse some common bus message appending code
5b2442d5c3 bus-polkit: rename return error parameter to ret_error
0a19ff7004 shared: split out polkit stuff from bus-util.c ? bus-polkit.c
1325dfb577 test: adapt to the new capsh format
3538fafb47 meson: update efi path detection to gnu-efi-3.0.11
3034855a5b presets: "disable" all passive targets by default
c2e3046819 shared/sysctl-util: normalize repeated slashes or dots to a single value
6f4364046f dhcp6: do not use T1 and T2 longer than one provided by the lease
0ed6cda28d network: fix implicit type conversion warning by GCC-10
f6a5c02d26 bootspec: parse random-seed-mode line in loader.conf
ddc5dca8a7 sd-boot: fix typo
2bbbe9ae41 test: Synchronize journal before reading from it
072485d661 sd-bus: fix introspection bug in signal parameter names
80af3cf5e3 efi: fix build.
[...]
- Use suse.pool.ntp.org server pool on SLE (jsc#SLE-7683)
- Drop scripts-udev-convert-lib-udev-path.sh
Nobody should need it these days.
==== tallow ====
Version update (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
- Update to version 21+git20200213.865ec91:
* Add tallow.patterns man page
* Add extra path for firewall-cmd
- Drop 0001-Add-extra-path-for-firewall-cmd.patch, accepted upstream
==== tar ====
- No longer recommend -lang: supplements are in use.
==== toolbox ====
Version update (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
- Update to version 1.0+git20200217.cd18bfb:
* Multiple toolboxes, with different names
* Configure `sudo` access for an user toolbox
* Correctly setup the user
* Add -u|--user parameter
* Handle arguments with 'getopt'
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (19.3.3 -> 19.3.4)
Mesa-drivers (19.3.3 -> 19.3.4)
NetworkManager (1.22.6 -> 1.22.8)
alsa
bash
bluedevil5 (5.17.90 -> 5.18.1)
breeze (5.18.0 -> 5.18.1)
cloud-init
conmon
createrepo_c (0.15.6 -> 0.15.7)
curl
discover (5.18.0 -> 5.18.1)
drkonqi5 (5.18.0 -> 5.18.1)
file-roller (3.32.3 -> 3.32.4)
flatpak
gjs (1.58.4 -> 1.58.5)
glib2 (2.62.4 -> 2.62.5)
gnome-desktop (3.34.3 -> 3.34.4)
gnome-shell (3.34.3+0 -> 3.34.4)
gpg2
grub2
gtk3 (3.24.13+0 -> 3.24.14)
kactivitymanagerd (5.18.0 -> 5.18.1)
kde-cli-tools5 (5.18.0 -> 5.18.1)
kde-user-manager (5.18.0 -> 5.18.1)
kgamma5 (5.18.0 -> 5.18.1)
khotkeys5 (5.18.0 -> 5.18.1)
kinfocenter5 (5.18.0 -> 5.18.1)
kmenuedit5 (5.18.0 -> 5.18.1)
kscreen5 (5.18.0 -> 5.18.1)
kscreenlocker (5.18.0 -> 5.18.1)
ksysguard5 (5.18.0 -> 5.18.1)
kwayland-integration (5.18.0 -> 5.18.1)
kwin5 (5.18.0 -> 5.18.1)
kwrited5 (5.18.0 -> 5.18.1)
libcap (2.25 -> 2.32)
libkdecoration2 (5.18.0 -> 5.18.1)
libkscreen2 (5.18.0 -> 5.18.1)
libksysguard5 (5.18.0 -> 5.18.1)
libssh
milou5 (5.18.0 -> 5.18.1)
mutter (3.34.3+0 -> 3.34.4)
ncurses (6.1 -> 6.2)
open-lldp
permissions (1550_20200204 -> 1550_20200213)
plasma-nm5 (5.18.0 -> 5.18.1)
plasma5-addons (5.18.0 -> 5.18.1)
plasma5-desktop (5.18.0 -> 5.18.1)
plasma5-integration (5.18.0 -> 5.18.1)
plasma5-openSUSE
plasma5-pa (5.18.0 -> 5.18.1)
plasma5-workspace (5.18.0 -> 5.18.1)
polkit-kde-agent-5 (5.18.0 -> 5.18.1)
popt
powerdevil5 (5.18.0 -> 5.18.1)
pulseaudio
python-pyOpenSSL (19.0.0 -> 19.1.0)
re2
readline
systemsettings5 (5.18.0 -> 5.18.1)
tracker (2.3.1 -> 2.3.2)
tracker-miners (2.3.1 -> 2.3.2)
webkit2gtk3 (2.26.3 -> 2.26.4)
xdg-desktop-portal-kde (5.18.0 -> 5.18.1)
=== Details ===
==== Mesa ====
Version update (19.3.3 -> 19.3.4)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- use 7G disk constraints also for x86_64 and i586 (bsc#1164488)
- only use 'BuildRequires:llvm-devel >= 9.0.0' for TW/factory; for
older products still use 'BuildRequires: llvm9-devel'; fixed
build on openSUSE Leap 15.2
- Update to version 19.3.4
* changes all over the tree, but aco and anv are leading the
way in changes
- supersedes u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch
==== Mesa-drivers ====
Version update (19.3.3 -> 19.3.4)
Subpackages: Mesa-dri Mesa-gallium
- use 7G disk constraints also for x86_64 and i586 (bsc#1164488)
- only use 'BuildRequires:llvm-devel >= 9.0.0' for TW/factory; for
older products still use 'BuildRequires: llvm9-devel'; fixed
build on openSUSE Leap 15.2
- Update to version 19.3.4
* changes all over the tree, but aco and anv are leading the
way in changes
- supersedes u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch
==== NetworkManager ====
Version update (1.22.6 -> 1.22.8)
Subpackages: libnm0 typelib-1_0-NM-1_0
- Update to version 1.22.8:
+ Added configuration option to customize IPv6 RA timeout.
+ Internal DHCP client will now request a lease renewal using the
previously obtained IP address when expired.
+ Removed length limitation for OVS Bridge, Patches and
Interfaces (only Patch types) names.
+ Fixed initialization of 'secs' DHCP header field, this caused
some DHCP relays to drop packets.
+ Fixed failure when creating team interfaces using 'nmstate'.
+ Various bug fixes and improvements.
==== alsa ====
- Backport upstream fixes:
ucm-parser fixes and enhancements, configure script cleanup,
fixes of 5.6 kernel ABI, O_CLOEXEC flag fix:
0064-ucm-parser-cosmetic-fixes-in-the-comments.patch
0065-configure.ac-remove-an-unnecessary-libtool-fix.patch
0066-ucm-parser-use-correct-filename-in-parser_master_fil.patch
0067-ucm-the-ucm2-subdirectory-is-driver-name-based.patch
0068-ucm-implement-RenameDevice-and-RemoveDevice-verb-man.patch
0069-ucm-fill-missing-device-entries-conflicting-supporte.patch
0070-control-Remove-access-to-the-deprecated-dimen-fields.patch
0071-topology-Drop-SNDRV_CTL_ELEM_ACCESS_TIMESTAMP-access.patch
0072-uapi-Sync-with-5.6-kernel-ABI.patch
0073-ucm-parser-add-error-message-to-verb_dev_list_add.patch
0074-do-not-set-close-on-exec-flag-on-descriptor-if-it-wa.patch
==== bash ====
- Add official patch bash50-012
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch bash50-013
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch bash50-014
If the current line is empty, using the emacs C-xC-e binding to enter the
editor will edit the previous command instead of the current (empty) one.
- Add official patch bash50-015
If alias expansion is enabled when processing the command argument to the
`-c' option, an alias is defined in that command, and the command ends with
the invocation of that alias, the shell's command parser can prematurely
terminate before the entire command is executed.
- Add official patch bash50-016
Bash waits too long to reap /dev/fd process substitutions used as redirections
with loops and group commands, which can lead to file descriptor exhaustion.
==== bluedevil5 ====
Version update (5.17.90 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
- Update to 5.18.0
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.0.php
- No code changes since 5.17.90
- Replace %make_jobs with %cmake_build
==== breeze ====
Version update (5.18.0 -> 5.18.1)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-wallpapers libbreezecommon5-5
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Add missing cursors for Chromium-based apps
==== cloud-init ====
- Add cloud-init-long-pass.patch (bsc#1162936, CVE-2020-8632)
+ Increase the default length of generated passwords
- Add cloud-init-use-different-random-src.diff (bsc#1162937, CVE-2020-8631)
+ Use non-deterministic generator for password generation.
- Update cloud-init-write-routes.patch (bsc#1163178)
+ Entries in the routes definition have changed causing a traceback
during rout config file writing. This patch update addresses the
issue by extracting the new entries properly.
==== conmon ====
- Update to v2.0.10 (bsc#1160460, bsc#1164390, jsc#ECO-1048,
jsc#SLE-11485, jsc#SLE-11331):
- journal logging: write to /dev/null instead of -1
- Add TimedOutMessage to config to share with go code
- Fix format string to limit the size of the string to 10
characters
- Persist oom files on cgroup v2
- Revert the check for the OOM counter on cgroups v1 before
writing OOM file
- Add --persist-dir flag to allow important container files to be
written to a persistent directory
- Check OOM counter on cgroups v1 before writing OOM file
- Use splice(2) to copy from stdin
- Kill the process group on timeout
- Add --persist-dir to allow callers to specify a directory that
conmon should mirror certain important files that should persist
reboots (right now, just the container exit file)
- Fix tight loop on OOM
- Add log level trace
- Separate handling of log reopen events and terminal resize events
- Add CONN_SOCK_BUF_SIZE to config
- Fix bug to close the sync pipe before exit command
- Set masterfd_stdout before registering ctrl_cb
- Upstream has an actual description, use it instead of just
duplicating the summary again.
- Use `%make_build` macro instead of `%{__make}`
- Use `%make_install` macro instead of `%{__make} install`
- Use `%{_bindir}` macro instead of `%{_usr}/bin`
- Change `PREFIX` to not contain `%{buildroot}` and use the
`$DESTDIR` variable
- Initial release v2.0.0
==== createrepo_c ====
Version update (0.15.6 -> 0.15.7)
Subpackages: libcreaterepo_c0 python3-createrepo_c
- Update to 0.15.7
+ Add relogin_suggested to updatecollectionpackage (rh#1779751)
+ Support issued date in epoch format in Python API (rh#1779751)
==== curl ====
Subpackages: libcurl4
- Eliminate curl-mini: The reason for this to exist was that cmake
pulled in curl into too many places, causing build cycles. A new
cmake-mini was generated, eliminating that need.
==== discover ====
Version update (5.18.0 -> 5.18.1)
Subpackages: discover-backend-flatpak
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* pk: make sure we get the local package details
* Simplify UI logic
* Fix typo
* pk: list codecs as addons
* Don't offer to show more when there's not more to show (kde#417290)
* remove warning when there's no kuserfeedback
* snap: mark transactions as cancelled when we cancel them
* Don't escape search text in search page title (kde#416781)
* Use real Kirigami Separators instead of blue rectangles
==== drkonqi5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== file-roller ====
Version update (3.32.3 -> 3.32.4)
- Update to version 3.32.4:
+ Updated translations.
==== flatpak ====
Subpackages: libflatpak0 system-user-flatpak typelib-1_0-Flatpak-1_0
- Drop obsolete _servicedata file.
==== gjs ====
Version update (1.58.4 -> 1.58.5)
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0
- Update to version 1.58.5:
+ Can not access GObject properties of classes without
GI information.
==== glib2 ====
Version update (2.62.4 -> 2.62.5)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0
- Update to version 2.62.5:
+ Fix potential relative read when calling g_printerr(), which
could lead to a denial of service from a setuid-root process
being used to block access to the TTY for another user.
+ Fix SOCKS proxy resolver sometimes not being used when
resolving addresses via Happy Eyeballs (CVE-2020-6750).
+ Several other Happy Eyeballs fixes for address resolution.
+ Fix parsing of full Julian day range from `$TZ` environment
variable.
+ Several race condition/crash fixes.
+ Bugs fixed: glgo#GNOME/GLib#1919, glgo#GNOME/GLib#1995,
glgo#GNOME/GLib#1999, glgo#GNOME/GLib!1323,
glgo#GNOME/GLib!1331, glgo#GNOME/GLib!1352,
glgo#GNOME/GLib!1361, glgo#GNOME/GLib!1365,
glgo#GNOME/GLib!1370, glgo#GNOME/GLib!1371.
+ Updated translations.
- No longer recommend -lang: supplements are in use
==== gnome-desktop ====
Version update (3.34.3 -> 3.34.4)
Subpackages: gnome-version libgnome-desktop-3-18 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0
- Update to version 3.34.4:
+ Don't use seccomp on riskv64.
+ Updated translations.
==== gnome-shell ====
Version update (3.34.3+0 -> 3.34.4)
- Update to version 3.34.4:
+ Switch screen-recorder back to VP8.
+ Updated translations.
==== gpg2 ====
- Fix build with GCC-10: [bsc#1160394]
* Always use EXTERN_UNLESS_MAIN_MODULE pattern
* In GCC-10, the default option -fcommon will change to -fno-common
- Add gpg2-gcc10-build-fno-common.patch
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Fix grub hangs after loading rogue image without valid signature for uefi
secure boot (bsc#1159102)
* grub2-verifiers-fix-system-freeze-if-verify-failed.patch
==== gtk3 ====
Version update (3.24.13+0 -> 3.24.14)
Subpackages: gtk3-data gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Update to version 3.24.14:
+ Fix the opaque region for windows on X11.
+ Theme:
- Fix flat buttons in backdrop.
- Make popovers look more similar to menus.
- Tweak checkbox & radiobutton appearance.
- Add general typography classes (heading, title-1, etc).
+ Language bindings: Fix annotations for
gtk_tree_model_sort_new_with_model.
+ Switch: Fix touch support.
+ Infobar: Make clickable for default action.
+ Emojichooser: Respect a no-emoji input hint.
+ Fontchooser: Fix an oversight with hiding the size label.
+ Filechooser: Disable recursive search without a system indexer.
+ Modelbutton: Fix a11y support to reflect button state.
+ Input: Fix touchpad gesture center calculation.
+ X11:
- Fix root window scaling.
- Support _GTK_WORKAREAS_Dn property.
+ Wayland:
- Support a terminal purpose in input methods.
- Fix preedit cursor positioning.
- Fix enabling/disabling of text inputs.
- Support simultaneous selection requests.
- Require Wayland 1.14.91.
+ Printing: Fix a crash with Avahi.
+ Updated translations.
==== kactivitymanagerd ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Replace plasma.kde.org with kde.org/plasma-desktop
==== kde-cli-tools5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fix compilation with KF 5.67
==== kde-user-manager ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Have user-manager write to SDDM's new config file (kde#342722)
==== kgamma5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== khotkeys5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kinfocenter5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* make sure ifa_addr isn't null (kde#417798)
* appdata: fix <lanchable>
* import currently used license copies for reuse compliance
* replace samba module with data that works (kde#411433,kde#374141,kde#325951)
==== kmenuedit5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kscreen5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* fix(kcm): use explicit Kirigami.Units over singleton from a theme (kde#417316)
==== kscreenlocker ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libKScreenLocker5
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== ksysguard5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kwayland-integration ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kwin5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fix misplaced client windows (kde#417584)
* [autotests] Make XWaylandInputTest more robust
* Provide input geometry and input transformation matrix for Xwayland clients (kde#417444)
* Return early if close button accepts input event (kde#415155)
* [libkwineffects] Detect more AMD GPUs with GFX9 (Vega) chips
* Require kdecoration >= 5.18.0
==== kwrited5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libcap ====
Version update (2.25 -> 2.32)
- Update to version 2.32:
* Bug fix for fakeroot incompatibility (boo#1162014)
* Slight perf improvement for cap_get_bound().
* C++ support for psx header inclusion.
* Some new testing features for capsh
- Update to version 2.31:
* primarily a documentation update
* fix libpam.pc to not require libpsx.pc
* changed the text format of the default output of getpcap
- Build using -ffat-lto-objects for static library
- Update to version 2.30:
* BUGFIX: arm and i386 fixes C and Go setgroups choice - used
wrong syscall in 2.29.
* cleaned up make clean and make install to actually work as
intended
* updated Gentoo libpsx.pc file from Lars Wendler
* refactored the way libpsx linkage with libcap performed mutual
discovery.
* Previously (2.28) libpsx had an API call overridden by libcap
using weak linkage function in libpsx. In 2.30 this is reversed,
namely libpsx provides the stronger function and libcap has a
weak "no-op" version.
* a bit more consistency in handling the 'all' sets in libcap
(C) and libcap/cap (Go). Namely, they both dynamically discover
the number of capabilities named by the kernel and use this as
the definition of 'all' for the current runtime.
+ libcap (C) exports cap_max_bit() to export the number of
supported capabilities
+ libcap/cap (Go) exports cap.MaxBits() for this same value.
- For changes for older releases see:
* https://sites.google.com/site/fullycapable/release-notes-for-libcap
- Add glibc-static-devel as build requirement as tests need it
- Install libpsx.a as it seems to be needed in some cases:
* https://bugs.gentoo.org/703912
==== libkdecoration2 ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libkdecorations2-5 libkdecorations2private7
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libkscreen2 ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libKF5Screen7 libkscreen2-plugin
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libksysguard5 ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libksysguard5-helper
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libssh ====
Subpackages: libssh-config libssh4
- Drop the hack to pull curl-mini: we moved the split a bit higher
up and now have a non-curl linked variant of cmake in
openSUSE:Factory.
==== milou5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== mutter ====
Version update (3.34.3+0 -> 3.34.4)
Subpackages: libmutter-5-0 mutter-data
- Update to version 3.34.4:
+ Handle mode set race conditions more gracefully.
+ Fix fallback to GLES2.
+ Fix interoperation with wl_data_device_manager v1.
+ Fix visual glitches with offscreen effects applied.
+ Favor text over images in clipboard manager.
+ Fixes crashes.
+ Plugged memory leaks.
+ Misc. bug fixes.
+ Updated translations.
==== ncurses ====
Version update (6.1 -> 6.2)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Add ncurses patch 20200215
+ improve manual page for panel library, extending the portability
section as well as documenting error-returns.
+ show tic's version when installing terminal database in run_tic.sh
+ correct check for gcc vs other compilers used in ncurses 6.0, from
FreeBSD patch by Kyle Evans (cf: 20150725).
+ add notes for 6.2 to INSTALL.
- Update to ncurses 6.2 (patch 20200212)
* Add 20200212 6.2 release for upload to ftp.gnu.org
+ update release notes
+ minor build-fixes, mostly to test-package scripts
* Add ncurses patch20200208
+ modify check for sizeof(wchar_t) to ensure it gives useful result
when cross-compiling.
+ drop assumption in configure script that Cygwin's linker is broken.
+ define NCURSES_BROKEN_LINKER if the broken-linker feature is used,
to simplify configure-checks for ncurses-examples.
* Add ncurses patch20200202
+ reassert copyright on ncurses, per discussion in ncurses FAQ:
https://invisible-island.net/ncurses/ncurses.faq.html#relicensed
* Add ncurses patch20200201
+ modify comparison in make_hash.c to correct a special case in
collision handling for Caps-hpux11
+ add testing utility report_hashing to check hash-tables used for
terminfo and termcap names.
+ fix a missing prototype for _nc_free_and_exit().
+ update a few comments about tack 1.07
+ use an awk script to split too-long pathnames used in Ada95 sample
programs for explain.txt
- Update to tack 1.9 (patch 20200202)
* Update copyright and license. Also, portability fixes.
- Adopt patch ncurses-5.7-tack.dif
- Adopt patch ncurses-6.1.dif which is now ncurses-6.2.dif
- Add ncurses patch 20200118
+ expanded description of XM in user_caps.5
+ improve xm example for xterm+x11mouse, xterm+sm+1006 -TD
+ add history section to curs_slk.3x and curs_terminfo.3x manpages.
+ update alacritty entries for 0.4.0 (prompted by patch by
Christian Durr) -TD
+ correct spelling errors found with codespell.
+ fix for test/configure, from xterm #352.
- Add ncurses patch 20200111
+ improve configure macros which check for the X11/Intrinsic.h header,
to accommodate recent MacOS changes.
+ suppress gcc's -Winline warning; it has not been useful for some time
+ update config.guess, config.sub
==== open-lldp ====
Subpackages: liblldp_clif1
- BuildRequire pkgconfig(systemd) instead of systemd directly:
allow OBS to shortcut through the -mini flavors.
==== permissions ====
Version update (1550_20200204 -> 1550_20200213)
Subpackages: chkstat permissions-config
- Update to version 20200213:
* remove obsolete/broken entries for rcp/rsh/rlogin
* chkstat: handle symlinks in final path elements correctly
* Revert "Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)""
* Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)"
==== plasma-nm5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fix crash when asking for a modem unlock (kde#417545)
==== plasma5-addons ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fixup the previous commit
* Replace plasma.kde.org with kde.org/plasma-desktop
==== plasma5-desktop ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* [desktoppackage] Fix layout when an applet has no custom config modules (kde#410770)
* Set toolbox to invisble when it's hidden (kde#416695)
* [kcm/standardactions] Don't register kcminit hook when we don't have one
* [KCM Fonts] force need save to false during load to avoid state to be true too early (kde#416358)
* Baloo KCM: Do not anchor fill ScrollView (kde#417437)
* [Styles KCM] Set style display name as window title (kde#417563)
* unlock widgets (kde#417424)
* Remove a typo in the previous commit
* Replace plasma.kde.org with kde.org/plasma-desktop
* [kcms/cursortheme] Don't skip everything because of lack of XFixes
* [Sessions KCM] Fix firmware setup
* [KSplash KCM] Fix ghns button label (kde#417224)
- Drop patches, now upstream:
* 0001-KCM-Fonts-force-need-save-to-false-during-load-to-av.patch
* 0001-unlock-widgets.patch
* Set-toolbox-to-invisible-when-its-hidden.patch
==== plasma5-integration ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE sddm-theme-openSUSE
- Update to 5.18.1
==== plasma5-pa ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== plasma5-workspace ====
Version update (5.18.0 -> 5.18.1)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* [kcms/feedback] Improve default kcmshell window size (kde#417747)
* Extract messages from header files as well (Thanks to Victor Ryzhykh)
* Remove downloadNewWhat usage
* Don't delay ksplash until the entire slideshow is loaded
* [Notifications] Only let details label grow, never shrink (kde#417489)
* [libtaskmanager] Fix shared VirtualDesktopInfo::Private tied to the 1st creator (kde#415200)
* [Background Finder] Create a valid invocation token
* Replace plasma.kde.org with kde.org/plasma-desktop
==== polkit-kde-agent-5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== popt ====
- fix URLs, rpm5.org is no more
==== powerdevil5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Prevent powerdevil from calling DPMS extension calls when DPMS extension isn't present
* fix FreeBSD compilation, Q_FOREACH -> for-range loop
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils
- Backport upstream fixes / enhancements about alsa modules:
mainly for UCM support (boo#1160914):
0001-alsa-mixer-path-test-Hide-unused-functions-when-buil.patch
0002-alsa-mixer-recognize-the-Speaker-Jack-control.patch
0003-alsa-mixer-add-support-for-SteelSeries-Arctis-Pro-20.patch
0004-alsa-mixer-Add-support-for-SteelSeries-Arctis-5-2019.patch
0005-alsa-mixer-add-support-for-LucidSound-LS31-and-creat.patch
0006-alsa-ucm-use-ucm2-name-for-the-direct-card-index-ope.patch
0007-alsa-ucm-add-mixer-IDs-to-ucm_items.patch
0008-alsa-mixer-handle-the-index-for-ALSA-mixer-element-i.patch
0009-alsa-mixer-improve-alsa_id_decode-function.patch
0010-alsa-ucm-Support-Playback-CaptureVolume.patch
0011-alsa-ucm-Fix-volume-control-based-on-review.patch
0012-alsa-ucm-use-the-correct-mixer-identifiers-as-first.patch
0013-alsa-ucm-add-support-for-master-volume.patch
0014-alsa-ucm-split-correctly-JackHWMute-device-names.patch
0015-alsa-ucm-fix-parsing-for-JackControl.patch
0016-alsa-ucm-add-comments-to-ucm_get_mixer_id.patch
0017-alsa-ucm-validate-access-to-PA_DEVICE_PORT_DATA.patch
0018-alsa-Skip-resume-PCM-if-hardware-doesn-t-support-it.patch
0019-alsa-ucm-parse-correctly-the-device-values.patch
0020-alsa-ucm-do-not-try-to-use-UCM-device-name-as-jack-n.patch
0021-alsa-util-do-not-try-to-guess-the-mixer-name-from-th.patch
0022-alsa-ucm-add-control-and-mixer-device-items.patch
0023-alsa-ucm-get-the-mixer-names-from-ucm-don-t-guess.patch
0024-alsa-ucm-use-the-proper-mixer-name-for-ucm-pcm-sink-.patch
0025-alsa-mixer-handle-interface-type-CARD-PCM-for-mixer-.patch
0026-alsa-mixer-Add-the-ability-to-pass-the-intended-role.patch
0027-alsa-mixer-Set-the-intended-role-of-Steelseries-Arct.patch
0028-alsa-rewrite-mixer-open-close-cache-mixer-accesses-i.patch
0029-alsa-ucm-add-support-for-HDMI-ELD.patch
0030-alsa-mixer-do-the-quick-card-number-lookup-to-save-m.patch
0031-alsa-mixer-improve-check-for-the-empty-path-set-for-.patch
0032-alsa-ucm-allow-to-set-profile-priority-from-UCM-valu.patch
==== python-pyOpenSSL ====
Version update (19.0.0 -> 19.1.0)
- Update to v19.1
* Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType,
X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType.
Use the classes without the ``Type`` suffix instead.
* The minimum ``cryptography`` version is now 2.8
* Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback,
OpenSSL.SSL.Context.set_npn_select_callback, and
OpenSSL.SSL.Connection.get_next_proto_negotiated
ALPN should be used instead.
* Support bytearray in SSL.Connection.send() by using cffi's from_buffer
* The OpenSSL.SSL.Context.set_alpn_select_callback can return a new
NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake
to complete without an application protocol.
==== re2 ====
- Small spec file update
==== readline ====
- Add official patch readline80-002
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch readline80-003
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch readline80-004
If writing the history file fails, and renaming the backup history file fails,
it's possible for readline's history code to return the wrong error to its
caller.
==== systemsettings5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* [sidebar] Resolve changes in module before switching (kde#416834)
==== tracker ====
Version update (2.3.1 -> 2.3.2)
Subpackages: libtracker-common-2_0 libtracker-control-2_0-0 libtracker-miner-2_0-0 libtracker-sparql-2_0-0
- Update to version 2.3.2:
+ Location info for photos is now inserted into the DB. It didn't
work before as we failed to process SPARQL "blank nodes"
correctly.
+ Fix for oversensitive FTS5 index corruption detection.
+ Updated translations.
==== tracker-miners ====
Version update (2.3.1 -> 2.3.2)
Subpackages: tracker-miner-files
- Update to version 2.3.2:
+ Blocked parsing of image/x-dds image files, which were
previously being passed to GStreamer and triggering system
lockups for some people.
+ Fixed incorrect MIME type for .raw images, which were
previously being passed to GStreamer and triggering system
lockups for some people.
+ Improved how the MP3 extractor calculates durations of variable
bitrate MP3s, which fixes incorrect durations being shown in
GNOME Music.
+ Fixed a bug in the GStreamer writeback module.
+ Fix race condition that might leave tracker-miner-fs paused
after a writeback operation.
+ Updated translations.
==== webkit2gtk3 ====
Version update (2.26.3 -> 2.26.4)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Add webkit2gtk3-ppc-build-fix.patch: fix ppc64le build failure on
SLE 15.
- Update to version 2.26.4 (boo#1163809):
+ Always use a light theme for rendering form controls.
+ Fix the build with WPE renderer disabled.
+ Fix the build with OpenGL disabled.
+ Fix the build with GCC 10.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865,
CVE-2020-3867, CVE-2020-3868.
==== xdg-desktop-portal-kde ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* PipeWire: set stream and offset information for the buffer
* Properly combine pipewire and spa includes
* Properly search for PipeWire libs
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (19.3.3 -> 19.3.4)
Mesa-drivers (19.3.3 -> 19.3.4)
NetworkManager (1.22.6 -> 1.22.8)
alsa
bash
bluedevil5 (5.17.90 -> 5.18.1)
breeze (5.18.0 -> 5.18.1)
cloud-init
conmon
createrepo_c (0.15.6 -> 0.15.7)
curl
discover (5.18.0 -> 5.18.1)
drkonqi5 (5.18.0 -> 5.18.1)
file-roller (3.32.3 -> 3.32.4)
flatpak
gjs (1.58.4 -> 1.58.5)
glib2 (2.62.4 -> 2.62.5)
gnome-desktop (3.34.3 -> 3.34.4)
gnome-shell (3.34.3+0 -> 3.34.4)
gpg2
grub2
gtk3 (3.24.13+0 -> 3.24.14)
k9s (0.13.0 -> 0.15.2)
kactivitymanagerd (5.18.0 -> 5.18.1)
kde-cli-tools5 (5.18.0 -> 5.18.1)
kde-user-manager (5.18.0 -> 5.18.1)
kgamma5 (5.18.0 -> 5.18.1)
khotkeys5 (5.18.0 -> 5.18.1)
kinfocenter5 (5.18.0 -> 5.18.1)
kmenuedit5 (5.18.0 -> 5.18.1)
kscreen5 (5.18.0 -> 5.18.1)
kscreenlocker (5.18.0 -> 5.18.1)
ksysguard5 (5.18.0 -> 5.18.1)
kwayland-integration (5.18.0 -> 5.18.1)
kwin5 (5.18.0 -> 5.18.1)
kwrited5 (5.18.0 -> 5.18.1)
libcap (2.25 -> 2.32)
libkdecoration2 (5.18.0 -> 5.18.1)
libkscreen2 (5.18.0 -> 5.18.1)
libksysguard5 (5.18.0 -> 5.18.1)
libssh
milou5 (5.18.0 -> 5.18.1)
mutter (3.34.3+0 -> 3.34.4)
ncurses (6.1 -> 6.2)
open-lldp
permissions (1550_20200204 -> 1550_20200213)
plasma-nm5 (5.18.0 -> 5.18.1)
plasma5-addons (5.18.0 -> 5.18.1)
plasma5-desktop (5.18.0 -> 5.18.1)
plasma5-integration (5.18.0 -> 5.18.1)
plasma5-openSUSE
plasma5-pa (5.18.0 -> 5.18.1)
plasma5-workspace (5.18.0 -> 5.18.1)
polkit-kde-agent-5 (5.18.0 -> 5.18.1)
popt
powerdevil5 (5.18.0 -> 5.18.1)
pulseaudio
python-pyOpenSSL (19.0.0 -> 19.1.0)
rdma-core
re2
readline
rook (1.2.2+git0.g73593a1b -> 1.2.4+git9.gd747507e)
systemsettings5 (5.18.0 -> 5.18.1)
tracker (2.3.1 -> 2.3.2)
tracker-miners (2.3.1 -> 2.3.2)
webkit2gtk3 (2.26.3 -> 2.26.4)
xdg-desktop-portal-kde (5.18.0 -> 5.18.1)
=== Details ===
==== Mesa ====
Version update (19.3.3 -> 19.3.4)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- use 7G disk constraints also for x86_64 and i586 (bsc#1164488)
- only use 'BuildRequires:llvm-devel >= 9.0.0' for TW/factory; for
older products still use 'BuildRequires: llvm9-devel'; fixed
build on openSUSE Leap 15.2
- Update to version 19.3.4
* changes all over the tree, but aco and anv are leading the
way in changes
- supersedes u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch
==== Mesa-drivers ====
Version update (19.3.3 -> 19.3.4)
Subpackages: Mesa-dri Mesa-gallium
- use 7G disk constraints also for x86_64 and i586 (bsc#1164488)
- only use 'BuildRequires:llvm-devel >= 9.0.0' for TW/factory; for
older products still use 'BuildRequires: llvm9-devel'; fixed
build on openSUSE Leap 15.2
- Update to version 19.3.4
* changes all over the tree, but aco and anv are leading the
way in changes
- supersedes u_Revert_gallium_Fix_big-endian_addressing_of_non-bitmask_array_formats.patch
==== NetworkManager ====
Version update (1.22.6 -> 1.22.8)
Subpackages: libnm0 typelib-1_0-NM-1_0
- Update to version 1.22.8:
+ Added configuration option to customize IPv6 RA timeout.
+ Internal DHCP client will now request a lease renewal using the
previously obtained IP address when expired.
+ Removed length limitation for OVS Bridge, Patches and
Interfaces (only Patch types) names.
+ Fixed initialization of 'secs' DHCP header field, this caused
some DHCP relays to drop packets.
+ Fixed failure when creating team interfaces using 'nmstate'.
+ Various bug fixes and improvements.
==== alsa ====
- Backport upstream fixes:
ucm-parser fixes and enhancements, configure script cleanup,
fixes of 5.6 kernel ABI, O_CLOEXEC flag fix:
0064-ucm-parser-cosmetic-fixes-in-the-comments.patch
0065-configure.ac-remove-an-unnecessary-libtool-fix.patch
0066-ucm-parser-use-correct-filename-in-parser_master_fil.patch
0067-ucm-the-ucm2-subdirectory-is-driver-name-based.patch
0068-ucm-implement-RenameDevice-and-RemoveDevice-verb-man.patch
0069-ucm-fill-missing-device-entries-conflicting-supporte.patch
0070-control-Remove-access-to-the-deprecated-dimen-fields.patch
0071-topology-Drop-SNDRV_CTL_ELEM_ACCESS_TIMESTAMP-access.patch
0072-uapi-Sync-with-5.6-kernel-ABI.patch
0073-ucm-parser-add-error-message-to-verb_dev_list_add.patch
0074-do-not-set-close-on-exec-flag-on-descriptor-if-it-wa.patch
==== bash ====
- Add official patch bash50-012
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch bash50-013
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch bash50-014
If the current line is empty, using the emacs C-xC-e binding to enter the
editor will edit the previous command instead of the current (empty) one.
- Add official patch bash50-015
If alias expansion is enabled when processing the command argument to the
`-c' option, an alias is defined in that command, and the command ends with
the invocation of that alias, the shell's command parser can prematurely
terminate before the entire command is executed.
- Add official patch bash50-016
Bash waits too long to reap /dev/fd process substitutions used as redirections
with loops and group commands, which can lead to file descriptor exhaustion.
==== bluedevil5 ====
Version update (5.17.90 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
- Update to 5.18.0
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.0.php
- No code changes since 5.17.90
- Replace %make_jobs with %cmake_build
==== breeze ====
Version update (5.18.0 -> 5.18.1)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-wallpapers libbreezecommon5-5
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Add missing cursors for Chromium-based apps
==== cloud-init ====
- Add cloud-init-long-pass.patch (bsc#1162936, CVE-2020-8632)
+ Increase the default length of generated passwords
- Add cloud-init-use-different-random-src.diff (bsc#1162937, CVE-2020-8631)
+ Use non-deterministic generator for password generation.
- Update cloud-init-write-routes.patch (bsc#1163178)
+ Entries in the routes definition have changed causing a traceback
during rout config file writing. This patch update addresses the
issue by extracting the new entries properly.
==== conmon ====
- Update to v2.0.10 (bsc#1160460, bsc#1164390, jsc#ECO-1048,
jsc#SLE-11485, jsc#SLE-11331):
- journal logging: write to /dev/null instead of -1
- Add TimedOutMessage to config to share with go code
- Fix format string to limit the size of the string to 10
characters
- Persist oom files on cgroup v2
- Revert the check for the OOM counter on cgroups v1 before
writing OOM file
- Add --persist-dir flag to allow important container files to be
written to a persistent directory
- Check OOM counter on cgroups v1 before writing OOM file
- Use splice(2) to copy from stdin
- Kill the process group on timeout
- Add --persist-dir to allow callers to specify a directory that
conmon should mirror certain important files that should persist
reboots (right now, just the container exit file)
- Fix tight loop on OOM
- Add log level trace
- Separate handling of log reopen events and terminal resize events
- Add CONN_SOCK_BUF_SIZE to config
- Fix bug to close the sync pipe before exit command
- Set masterfd_stdout before registering ctrl_cb
- Upstream has an actual description, use it instead of just
duplicating the summary again.
- Use `%make_build` macro instead of `%{__make}`
- Use `%make_install` macro instead of `%{__make} install`
- Use `%{_bindir}` macro instead of `%{_usr}/bin`
- Change `PREFIX` to not contain `%{buildroot}` and use the
`$DESTDIR` variable
- Initial release v2.0.0
==== createrepo_c ====
Version update (0.15.6 -> 0.15.7)
Subpackages: libcreaterepo_c0 python3-createrepo_c
- Update to 0.15.7
+ Add relogin_suggested to updatecollectionpackage (rh#1779751)
+ Support issued date in epoch format in Python API (rh#1779751)
==== curl ====
Subpackages: libcurl4
- Eliminate curl-mini: The reason for this to exist was that cmake
pulled in curl into too many places, causing build cycles. A new
cmake-mini was generated, eliminating that need.
==== discover ====
Version update (5.18.0 -> 5.18.1)
Subpackages: discover-backend-flatpak
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* pk: make sure we get the local package details
* Simplify UI logic
* Fix typo
* pk: list codecs as addons
* Don't offer to show more when there's not more to show (kde#417290)
* remove warning when there's no kuserfeedback
* snap: mark transactions as cancelled when we cancel them
* Don't escape search text in search page title (kde#416781)
* Use real Kirigami Separators instead of blue rectangles
==== drkonqi5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== file-roller ====
Version update (3.32.3 -> 3.32.4)
- Update to version 3.32.4:
+ Updated translations.
==== flatpak ====
Subpackages: libflatpak0 system-user-flatpak typelib-1_0-Flatpak-1_0
- Drop obsolete _servicedata file.
==== gjs ====
Version update (1.58.4 -> 1.58.5)
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0
- Update to version 1.58.5:
+ Can not access GObject properties of classes without
GI information.
==== glib2 ====
Version update (2.62.4 -> 2.62.5)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 libgthread-2_0-0
- Update to version 2.62.5:
+ Fix potential relative read when calling g_printerr(), which
could lead to a denial of service from a setuid-root process
being used to block access to the TTY for another user.
+ Fix SOCKS proxy resolver sometimes not being used when
resolving addresses via Happy Eyeballs (CVE-2020-6750).
+ Several other Happy Eyeballs fixes for address resolution.
+ Fix parsing of full Julian day range from `$TZ` environment
variable.
+ Several race condition/crash fixes.
+ Bugs fixed: glgo#GNOME/GLib#1919, glgo#GNOME/GLib#1995,
glgo#GNOME/GLib#1999, glgo#GNOME/GLib!1323,
glgo#GNOME/GLib!1331, glgo#GNOME/GLib!1352,
glgo#GNOME/GLib!1361, glgo#GNOME/GLib!1365,
glgo#GNOME/GLib!1370, glgo#GNOME/GLib!1371.
+ Updated translations.
- No longer recommend -lang: supplements are in use
==== gnome-desktop ====
Version update (3.34.3 -> 3.34.4)
Subpackages: gnome-version libgnome-desktop-3-18 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0
- Update to version 3.34.4:
+ Don't use seccomp on riskv64.
+ Updated translations.
==== gnome-shell ====
Version update (3.34.3+0 -> 3.34.4)
- Update to version 3.34.4:
+ Switch screen-recorder back to VP8.
+ Updated translations.
==== gpg2 ====
- Fix build with GCC-10: [bsc#1160394]
* Always use EXTERN_UNLESS_MAIN_MODULE pattern
* In GCC-10, the default option -fcommon will change to -fno-common
- Add gpg2-gcc10-build-fno-common.patch
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Fix grub hangs after loading rogue image without valid signature for uefi
secure boot (bsc#1159102)
* grub2-verifiers-fix-system-freeze-if-verify-failed.patch
==== gtk3 ====
Version update (3.24.13+0 -> 3.24.14)
Subpackages: gtk3-data gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Update to version 3.24.14:
+ Fix the opaque region for windows on X11.
+ Theme:
- Fix flat buttons in backdrop.
- Make popovers look more similar to menus.
- Tweak checkbox & radiobutton appearance.
- Add general typography classes (heading, title-1, etc).
+ Language bindings: Fix annotations for
gtk_tree_model_sort_new_with_model.
+ Switch: Fix touch support.
+ Infobar: Make clickable for default action.
+ Emojichooser: Respect a no-emoji input hint.
+ Fontchooser: Fix an oversight with hiding the size label.
+ Filechooser: Disable recursive search without a system indexer.
+ Modelbutton: Fix a11y support to reflect button state.
+ Input: Fix touchpad gesture center calculation.
+ X11:
- Fix root window scaling.
- Support _GTK_WORKAREAS_Dn property.
+ Wayland:
- Support a terminal purpose in input methods.
- Fix preedit cursor positioning.
- Fix enabling/disabling of text inputs.
- Support simultaneous selection requests.
- Require Wayland 1.14.91.
+ Printing: Fix a crash with Avahi.
+ Updated translations.
==== k9s ====
Version update (0.13.0 -> 0.15.2)
- Update to version 0.15.2
- Many bug fixes
- Many new features
==== kactivitymanagerd ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Replace plasma.kde.org with kde.org/plasma-desktop
==== kde-cli-tools5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fix compilation with KF 5.67
==== kde-user-manager ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Have user-manager write to SDDM's new config file (kde#342722)
==== kgamma5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== khotkeys5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kinfocenter5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* make sure ifa_addr isn't null (kde#417798)
* appdata: fix <lanchable>
* import currently used license copies for reuse compliance
* replace samba module with data that works (kde#411433,kde#374141,kde#325951)
==== kmenuedit5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kscreen5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* fix(kcm): use explicit Kirigami.Units over singleton from a theme (kde#417316)
==== kscreenlocker ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libKScreenLocker5
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== ksysguard5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kwayland-integration ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== kwin5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fix misplaced client windows (kde#417584)
* [autotests] Make XWaylandInputTest more robust
* Provide input geometry and input transformation matrix for Xwayland clients (kde#417444)
* Return early if close button accepts input event (kde#415155)
* [libkwineffects] Detect more AMD GPUs with GFX9 (Vega) chips
* Require kdecoration >= 5.18.0
==== kwrited5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libcap ====
Version update (2.25 -> 2.32)
- Update to version 2.32:
* Bug fix for fakeroot incompatibility (boo#1162014)
* Slight perf improvement for cap_get_bound().
* C++ support for psx header inclusion.
* Some new testing features for capsh
- Update to version 2.31:
* primarily a documentation update
* fix libpam.pc to not require libpsx.pc
* changed the text format of the default output of getpcap
- Build using -ffat-lto-objects for static library
- Update to version 2.30:
* BUGFIX: arm and i386 fixes C and Go setgroups choice - used
wrong syscall in 2.29.
* cleaned up make clean and make install to actually work as
intended
* updated Gentoo libpsx.pc file from Lars Wendler
* refactored the way libpsx linkage with libcap performed mutual
discovery.
* Previously (2.28) libpsx had an API call overridden by libcap
using weak linkage function in libpsx. In 2.30 this is reversed,
namely libpsx provides the stronger function and libcap has a
weak "no-op" version.
* a bit more consistency in handling the 'all' sets in libcap
(C) and libcap/cap (Go). Namely, they both dynamically discover
the number of capabilities named by the kernel and use this as
the definition of 'all' for the current runtime.
+ libcap (C) exports cap_max_bit() to export the number of
supported capabilities
+ libcap/cap (Go) exports cap.MaxBits() for this same value.
- For changes for older releases see:
* https://sites.google.com/site/fullycapable/release-notes-for-libcap
- Add glibc-static-devel as build requirement as tests need it
- Install libpsx.a as it seems to be needed in some cases:
* https://bugs.gentoo.org/703912
==== libkdecoration2 ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libkdecorations2-5 libkdecorations2private7
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libkscreen2 ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libKF5Screen7 libkscreen2-plugin
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libksysguard5 ====
Version update (5.18.0 -> 5.18.1)
Subpackages: libksysguard5-helper
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== libssh ====
Subpackages: libssh-config libssh4
- Drop the hack to pull curl-mini: we moved the split a bit higher
up and now have a non-curl linked variant of cmake in
openSUSE:Factory.
==== milou5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== mutter ====
Version update (3.34.3+0 -> 3.34.4)
Subpackages: libmutter-5-0 mutter-data
- Update to version 3.34.4:
+ Handle mode set race conditions more gracefully.
+ Fix fallback to GLES2.
+ Fix interoperation with wl_data_device_manager v1.
+ Fix visual glitches with offscreen effects applied.
+ Favor text over images in clipboard manager.
+ Fixes crashes.
+ Plugged memory leaks.
+ Misc. bug fixes.
+ Updated translations.
==== ncurses ====
Version update (6.1 -> 6.2)
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Add ncurses patch 20200215
+ improve manual page for panel library, extending the portability
section as well as documenting error-returns.
+ show tic's version when installing terminal database in run_tic.sh
+ correct check for gcc vs other compilers used in ncurses 6.0, from
FreeBSD patch by Kyle Evans (cf: 20150725).
+ add notes for 6.2 to INSTALL.
- Update to ncurses 6.2 (patch 20200212)
* Add 20200212 6.2 release for upload to ftp.gnu.org
+ update release notes
+ minor build-fixes, mostly to test-package scripts
* Add ncurses patch20200208
+ modify check for sizeof(wchar_t) to ensure it gives useful result
when cross-compiling.
+ drop assumption in configure script that Cygwin's linker is broken.
+ define NCURSES_BROKEN_LINKER if the broken-linker feature is used,
to simplify configure-checks for ncurses-examples.
* Add ncurses patch20200202
+ reassert copyright on ncurses, per discussion in ncurses FAQ:
https://invisible-island.net/ncurses/ncurses.faq.html#relicensed
* Add ncurses patch20200201
+ modify comparison in make_hash.c to correct a special case in
collision handling for Caps-hpux11
+ add testing utility report_hashing to check hash-tables used for
terminfo and termcap names.
+ fix a missing prototype for _nc_free_and_exit().
+ update a few comments about tack 1.07
+ use an awk script to split too-long pathnames used in Ada95 sample
programs for explain.txt
- Update to tack 1.9 (patch 20200202)
* Update copyright and license. Also, portability fixes.
- Adopt patch ncurses-5.7-tack.dif
- Adopt patch ncurses-6.1.dif which is now ncurses-6.2.dif
- Add ncurses patch 20200118
+ expanded description of XM in user_caps.5
+ improve xm example for xterm+x11mouse, xterm+sm+1006 -TD
+ add history section to curs_slk.3x and curs_terminfo.3x manpages.
+ update alacritty entries for 0.4.0 (prompted by patch by
Christian Durr) -TD
+ correct spelling errors found with codespell.
+ fix for test/configure, from xterm #352.
- Add ncurses patch 20200111
+ improve configure macros which check for the X11/Intrinsic.h header,
to accommodate recent MacOS changes.
+ suppress gcc's -Winline warning; it has not been useful for some time
+ update config.guess, config.sub
==== open-lldp ====
Subpackages: liblldp_clif1
- BuildRequire pkgconfig(systemd) instead of systemd directly:
allow OBS to shortcut through the -mini flavors.
==== permissions ====
Version update (1550_20200204 -> 1550_20200213)
Subpackages: chkstat permissions-config
- Update to version 20200213:
* remove obsolete/broken entries for rcp/rsh/rlogin
* chkstat: handle symlinks in final path elements correctly
* Revert "Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)""
* Revert "mariadb: settings for new auth_pam_tool (bsc#1160285)"
==== plasma-nm5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fix crash when asking for a modem unlock (kde#417545)
==== plasma5-addons ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Fixup the previous commit
* Replace plasma.kde.org with kde.org/plasma-desktop
==== plasma5-desktop ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* [desktoppackage] Fix layout when an applet has no custom config modules (kde#410770)
* Set toolbox to invisble when it's hidden (kde#416695)
* [kcm/standardactions] Don't register kcminit hook when we don't have one
* [KCM Fonts] force need save to false during load to avoid state to be true too early (kde#416358)
* Baloo KCM: Do not anchor fill ScrollView (kde#417437)
* [Styles KCM] Set style display name as window title (kde#417563)
* unlock widgets (kde#417424)
* Remove a typo in the previous commit
* Replace plasma.kde.org with kde.org/plasma-desktop
* [kcms/cursortheme] Don't skip everything because of lack of XFixes
* [Sessions KCM] Fix firmware setup
* [KSplash KCM] Fix ghns button label (kde#417224)
- Drop patches, now upstream:
* 0001-KCM-Fonts-force-need-save-to-false-during-load-to-av.patch
* 0001-unlock-widgets.patch
* Set-toolbox-to-invisible-when-its-hidden.patch
==== plasma5-integration ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE sddm-theme-openSUSE
- Update to 5.18.1
==== plasma5-pa ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== plasma5-workspace ====
Version update (5.18.0 -> 5.18.1)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* [kcms/feedback] Improve default kcmshell window size (kde#417747)
* Extract messages from header files as well (Thanks to Victor Ryzhykh)
* Remove downloadNewWhat usage
* Don't delay ksplash until the entire slideshow is loaded
* [Notifications] Only let details label grow, never shrink (kde#417489)
* [libtaskmanager] Fix shared VirtualDesktopInfo::Private tied to the 1st creator (kde#415200)
* [Background Finder] Create a valid invocation token
* Replace plasma.kde.org with kde.org/plasma-desktop
==== polkit-kde-agent-5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- No code changes since 5.18.0
==== popt ====
- fix URLs, rpm5.org is no more
==== powerdevil5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* Prevent powerdevil from calling DPMS extension calls when DPMS extension isn't present
* fix FreeBSD compilation, Q_FOREACH -> for-range loop
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils
- Backport upstream fixes / enhancements about alsa modules:
mainly for UCM support (boo#1160914):
0001-alsa-mixer-path-test-Hide-unused-functions-when-buil.patch
0002-alsa-mixer-recognize-the-Speaker-Jack-control.patch
0003-alsa-mixer-add-support-for-SteelSeries-Arctis-Pro-20.patch
0004-alsa-mixer-Add-support-for-SteelSeries-Arctis-5-2019.patch
0005-alsa-mixer-add-support-for-LucidSound-LS31-and-creat.patch
0006-alsa-ucm-use-ucm2-name-for-the-direct-card-index-ope.patch
0007-alsa-ucm-add-mixer-IDs-to-ucm_items.patch
0008-alsa-mixer-handle-the-index-for-ALSA-mixer-element-i.patch
0009-alsa-mixer-improve-alsa_id_decode-function.patch
0010-alsa-ucm-Support-Playback-CaptureVolume.patch
0011-alsa-ucm-Fix-volume-control-based-on-review.patch
0012-alsa-ucm-use-the-correct-mixer-identifiers-as-first.patch
0013-alsa-ucm-add-support-for-master-volume.patch
0014-alsa-ucm-split-correctly-JackHWMute-device-names.patch
0015-alsa-ucm-fix-parsing-for-JackControl.patch
0016-alsa-ucm-add-comments-to-ucm_get_mixer_id.patch
0017-alsa-ucm-validate-access-to-PA_DEVICE_PORT_DATA.patch
0018-alsa-Skip-resume-PCM-if-hardware-doesn-t-support-it.patch
0019-alsa-ucm-parse-correctly-the-device-values.patch
0020-alsa-ucm-do-not-try-to-use-UCM-device-name-as-jack-n.patch
0021-alsa-util-do-not-try-to-guess-the-mixer-name-from-th.patch
0022-alsa-ucm-add-control-and-mixer-device-items.patch
0023-alsa-ucm-get-the-mixer-names-from-ucm-don-t-guess.patch
0024-alsa-ucm-use-the-proper-mixer-name-for-ucm-pcm-sink-.patch
0025-alsa-mixer-handle-interface-type-CARD-PCM-for-mixer-.patch
0026-alsa-mixer-Add-the-ability-to-pass-the-intended-role.patch
0027-alsa-mixer-Set-the-intended-role-of-Steelseries-Arct.patch
0028-alsa-rewrite-mixer-open-close-cache-mixer-accesses-i.patch
0029-alsa-ucm-add-support-for-HDMI-ELD.patch
0030-alsa-mixer-do-the-quick-card-number-lookup-to-save-m.patch
0031-alsa-mixer-improve-check-for-the-empty-path-set-for-.patch
0032-alsa-ucm-allow-to-set-profile-priority-from-UCM-valu.patch
==== python-pyOpenSSL ====
Version update (19.0.0 -> 19.1.0)
- Update to v19.1
* Removed deprecated aliases ContextType, ConnectionType, PKeyType, X509NameType,
X509ReqType, X509Type, X509StoreType, CRLType, PKCS7Type, PKCS12Type, and NetscapeSPKIType.
Use the classes without the ``Type`` suffix instead.
* The minimum ``cryptography`` version is now 2.8
* Deprecated ``OpenSSL.SSL.Context.set_npn_advertise_callback,
OpenSSL.SSL.Context.set_npn_select_callback, and
OpenSSL.SSL.Connection.get_next_proto_negotiated
ALPN should be used instead.
* Support bytearray in SSL.Connection.send() by using cffi's from_buffer
* The OpenSSL.SSL.Context.set_alpn_select_callback can return a new
NO_OVERLAPPING_PROTOCOLS sentinel value to allow a TLS handshake
to complete without an application protocol.
==== rdma-core ====
Subpackages: libefa1 libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1
- Eliminate the curl-mini trickery for Tumbleweed: curl-mini is
being eliminated in favor of cmake-mini: the original plan to
split the cycle at curl did not work out in the long run.
==== re2 ====
- Small spec file update
==== readline ====
- Add official patch readline80-002
When using previous-history to go back beyond the beginning of the history list,
it's possible to move to an incorrect partial line.
- Add official patch readline80-003
Reading history entries with timestamps can result in history entries joined
by linefeeds.
- Add official patch readline80-004
If writing the history file fails, and renaming the backup history file fails,
it's possible for readline's history code to return the wrong error to its
caller.
==== rook ====
Version update (1.2.2+git0.g73593a1b -> 1.2.4+git9.gd747507e)
- ceph: populate CSI configmap for external cluster
- Update to v1.2.4:
* Stop garbage collector from deleting the CSI driver unexpectedly (#4820)
* Upgrade legacy OSDs created with partitions created by Rook (#4799)
* Ability to set the pool target_size_ratio (#4803)
* Improve detection of drain-canaries and log significant nodedrain scheduling events (#4679)
* Sort flexvolume docs and update for kubespray (#4747)
* Add OpenShift common issues documentation (#4764)
* Improved integration test when cleaning devices (#4796)
==== systemsettings5 ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* [sidebar] Resolve changes in module before switching (kde#416834)
==== tracker ====
Version update (2.3.1 -> 2.3.2)
Subpackages: libtracker-common-2_0 libtracker-control-2_0-0 libtracker-miner-2_0-0 libtracker-sparql-2_0-0
- Update to version 2.3.2:
+ Location info for photos is now inserted into the DB. It didn't
work before as we failed to process SPARQL "blank nodes"
correctly.
+ Fix for oversensitive FTS5 index corruption detection.
+ Updated translations.
==== tracker-miners ====
Version update (2.3.1 -> 2.3.2)
Subpackages: tracker-miner-files
- Update to version 2.3.2:
+ Blocked parsing of image/x-dds image files, which were
previously being passed to GStreamer and triggering system
lockups for some people.
+ Fixed incorrect MIME type for .raw images, which were
previously being passed to GStreamer and triggering system
lockups for some people.
+ Improved how the MP3 extractor calculates durations of variable
bitrate MP3s, which fixes incorrect durations being shown in
GNOME Music.
+ Fixed a bug in the GStreamer writeback module.
+ Fix race condition that might leave tracker-miner-fs paused
after a writeback operation.
+ Updated translations.
==== webkit2gtk3 ====
Version update (2.26.3 -> 2.26.4)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Add webkit2gtk3-ppc-build-fix.patch: fix ppc64le build failure on
SLE 15.
- Update to version 2.26.4 (boo#1163809):
+ Always use a light theme for rendering form controls.
+ Fix the build with WPE renderer disabled.
+ Fix the build with OpenGL disabled.
+ Fix the build with GCC 10.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2020-3862, CVE-2020-3864, CVE-2020-3865,
CVE-2020-3867, CVE-2020-3868.
==== xdg-desktop-portal-kde ====
Version update (5.18.0 -> 5.18.1)
- Update to 5.18.1
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.1.php
- Changes since 5.18.0:
* PipeWire: set stream and offset information for the buffer
* Properly combine pipewire and spa includes
* Properly search for PipeWire libs
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
baloo5
kcmutils
toolbox (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
=== Details ===
==== baloo5 ====
Subpackages: baloo5-imports baloo5-kioslaves libKF5Baloo5 libKF5BalooEngine5
- Fix FileIndexScheduler being stuck after suspending it:
0001-FileIndexScheduler-Force-evaluation-of-indexerState-.patch
- Add Sync-IndexerConfig-on-exit.patch to fix settings not getting
saved (kde#417127)
==== kcmutils ====
- Add Check-activeModule-before-using-it.patch to fix crash when
opening Kontact's settings (kde#417396)
==== toolbox ====
Version update (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
- Update to version 1.0+git20200217.cd18bfb:
* Multiple toolboxes, with different names
* Configure `sudo` access for an user toolbox
* Correctly setup the user
* Add -u|--user parameter
* Handle arguments with 'getopt'
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
baloo5
kail (0.13.0 -> 0.14.2)
kcmutils
toolbox (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
=== Details ===
==== baloo5 ====
Subpackages: baloo5-imports baloo5-kioslaves libKF5Baloo5 libKF5BalooEngine5
- Fix FileIndexScheduler being stuck after suspending it:
0001-FileIndexScheduler-Force-evaluation-of-indexerState-.patch
- Add Sync-IndexerConfig-on-exit.patch to fix settings not getting
saved (kde#417127)
==== kail ====
Version update (0.13.0 -> 0.14.2)
- Update to version 0.14.2
- Capture logs from terminated containers
- Update vendor.tar.gz
==== kcmutils ====
- Add Check-activeModule-before-using-it.patch to fix crash when
opening Kontact's settings (kde#417396)
==== toolbox ====
Version update (1.0+git20191014.3034fbc -> 1.0+git20200217.cd18bfb)
- Update to version 1.0+git20200217.cd18bfb:
* Multiple toolboxes, with different names
* Configure `sudo` access for an user toolbox
* Correctly setup the user
* Add -u|--user parameter
* Handle arguments with 'getopt'
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
libinput
libzypp (17.22.0 -> 17.22.1)
microos-tools (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
plasma5-pk-updates
tallow (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
vim (8.2.0200 -> 8.2.0257)
=== Details ===
==== libinput ====
- Fix invalid RPM groups.
==== libzypp ====
Version update (17.22.0 -> 17.22.1)
- update translations
- Replace mongoose/webrick with nginx in test suite.
This patch makes use of nginx to replace the current WebServer
mongoose implementation. Also adds support for registering
callback functions for certain URL requests via FCGI, making it
possible to mock HTTP responses and test more complex HTTP setups.
- boost: Fix deprecated auto_unit_test.hpp includes.
- Disable zchunk on Leap-15.0 and SLE15-* while there is no libzck.
- Fix decision whether to download ZCHUNK files.
libzypp and libsolv must both be able to read the format.
- version 17.22.1 (22)
==== microos-tools ====
Version update (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
- Update to version 1.0+git20200214.c7654a7:
* Remove btrfsQuota, snapper list provides now the same informations
* Adjust README.md
==== plasma5-pk-updates ====
- Update german translations to remove a superfluous fullstop
(kde#386751)
==== tallow ====
Version update (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
- Update to version 21+git20200213.865ec91:
* Add tallow.patterns man page
* Add extra path for firewall-cmd
- Drop 0001-Add-extra-path-for-firewall-cmd.patch, accepted upstream
==== vim ====
Version update (8.2.0200 -> 8.2.0257)
Subpackages: vim-data-common
- Updated to version 8.2.0257, fixes the following problems
* Vim9 script commands not sufficiently tested.
* Cannot assign to an imported variable.
* When 'lazyredraw' is set the window title may not be updated.
* :helptags and some other functionality not tested.
* Crash when using winnr('j') in a popup window.
* Error code E899 used twice.
* Calling Vim9 function using default argument fails.
* Crash when missing member type on list argument.
* Fnamemodify() does not apply ":~" when followed by ":.".
* Function a bit far away from where it's used.
* Coverity complains about uninitialized field.
* Test for ANSI colors fails without an "ls" command.
* Missing search/substitute pattern hardly tested.
* Configure does not recognize gcc 10.0 and later.
* A popup window with a terminal can be made hidden.
* Wrong file name shortening. (Ingo Karkat)
* Several Vim9 instructions are not tested.
* Terminal test fails on Mac.
* Several Vim9 instructions are not tested.
* Terminal test still fails on Mac.
* Terminal test did pass on Mac.
* No test for Vim9 += and ..=.
* Vim9: optional function arguments don't work yet.
* Some instructions not yet tested.
* compiling :elseif not tested yet.
* compiling lambda not tested yet.
* Compiling for loop not tested.
* Compiling a few instructions not tested.
* Configure does not recognize gcc version on BSD.
* Compare instructions not tested.
* Terminal popup test is flaky.
* Silent system command may clear the screen.
* The :compiler command causes a crash. (Daniel Steinberg)
* Crash when using garbagecollect() in between rand().
* Message test fails on SunOS.
* Draw error when an empty group is removed from 'statusline'.
* Crash when setting 'wincolor' on finished terminal window. (Bakudankun)
variables. (Tim Pope)
* Using memory after it was freed. (Dominique Pelle)
* Crash when setting 'buftype' to "quickfix".
* Preview popup window test fails with long directory name. (Jakub
K?dzio?ka)
* Insufficient code coverage for ex_docmd.c functions.
* Compiler warning in Lua interface.
* test_clear_search_pat() is unused.
* A couple of function return types can be more specific.
* Crash when using :disassamble without argument. (Dhiraj Mishra)
* Compiler warning for checking size_t to be negative.
* Time and timer related code is spread out.
* Cannot recognize a terminal in a popup window.
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
haproxy (2.1.1+git0.4ae521379 -> 2.1.3+git0.5c020bbdd)
libinput
libzypp (17.22.0 -> 17.22.1)
microos-tools (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
plasma5-pk-updates
tallow (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
vim (8.2.0200 -> 8.2.0257)
=== Details ===
==== haproxy ====
Version update (2.1.1+git0.4ae521379 -> 2.1.3+git0.5c020bbdd)
- Remove unsupported options from example haproxy.cfg
- Make haproxy useable for containers
- Use sysusers.d to create users.
- Use systemd_ordering instead of requiring systemd.
- Own vim syntax directory instead of requiring vim. This also
solves the problem the directory got never removed if vim is
updated before haproxy.
- Update to version 2.1.3+git0.5c020bbdd:
* [RELEASE] Released version 2.1.3
* BUG/MINOR: tcp: don't try to set defaultmss when value is negative
* BUG/MINOR: http-ana: Set HTX_FL_PROXY_RESP flag if a server perform a redirect
* BUG/MINOR: http-ana: Don't overwrite outgoing data when an error is reported
* MINOR: htx/channel: Add a function to copy an HTX message in a channel's buffer
* MINOR: htx: Add a function to append an HTX message to another one
* DOC: word converter ignores delimiters at the start or end of input string
* MINOR: build: add aix72-gcc build TARGET and power{8,9} CPUs
* BUG/MINOR: tcp: avoid closing fd when socket failed in tcp_bind_listener
* BUG/MINOR: listener: enforce all_threads_mask on bind_thread on init
* BUG/MEDIUM: listener: only consider running threads when resuming listeners
* BUG/MINOR: dns: allow 63 char in hostname
* BUG/MINOR: unix: better catch situations where the unix socket path length is close to the limit
* DOC: schematic of the SSL certificates architecture
* BUG/MEDIUM: ssl/cli: 'commit ssl cert' wrong SSL_CTX init
* SCRIPTS: announce-release: allow the user to force to overwrite old files
* SCRIPTS: announce-release: place the send command in the mail's header
* CONTRIB: debug: also support reading values from stdin
* MINOR: acl: Warn when an ACL is named 'or'
* CONTRIB: debug: support reporting multiple values at once
* CONTRIB: debug: add the possibility to decode the value as certain types only
* CONTRIB: debug: add missing flags SF_HTX and SF_MUX
* BUG/MINOR: ssl: clear the SSL errors on DH loading failure
* BUG/MINOR: ssl: we may only ignore the first 64 errors
* BUG/MAJOR: memory: Don't forget to unlock the rwlock if the pool is empty.
* BUG/MEDIUM: memory: Add a rwlock before freeing memory.
* MINOR: memory: Only init the pool spinlock once.
* BUG/MEDIUM: memory_pool: Update the seq number in pool_flush().
* BUG/MEDIUM: connections: Don't forget to unlock when killing a connection.
* BUG/MINOR: connection: fix ip6 dst_port copy in make_proxy_line_v2
* BUG/MINOR: ssl: Possible memleak when allowing the 0RTT data buffer.
* BUG/MEDIUM: pipe: fix a use-after-free in case of pipe creation error
* BUG/MINOR: tcpchecks: fix the connect() flags regarding delayed ack
* BUG/MEDIUM: ssl: Don't forget to free ctx->ssl on failure.
* MINOR: lua: Add HLUA_PREPEND_C?PATH build option
* MINOR: lua: Add lua-prepend-path configuration option
* MINOR: lua: Add hlua_prepend_path function
* BUILD: cfgparse: silence a bogus gcc warning on 32-bit machines
* BUG/MEDIUM: mux-h2: make sure we don't emit TE headers with anything but "trailers"
* BUG/MINOR: stktable: report the current proxy name in error messages
* BUG/MEDIUM: 0rtt: Only consider the SSL handshake.
* BUG/MINOR: ssl/cli: ocsp_issuer must be set w/ "set ssl cert"
* BUG/MINOR: ssl: typo in previous patch
* BUG/MINOR: ssl: memory leak w/ the ocsp_issuer
* BUG/MINOR: ssl: increment issuer refcount if in chain
* CLEANUP: stats: shut up a wrong null-deref warning from gcc 9.2
* BUG/MINOR: ssl/cli: free the previous ckch content once a PEM is loaded
* BUG/MINOR: ssl: ssl_sock_load_pem_into_ckch is not consistent
* BUG/MEDIUM: netscaler: Don't forget to allocate storage for conn->src/dst.
* BUG/MINOR: http_act: don't check capture id in backend
* MINOR: proxy/http-ana: Add support of extra attributes for the cookie directive
* BUG/MINOR: ssl: ssl_sock_load_sctl_from_file memory leak
* BUG/MINOR: ssl: ssl_sock_load_issuer_file_into_ckch memory leak
* BUG/MINOR: ssl: ssl_sock_load_ocsp_response_from_file memory leak
* BUG/MINOR: tcp-rules: Fix memory releases on error path during action parsing
* BUG/MINOR: stick-table: Use MAX_SESS_STKCTR as the max track ID during parsing
* BUG/MINOR: http-rules: Remove buggy deinit functions for HTTP rules
* BUG/MINOR: http-ana/filters: Wait end of the http_end callback for all filters
* BUILD: pattern: include errno.h
* BUG/MINOR: 51d: Fix bug when HTX is enabled
* BUG/MINOR: dns: Make dns_query_id_seed unsigned
* BUG/MINOR: cache: Fix leak of cache name in error path
* BUG/MINOR: pattern: handle errors from fgets when trying to load patterns
* BUG/MEDIUM: connection: add a mux flag to indicate splice usability
* BUG/MINOR: stream: don't mistake match rules for store-request rules
* BUG/MEDIUM: cli: _getsocks must send the peers sockets
* REGTEST: add sample_fetches/hashes.vtc to validate hashes
* BUG/MAJOR: hashes: fix the signedness of the hash inputs
* BUG/MEDIUM: mux_h1: Don't call h1_send if we subscribed().
* BUG/MEDIUM: mworker: remain in mworker mode during reload
* REGTEST: mcli/mcli_start_progs: start 2 programs
* BUG/MINOR: cli/mworker: can't start haproxy with 2 programs
* BUG/MEDIUM: mux-h2: don't stop sending when crossing a buffer boundary
* BUG/MEDIUM: mux-h2: fix missing test on sending_list in previous patch
* BUG/MINOR: mux-h2: use a safe list_for_each_entry in h2_send()
* BUG/MEDIUM: tasks: Use the MT macros in tasklet_free().
* BUG/MINOR: stream-int: Don't trigger L7 retry if max retries is already reached
* BUG/MEDIUM: session: do not report a failure when rejecting a session
* BUG/MINOR: channel: inject output data at the end of output
* BUG/MEDIUM: http-ana: Truncate the response when a redirect rule is applied
* BUG/MINOR: proxy: Fix input data copy when an error is captured
* BUG/MINOR: h1: Report the right error position when a header value is invalid
* MINOR: ssl: Remove unused variable "need_out".
* MINOR: config: disable busy polling on old processes
* BUG/MEDIUM: connections: Hold the lock when wanting to kill a connection.
* BUG/MEDIUM: checks: Only attempt to do handshakes if the connection is ready.
* BUG/MINOR: checks: refine which errno values are really errors.
- Update to version 2.1.2+git0.d5b6759b5:
* [RELEASE] Released version 2.1.2
* BUILD: ssl: improve SSL_CTX_set_ecdh_auto compatibility
* BUG/MEDIUM: stream: Be sure to never assign a TCP backend to an HTX stream
* BUG/MINOR: state-file: do not leak memory on parse errors
* BUG/MINOR: state-file: do not store duplicates in the global tree
* BUG/MEDIUM: state-file: do not allocate a full buffer for each server entry
* BUG/MINOR: ssl: openssl-compat: Fix getm_ defines
* BUG/MEDIUM: fd/threads: fix a concurrency issue between add and rm on the same fd
* MINOR: fd/threads: make _GET_NEXT()/_GET_PREV() use the volatile attribute
* BUG/MEDIUM: ssl: Revamp the way early data are handled.
* BUG/MAJOR: task: add a new TASK_SHARED_WQ flag to fix foreing requeuing
* MINOR: task: only check TASK_WOKEN_ANY to decide to requeue a task
* MINOR: http: add a new "replace-path" action
* MINOR: debug: support logging to various sinks
* BUG/MEDIUM: ssl: Don't set the max early data we can receive too early.
* MINOR: sample: Validate the number of bits for the sha2 converter
* BUG/MINOR: sample: always check converters' arguments
* BUG/MINOR: sample: fix the closing bracket and LF in the debug converter
* DOC: clarify the fact that replace-uri works on a full URI
- drop the udev buildrequires completely
==== libinput ====
- Fix invalid RPM groups.
==== libzypp ====
Version update (17.22.0 -> 17.22.1)
- update translations
- Replace mongoose/webrick with nginx in test suite.
This patch makes use of nginx to replace the current WebServer
mongoose implementation. Also adds support for registering
callback functions for certain URL requests via FCGI, making it
possible to mock HTTP responses and test more complex HTTP setups.
- boost: Fix deprecated auto_unit_test.hpp includes.
- Disable zchunk on Leap-15.0 and SLE15-* while there is no libzck.
- Fix decision whether to download ZCHUNK files.
libzypp and libsolv must both be able to read the format.
- version 17.22.1 (22)
==== microos-tools ====
Version update (1.0+git20190812.97ca0ee -> 1.0+git20200214.c7654a7)
- Update to version 1.0+git20200214.c7654a7:
* Remove btrfsQuota, snapper list provides now the same informations
* Adjust README.md
==== plasma5-pk-updates ====
- Update german translations to remove a superfluous fullstop
(kde#386751)
==== tallow ====
Version update (19+git20191106.4b071b0 -> 21+git20200213.865ec91)
- Update to version 21+git20200213.865ec91:
* Add tallow.patterns man page
* Add extra path for firewall-cmd
- Drop 0001-Add-extra-path-for-firewall-cmd.patch, accepted upstream
==== vim ====
Version update (8.2.0200 -> 8.2.0257)
Subpackages: vim-data-common
- Updated to version 8.2.0257, fixes the following problems
* Vim9 script commands not sufficiently tested.
* Cannot assign to an imported variable.
* When 'lazyredraw' is set the window title may not be updated.
* :helptags and some other functionality not tested.
* Crash when using winnr('j') in a popup window.
* Error code E899 used twice.
* Calling Vim9 function using default argument fails.
* Crash when missing member type on list argument.
* Fnamemodify() does not apply ":~" when followed by ":.".
* Function a bit far away from where it's used.
* Coverity complains about uninitialized field.
* Test for ANSI colors fails without an "ls" command.
* Missing search/substitute pattern hardly tested.
* Configure does not recognize gcc 10.0 and later.
* A popup window with a terminal can be made hidden.
* Wrong file name shortening. (Ingo Karkat)
* Several Vim9 instructions are not tested.
* Terminal test fails on Mac.
* Several Vim9 instructions are not tested.
* Terminal test still fails on Mac.
* Terminal test did pass on Mac.
* No test for Vim9 += and ..=.
* Vim9: optional function arguments don't work yet.
* Some instructions not yet tested.
* compiling :elseif not tested yet.
* compiling lambda not tested yet.
* Compiling for loop not tested.
* Compiling a few instructions not tested.
* Configure does not recognize gcc version on BSD.
* Compare instructions not tested.
* Terminal popup test is flaky.
* Silent system command may clear the screen.
* The :compiler command causes a crash. (Daniel Steinberg)
* Crash when using garbagecollect() in between rand().
* Message test fails on SunOS.
* Draw error when an empty group is removed from 'statusline'.
* Crash when setting 'wincolor' on finished terminal window. (Bakudankun)
variables. (Tim Pope)
* Using memory after it was freed. (Dominique Pelle)
* Crash when setting 'buftype' to "quickfix".
* Preview popup window test fails with long directory name. (Jakub
K?dzio?ka)
* Insufficient code coverage for ex_docmd.c functions.
* Compiler warning in Lua interface.
* test_clear_search_pat() is unused.
* A couple of function return types can be more specific.
* Crash when using :disassamble without argument. (Dhiraj Mishra)
* Compiler warning for checking size_t to be negative.
* Time and timer related code is spread out.
* Cannot recognize a terminal in a popup window.
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
btrfsprogs (5.4 -> 5.4.1)
chrony
glibc (2.30 -> 2.31)
grep (3.3 -> 3.4)
issue-generator (1.7 -> 1.8)
kernel-firmware (20200122 -> 20200207)
kernel-source (5.5.2 -> 5.5.4)
libeconf (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
libxcrypt (4.4.10 -> 4.4.12)
openssh
patterns-microos
podman (1.7.0 -> 1.8.0)
sudo (1.8.28p1 -> 1.8.31)
=== Details ===
==== btrfsprogs ====
Version update (5.4 -> 5.4.1)
Subpackages: btrfsprogs-udev-rules libbtrfs0
- Update to 5.4.1
* build: fix docbook5 build
* check: do extra verification of extent items, inode items and chunks
* qgroup: return ENOTCONN if quotas not running (needs updated kernel)
* other: various test fixups
==== chrony ====
- Add chrony-test-update-processing-of-packet-log.patch in order
to fix test-suite failure.
- Update clknetsim to version 79ffe44 (fixes boo#1162964).
- Backport chrony-test-fix-util-unit-test-for-NTP-era-split.patch.
==== glibc ====
Version update (2.30 -> 2.31)
Subpackages: glibc-locale glibc-locale-base
- nsswitch.conf: comment out initgroups setting, so that it defaults to
the group setting (bsc#1164075)
- fix-locking-in-_IO_cleanup.patch: update to latest version
- Update to glibc 2.31
* The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to
enable features from the draft ISO C2X standard
* The <math.h> functions that round their results to a narrower type now
have corresponding type-generic macros in <tgmath.h>
* The function pthread_clockjoin_np has been added, enabling join with a
terminated thread with a specific clock
* New locale added: mnw_MM (Mon language spoken in Myanmar).
* The DNS stub resolver will optionally send the AD (authenticated data) bit
in queries if the trust-ad option is set via the options directive in
/etc/resolv.conf (or if RES_TRUSTAD is set in _res.options)
* The totalorder and totalordermag functions, and the corresponding
functions for other floating-point types, now take pointer arguments to
avoid signaling NaNs possibly being converted to quiet NaNs in argument
passing
* The obsolete function stime is no longer available to newly linked
binaries, and its declaration has been removed from <time.h>
* The gettimeofday function no longer reports information about a
system-wide time zone
* If a lazy binding failure happens during dlopen, during the execution of
an ELF constructor, the process is now terminated
- malloc-info-whitespace.patch, riscv-vfork.patch,
prefer-map-32bit-exec.patch, backtrace-powerpc.patch,
ldconfig-dynstr.patch: Removed.
- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC
(bsc#1158996, BZ #25423)
- Drop support for pluggable gconv modules (bsc#1159851)
==== grep ====
Version update (3.3 -> 3.4)
- Switch back to system regex to avoid undefined behaviour
- grep 3.4:
* new --no-ignore-case option causes grep to observe case
distinctions, overriding any previous -i (--ignore-case) option
* '.' no longer matches some invalid byte sequences in UTF-8 locales
* grep -Fw can no longer false match in non-UTF-8 multibyte locales
* The exit status of 'grep -L' is no longer incorrect when standard
output is /dev/null
* fix some performance bugs
- drop test-pcre-jitstack.diff
==== issue-generator ====
Version update (1.7 -> 1.8)
- Update to version 1.8
- Handle network interface renames
==== kernel-firmware ====
Version update (20200122 -> 20200207)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd
- Update to version 20200207 (git commit 6f89735800fe):
* rtl_nic: update firmware for RTL8153A
* rtl_bt: Update RTL8822C BT FW to V0x0998_C2B4
* linux-firmware: add firmware for MT7622
* linux-firmware: add version 2 for MT7615E
* amdgpu: update to latest navi10 firmware from 19.50
* Revert "radeon: update oland rlc microcode from amdgpu"
* amlogic: update video decoder firmwares
* amdgpu: add renoir firmware for 19.50
* amdgpu: update raven2 firmware for 19.50
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.12.A.13
* qca: update bluetooth firmware for QCA6174
- Update topics and alias list
==== kernel-source ====
Version update (5.5.2 -> 5.5.4)
- bcache: fix incorrect data type usage in btree_flush_write()
(git-fixes).
- commit 119f9ca
- Linux 5.5.4 (bnc#1012628).
- selinux: fall back to ref-walk if audit is required
(bnc#1012628).
- libertas: make lbs_ibss_join_existing() return error code on
rates overflow (bnc#1012628).
- libertas: don't exit from lbs_ibss_join_existing() with RCU
read lock held (bnc#1012628).
- mwifiex: Fix possible buffer overflows in
mwifiex_cmd_append_vsie_tlv() (bnc#1012628).
- mwifiex: Fix possible buffer overflows in
mwifiex_ret_wmm_get_status() (bnc#1012628).
- dmaengine: axi-dmac: add a check for devm_regmap_init_mmio
(bnc#1012628).
- clk: meson: g12a: fix missing uart2 in regmap table
(bnc#1012628).
- mfd: max77650: Select REGMAP_IRQ in Kconfig (bnc#1012628).
- regmap: fix writes to non incrementing registers (bnc#1012628).
- pinctrl: qcom: Don't lock around irq_set_irq_wake()
(bnc#1012628).
- pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
(bnc#1012628).
- pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control
(bnc#1012628).
- pinctrl: baytrail: Allocate IRQ chip dynamic (bnc#1012628).
- selinux: fix regression introduced by move_mount(2) syscall
(bnc#1012628).
- selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon
follow_link" (bnc#1012628).
- x86/alternatives: add missing insn.h include (bnc#1012628).
- bcache: avoid unnecessary btree nodes flushing in
btree_flush_write() (bnc#1012628).
- ASoC: soc-generic-dmaengine-pcm: Fix error handling
(bnc#1012628).
- dt-bindings: iio: adc: ad7606: Fix wrong maxItems value
(bnc#1012628).
- i2c: cros-ec-tunnel: Fix ACPI identifier (bnc#1012628).
- i2c: cros-ec-tunnel: Fix slave device enumeration (bnc#1012628).
- media: i2c: adv748x: Fix unsafe macros (bnc#1012628).
- drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe
(bnc#1012628).
- crypto: caam/qi2 - fix typo in algorithm's driver name
(bnc#1012628).
- crypto: atmel-sha - fix error handling when setting hmac key
(bnc#1012628).
- crypto: artpec6 - return correct error code for failed setkey()
(bnc#1012628).
- crypto: testmgr - don't try to decrypt uninitialized buffers
(bnc#1012628).
- mtd: sharpslpart: Fix unsigned comparison to zero (bnc#1012628).
- mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
(bnc#1012628).
- arm64: kvm: Fix IDMAP overlap with HYP VA (bnc#1012628).
- arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly
(bnc#1012628).
- KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit
integer (bnc#1012628).
- KVM: arm64: pmu: Fix chained SW_INCR counters (bnc#1012628).
- KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
(bnc#1012628).
- KVM: arm: Make inject_abt32() inject an external abort instead
(bnc#1012628).
- KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
(bnc#1012628).
- KVM: arm/arm64: Fix young bit from mmu notifier (bnc#1012628).
- crypto: arm/chacha - fix build failured when kernel mode NEON
is disabled (bnc#1012628).
- arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
(bnc#1012628).
- arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
(bnc#1012628).
- arm64: cpufeature: Fix the type of no FP/SIMD capability
(bnc#1012628).
- arm64: kernel: Correct annotation of end of el0_sync
(bnc#1012628).
- sched/uclamp: Fix a bug in propagating uclamp value in new
cgroups (bnc#1012628).
- ARM: 8949/1: mm: mark free_memmap as __init (bnc#1012628).
- KVM: arm/arm64: vgic-its: Fix restoration of unmapped
collections (bnc#1012628).
- ARM: at91: pm: use of_device_id array to find the proper shdwc
node (bnc#1012628).
- ARM: at91: pm: use SAM9X60 PMC's compatible (bnc#1012628).
- iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
(bnc#1012628).
- powerpc/pseries: Allow not having ibm,
hypertas-functions::hcall-multi-tce for DDW (bnc#1012628).
- powerpc/pseries/vio: Fix iommu_table use-after-free refcount
warning (bnc#1012628).
- powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some
paths (bnc#1012628).
- powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX
(bnc#1012628).
- powerpc/ptdump: Fix W+X verification call in mark_rodata_ro()
(bnc#1012628).
- Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on
secure guests" (bnc#1012628).
- soc: qcom: rpmhpd: Set 'active_only' for active only power
domains (bnc#1012628).
- tools/power/acpi: fix compilation error (bnc#1012628).
- ARM: dts: at91: sama5d3: define clock rate range for tcb1
(bnc#1012628).
- ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
(bnc#1012628).
- ARM: dts: meson8b: use the actual frequency for the GPU's
364MHz OPP (bnc#1012628).
- ARM: dts: meson8: use the actual frequency for the GPU's
182.1MHz OPP (bnc#1012628).
- arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node
(bnc#1012628).
- arm64: dts: renesas: r8a77990: ebisu: Remove
clkout-lr-synchronous from sound (bnc#1012628).
- ARM: dts: am43xx: add support for clkout1 clock (bnc#1012628).
- ARM: dts: at91: Reenable UART TX pull-ups (bnc#1012628).
- arm64: dts: qcom: msm8998-mtp: Add alias for blsp1_uart3
(bnc#1012628).
- arm64: dts: uDPU: fix broken ethernet (bnc#1012628).
- arm64: dts: qcom: msm8998: Fix tcsr syscon size (bnc#1012628).
- platform/x86: intel_mid_powerbtn: Take a copy of ddata
(bnc#1012628).
- ARC: [plat-axs10x]: Add missing multicast filter number to
GMAC node (bnc#1012628).
- MIPS: Loongson: Fix potential NULL dereference in
loongson3_platform_init() (bnc#1012628).
- watchdog: qcom: Use platform_get_irq_optional() for bark irq
(bnc#1012628).
- rtc: cmos: Stop using shared IRQ (bnc#1012628).
- rtc: hym8563: Return -EINVAL if the time is known to be invalid
(bnc#1012628).
- rtc: mt6397: drop free_irq of devm_ allocated irq (bnc#1012628).
- netdevsim: use __GFP_NOWARN to avoid memalloc warning
(bnc#1012628).
- netdevsim: fix panic in nsim_dev_take_snapshot_write()
(bnc#1012628).
- netdevsim: disable devlink reload when resources are being used
(bnc#1012628).
- netdevsim: fix using uninitialized resources (bnc#1012628).
- mt76: mt7615: fix max_nss in mt7615_eeprom_parse_hw_cap
(bnc#1012628).
- bpf, sockmap: Check update requirements after locking
(bnc#1012628).
- bpf: Improve bucket_log calculation logic (bnc#1012628).
- selftests/bpf: Test freeing sockmap/sockhash with a socket in it
(bnc#1012628).
- bpf, sockhash: Synchronize_rcu before free'ing map
(bnc#1012628).
- bpf, sockmap: Don't sleep while holding RCU lock on tear-down
(bnc#1012628).
- bpftool: Don't crash on missing xlated program instructions
(bnc#1012628).
- x86/boot: Handle malformed SRAT tables during early ACPI parsing
(bnc#1012628).
- NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals
(bnc#1012628).
- NFSv4: try lease recovery on NFS4ERR_EXPIRED (bnc#1012628).
- NFSv4: pnfs_roc() must use cred_fscmp() to compare creds
(bnc#1012628).
- NFS: Fix fix of show_nfs_errors (bnc#1012628).
- NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
(bnc#1012628).
- NFS: Revalidate the file size on a fatal write error
(bnc#1012628).
- nfs: NFS_SWAP should depend on SWAP (bnc#1012628).
- NFSv4.x recover from pre-mature loss of openstateid
(bnc#1012628).
- netfilter: flowtable: Fix missing flush hardware on table free
(bnc#1012628).
- netfilter: flowtable: Fix hardware flush order on
nf_flow_table_cleanup (bnc#1012628).
- netfilter: flowtable: restrict flow dissector match on meta
ingress device (bnc#1012628).
- netfilter: flowtable: fetch stats only if flow is still alive
(bnc#1012628).
- iwlwifi: mvm: fix TDLS discovery with the new firmware API
(bnc#1012628).
- iwlwifi: mvm: avoid use after free for pmsr request
(bnc#1012628).
- PCI/AER: Initialize aer_fifo (bnc#1012628).
- PCI: Don't disable bridge BARs when assigning bus resources
(bnc#1012628).
- PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30
(bnc#1012628).
- PCI/switchtec: Fix vep_vector_number ioread width (bnc#1012628).
- PCI/switchtec: Use dma_set_mask_and_coherent() (bnc#1012628).
- ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
(bnc#1012628).
- PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (bnc#1012628).
- scsi: ufs: Fix ufshcd_probe_hba() reture value in case
ufshcd_scsi_add_wlus() fails (bnc#1012628).
- RDMA/umem: Fix ib_umem_find_best_pgsz() (bnc#1012628).
- RDMA/cma: Fix unbalanced cm_id reference count during address
resolve (bnc#1012628).
- RDMA/core: Ensure that rdma_user_mmap_entry_remove() is a fence
(bnc#1012628).
- RDMA/mlx5: Fix handling of IOVA != user_va in ODP paths
(bnc#1012628).
- RDMA/uverbs: Verify MR access flags (bnc#1012628).
- RDMA/core: Fix locking in ib_uverbs_event_read (bnc#1012628).
- RDMA/i40iw: fix a potential NULL pointer dereference
(bnc#1012628).
- RDMA/netlink: Do not always generate an ACK for some netlink
operations (bnc#1012628).
- IB/mlx4: Fix leak in id_map_find_del (bnc#1012628).
- IB/mlx5: Return the administrative GUID if exists (bnc#1012628).
- IB/srp: Never use immediate data if it is disabled by a user
(bnc#1012628).
- IB/mlx4: Fix memory leak in add_gid error flow (bnc#1012628).
- commit 271ee1b
- Update config files: enable CONFIG_FW_CFG_SYSFS for arm64 (bsc#1163521)
- commit d888576
- Update config files: CONFIG_NVME_HWMON=y
When the config files were updated for kernel v5.5, the commit
message claimed CONFIG_NVME_HWMON was to be enabled, however the
configuration files themselves had the option disabled. We definitely
want hardware monitoring enabled on NVME devices, so fix the
configuration files to match the original intent.
- commit d654690
- Linux 5.5.3 (bnc#1012628).
- sparc32: fix struct ipc64_perm type definition (bnc#1012628).
- bnxt_en: Move devlink_register before registering netdev
(bnc#1012628).
- gtp: use __GFP_NOWARN to avoid memalloc warning (bnc#1012628).
- l2tp: Allow duplicate session creation with UDP (bnc#1012628).
- net: hsr: fix possible NULL deref in hsr_handle_frame()
(bnc#1012628).
- net_sched: fix an OOB access in cls_tcindex (bnc#1012628).
- net/core: Do not clear VF index for node/port GUIDs query
(bnc#1012628).
- net: mvneta: fix XDP support if sw bm is used as fallback
(bnc#1012628).
- bnxt_en: Fix TC queue mapping (bnc#1012628).
- net: stmmac: Delete txtimer in suspend() (bnc#1012628).
- tcp: clear tp->total_retrans in tcp_disconnect() (bnc#1012628).
- tcp: clear tp->delivered in tcp_disconnect() (bnc#1012628).
- tcp: clear tp->data_segs{in|out} in tcp_disconnect()
(bnc#1012628).
- tcp: clear tp->segs_{in|out} in tcp_disconnect() (bnc#1012628).
- cls_rsvp: fix rsvp_policy (bnc#1012628).
- rxrpc: Fix use-after-free in rxrpc_put_local() (bnc#1012628).
- rxrpc: Fix insufficient receive notification generation
(bnc#1012628).
- rxrpc: Fix missing active use pinning of rxrpc_local object
(bnc#1012628).
- rxrpc: Fix NULL pointer deref due to call->conn being cleared
on disconnect (bnc#1012628).
- bnxt_en: Refactor logic to re-enable SRIOV after firmware
reset detected (bnc#1012628).
- net: phy: at803x: disable vddio regulator (bnc#1012628).
- bnxt_en: Fix RDMA driver failure with SRIOV after firmware reset
(bnc#1012628).
- ionic: fix rxq comp packet type mask (bnc#1012628).
- MAINTAINERS: correct entries for ISDN/mISDN section
(bnc#1012628).
- netdevsim: fix stack-out-of-bounds in nsim_dev_debugfs_init()
(bnc#1012628).
- bnxt_en: Fix logic that disables Bus Master during firmware
reset (bnc#1012628).
- media: uvcvideo: Avoid cyclic entity chains due to malformed
USB descriptors (bnc#1012628).
- mfd: dln2: More sanity checking for endpoints (bnc#1012628).
- netfilter: ipset: fix suspicious RCU usage in find_set_and_id
(bnc#1012628).
- ALSA: pcm: Fix memory leak at closing a stream without hw_free
(bnc#1012628).
- ipc/msg.c: consolidate all xxxctl_down() functions
(bnc#1012628).
- tracing/kprobes: Have uname use __get_str() in print_fmt
(bnc#1012628).
- tracing: Fix sched switch start/stop refcount racy updates
(bnc#1012628).
- rcu: Use *_ONCE() to protect lockless ->expmask accesses
(bnc#1012628).
- rcu: Avoid data-race in rcu_gp_fqs_check_wake() (bnc#1012628).
- srcu: Apply *_ONCE() to ->srcu_last_gp_end (bnc#1012628).
- rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
(bnc#1012628).
- nvmet: Fix error print message at nvmet_install_queue function
(bnc#1012628).
- nvmet: Fix controller use after free (bnc#1012628).
- Bluetooth: btusb: fix memory leak on fw (bnc#1012628).
- Bluetooth: btusb: Disable runtime suspend on Realtek devices
(bnc#1012628).
- brcmfmac: Fix memory leak in brcmf_usbdev_qinit (bnc#1012628).
- usb: dwc3: gadget: Check END_TRANSFER completion (bnc#1012628).
- usb: dwc3: gadget: Delay starting transfer (bnc#1012628).
- usb: typec: tcpci: mask event interrupts when remove driver
(bnc#1012628).
- objtool: Silence build output (bnc#1012628).
- usb: gadget: f_fs: set req->num_sgs as 0 for non-sg transfer
(bnc#1012628).
- usb: gadget: legacy: set max_speed to super-speed (bnc#1012628).
- usb: gadget: f_ncm: Use atomic_t to track in-flight request
(bnc#1012628).
- usb: gadget: f_ecm: Use atomic_t to track in-flight request
(bnc#1012628).
- ALSA: usb-audio: Fix endianess in descriptor validation
(bnc#1012628).
- ALSA: usb-audio: Annotate endianess in Scarlett gen2 quirk
(bnc#1012628).
- ALSA: dummy: Fix PCM format loop in proc output (bnc#1012628).
- memcg: fix a crash in wb_workfn when a device disappears
(bnc#1012628).
- mm/sparse.c: reset section's mem_map when fully deactivated
(bnc#1012628).
- utimes: Clamp the timestamps in notify_change() (bnc#1012628).
- mm/migrate.c: also overwrite error when it is bigger than zero
(bnc#1012628).
- mm/memory_hotplug: fix remove_memory() lockdep splat
(bnc#1012628).
- mm: thp: don't need care deferred split queue in memcg charge
move path (bnc#1012628).
- mm: move_pages: report the number of non-attempted pages
(bnc#1012628).
- media/v4l2-core: set pages dirty upon releasing DMA buffers
(bnc#1012628).
- media: v4l2-core: compat: ignore native command codes
(bnc#1012628).
- media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left
adjustments (bnc#1012628).
- lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
(bnc#1012628).
- irqdomain: Fix a memory leak in irq_domain_push_irq()
(bnc#1012628).
- x86/cpu: Update cached HLE state on write to
TSX_CTRL_CPUID_CLEAR (bnc#1012628).
- platform/x86: intel_scu_ipc: Fix interrupt support
(bnc#1012628).
- ALSA: hda: Add Clevo W65_67SB the power_save blacklist
(bnc#1012628).
- ALSA: hda: Add JasperLake PCI ID and codec vid (bnc#1012628).
- ALSA: hda - Fix DP-MST support for NVIDIA codecs (bnc#1012628).
- arm64: acpi: fix DAIF manipulation with pNMI (bnc#1012628).
- KVM: arm64: Correct PSTATE on exception entry (bnc#1012628).
- KVM: arm/arm64: Correct CPSR on exception entry (bnc#1012628).
- KVM: arm/arm64: Correct AArch32 SPSR on exception entry
(bnc#1012628).
- KVM: arm64: Only sign-extend MMIO up to register width
(bnc#1012628).
- MIPS: syscalls: fix indentation of the 'SYSNR' message
(bnc#1012628).
- MIPS: fix indentation of the 'RELOCS' message (bnc#1012628).
- MIPS: boot: fix typo in 'vmlinux.lzma.its' target (bnc#1012628).
- MIPS: SGI-IP30: Check for valid pointer before using it
(bnc#1012628).
- MIPS: asm: local: add barriers for Loongson (bnc#1012628).
- s390/mm: fix dynamic pagetable upgrade for hugetlbfs
(bnc#1012628).
- powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case
(bnc#1012628).
- powerpc/ptdump: Fix W+X verification (bnc#1012628).
- powerpc/xmon: don't access ASDR in VMs (bnc#1012628).
- powerpc/pseries: Advance pfn if section is not present in
lmb_is_removable() (bnc#1012628).
- powerpc/32s: Fix bad_kuap_fault() (bnc#1012628).
- powerpc/32s: Fix CPU wake-up from sleep mode (bnc#1012628).
- PCI/ATS: Use PF PASID for VFs (bnc#1012628).
- PCI: tegra: Fix return value check of pm_runtime_get_sync()
(bnc#1012628).
- PCI: keystone: Fix outbound region mapping (bnc#1012628).
- PCI: keystone: Fix link training retries initiation
(bnc#1012628).
- PCI: keystone: Fix error handling when "num-viewport" DT
property is not populated (bnc#1012628).
- mmc: spi: Toggle SPI polarity, do not hardcode it (bnc#1012628).
- ACPI: video: Do not export a non working backlight interface
on MSI MS-7721 boards (bnc#1012628).
- ACPI / battery: Deal with design or full capacity being reported
as -1 (bnc#1012628).
- ACPI / battery: Use design-cap for capacity calculations if
full-cap is not available (bnc#1012628).
- ACPI / battery: Deal better with neither design nor full
capacity not being reported (bnc#1012628).
- smb3: fix default permissions on new files when mounting with
modefromsid (bnc#1012628).
- alarmtimer: Unregister wakeup source when module get fails
(bnc#1012628).
- fscrypt: don't print name of busy file when removing key
(bnc#1012628).
- ubifs: don't trigger assertion on invalid no-key filename
(bnc#1012628).
- ubifs: Fix wrong memory allocation (bnc#1012628).
- ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
(bnc#1012628).
- ubifs: Fix deadlock in concurrent bulk-read and writepage
(bnc#1012628).
- mmc: sdhci-of-at91: fix memleak on clk_get failure
(bnc#1012628).
- ASoC: tegra: Revert 24 and 32 bit support (bnc#1012628).
- ASoC: topology: fix soc_tplg_fe_link_create() - link->dobj
initialization order (bnc#1012628).
- hv_balloon: Balloon up according to request page number
(bnc#1012628).
- mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile
(bnc#1012628).
- nvmem: imx: scu: fix write SIP (bnc#1012628).
- nvmem: core: fix memory abort in cleanup path (bnc#1012628).
- crypto: api - Check spawn->alg under lock in crypto_drop_spawn
(bnc#1012628).
- crypto: ccree - fix backlog memory leak (bnc#1012628).
- crypto: ccree - fix AEAD decrypt auth fail (bnc#1012628).
- crypto: ccree - fix pm wrongful error reporting (bnc#1012628).
- crypto: ccree - fix FDE descriptor sequence (bnc#1012628).
- crypto: ccree - fix PM race condition (bnc#1012628).
- padata: Remove broken queue flushing (bnc#1012628).
- fs: allow deduplication of eof block into the end of the
destination file (bnc#1012628).
- scripts/find-unused-docs: Fix massive false positives
(bnc#1012628).
- erofs: fix out-of-bound read for shifted uncompressed block
(bnc#1012628).
- scsi: megaraid_sas: Do not initiate OCR if controller is not
in ready state (bnc#1012628).
- scsi: qla2xxx: Fix stuck login session using prli_pend_timer
(bnc#1012628).
- scsi: qla2xxx: Fix mtcp dump collection failure (bnc#1012628).
- cpupower: Revert library ABI changes from commit
ae2917093fb60bdc1ed3e (bnc#1012628).
- power: supply: axp20x_ac_power: Fix reporting online status
(bnc#1012628).
- power: supply: ltc2941-battery-gauge: fix use-after-free
(bnc#1012628).
- ovl: fix wrong WARN_ON() in ovl_cache_update_ino()
(bnc#1012628).
- ovl: fix lseek overflow on 32bit (bnc#1012628).
- f2fs: fix miscounted block limit in f2fs_statfs_project()
(bnc#1012628).
- f2fs: code cleanup for f2fs_statfs_project() (bnc#1012628).
- f2fs: fix dcache lookup of !casefolded directories
(bnc#1012628).
- f2fs: fix race conditions in ->d_compare() and ->d_hash()
(bnc#1012628).
- PM: core: Fix handling of devices deleted during system-wide
resume (bnc#1012628).
- cpufreq: Avoid creating excessively large stack frames
(bnc#1012628).
- of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
(bnc#1012628).
- ARM: dma-api: fix max_pfn off-by-one error in __dma_supported()
(bnc#1012628).
- dm zoned: support zone sizes smaller than 128MiB (bnc#1012628).
- dm space map common: fix to ensure new block isn't already in
use (bnc#1012628).
- dm writecache: fix incorrect flush sequence when doing SSD
mode commit (bnc#1012628).
- dm crypt: fix GFP flags passed to skcipher_request_alloc()
(bnc#1012628).
- dm crypt: fix benbi IV constructor crash if used in
authenticated mode (bnc#1012628).
- dm thin metadata: use pool locking at end of
dm_pool_metadata_close (bnc#1012628).
- dm thin: fix use-after-free in metadata_pre_commit_callback
(bnc#1012628).
- dm: fix potential for q->make_request_fn NULL pointer
(bnc#1012628).
- tracing: Annotate ftrace_graph_hash pointer with __rcu
(bnc#1012628).
- tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
(bnc#1012628).
- ftrace: Add comment to why rcu_dereference_sched() is open coded
(bnc#1012628).
- ftrace: Protect ftrace_graph_hash with ftrace_sync
(bnc#1012628).
- crypto: pcrypt - Avoid deadlock by using per-instance padata
queues (bnc#1012628).
- btrfs: fix improper setting of scanned for range cyclic write
cache pages (bnc#1012628).
- btrfs: Handle another split brain scenario with metadata uuid
feature (bnc#1012628).
- riscv, bpf: Fix broken BPF tail calls (bnc#1012628).
- libbpf: Fix readelf output parsing for Fedora (bnc#1012628).
- libbpf: Fix printf compilation warnings on ppc64le arch
(bnc#1012628).
- libbpf: Don't attach perf_buffer to offline/missing CPUs
(bnc#1012628).
- selftests/bpf: Fix perf_buffer test on systems w/ offline CPUs
(bnc#1012628).
- flow_dissector: Fix to use new variables for port ranges in
bpf hook (bnc#1012628).
- bpf, devmap: Pass lockdep expression to RCU lists (bnc#1012628).
- libbpf: Add missing newline in opts validation macro
(bnc#1012628).
- libbpf: Fix realloc usage in bpf_core_find_cands (bnc#1012628).
- tc-testing: fix eBPF tests failure on linux fresh clones
(bnc#1012628).
- samples/bpf: Don't try to remove user's homedir on clean
(bnc#1012628).
- samples/bpf: Xdp_redirect_cpu fix missing tracepoint attach
(bnc#1012628).
- samples/bpf: Reintroduce missed build targets (bnc#1012628).
- selftests/bpf: Fix test_attach_probe (bnc#1012628).
- selftests/bpf: Skip perf hw events test if the setup disabled it
(bnc#1012628).
- selftests: bpf: Use a temporary file in test_sockmap
(bnc#1012628).
- selftests: bpf: Ignore FIN packets for reuseport tests
(bnc#1012628).
- crypto: sun8i-ss - fix removal of module (bnc#1012628).
- crypto: amlogic - fix removal of module (bnc#1012628).
- crypto: sun8i-ce - fix removal of module (bnc#1012628).
- crypto: api - fix unexpectedly getting generic implementation
(bnc#1012628).
- crypto: hisilicon - Fix issue with wrong number of sg elements
after dma map (bnc#1012628).
- crypto: hisilicon - Use the offset fields in sqe to avoid need
to split scatterlists (bnc#1012628).
- crypto: ccp - set max RSA modulus size for v3 platform devices
as well (bnc#1012628).
- crypto: arm64/ghash-neon - bump priority to 150 (bnc#1012628).
- crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
(bnc#1012628).
- crypto: hisilicon - select CRYPTO_SKCIPHER, not CRYPTO_BLKCIPHER
(bnc#1012628).
- crypto: atmel-aes - Fix counter overflow in CTR mode
(bnc#1012628).
- crypto: api - Fix race condition in crypto_spawn_alg
(bnc#1012628).
- crypto: picoxcell - adjust the position of tasklet_init and
fix missed tasklet_kill (bnc#1012628).
- powerpc/futex: Fix incorrect user access blocking (bnc#1012628).
- scsi: qla2xxx: Fix unbound NVME response length (bnc#1012628).
- NFS: Fix memory leaks and corruption in readdir (bnc#1012628).
- NFS: Directory page cache pages need to be locked when read
(bnc#1012628).
- nfsd: fix filecache lookup (bnc#1012628).
- jbd2_seq_info_next should increase position index (bnc#1012628).
- ext4: fix deadlock allocating crypto bounce page from mempool
(bnc#1012628).
- ext4: fix race conditions in ->d_compare() and ->d_hash()
(bnc#1012628).
- Btrfs: fix missing hole after hole punching and fsync when
using NO_HOLES (bnc#1012628).
- Btrfs: make deduplication with range including the last block
work (bnc#1012628).
- Btrfs: fix infinite loop during fsync after rename operations
(bnc#1012628).
- btrfs: set trans->drity in btrfs_commit_transaction
(bnc#1012628).
- btrfs: drop log root for dropped roots (bnc#1012628).
- btrfs: free block groups after free'ing fs trees (bnc#1012628).
- Btrfs: fix race between adding and putting tree mod seq elements
and nodes (bnc#1012628).
- btrfs: flush write bio if we loop in extent_write_cache_pages
(bnc#1012628).
- btrfs: Correctly handle empty trees in
find_first_clear_extent_bit (bnc#1012628).
- Btrfs: send, fix emission of invalid clone operations within
the same file (bnc#1012628).
- ARM: tegra: Enable PLLP bypass during Tegra124 LP1
(bnc#1012628).
- iwlwifi: don't throw error when trying to remove IGTK
(bnc#1012628).
- mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
(bnc#1012628).
- sunrpc: expiry_time should be seconds not timeval (bnc#1012628).
- gfs2: fix gfs2_find_jhead that returns uninitialized jhead
with seq 0 (bnc#1012628).
- gfs2: move setting current->backing_dev_info (bnc#1012628).
- gfs2: fix O_SYNC write handling (bnc#1012628).
- drm: atmel-hlcdc: use double rate for pixel clock only if
supported (bnc#1012628).
- drm: atmel-hlcdc: enable clock before configuring timing engine
(bnc#1012628).
- drm: atmel-hlcdc: prefer a lower pixel-clock than requested
(bnc#1012628).
- drm/rect: Avoid division by zero (bnc#1012628).
- media: iguanair: fix endpoint sanity check (bnc#1012628).
- media: rc: ensure lirc is initialized before registering input
device (bnc#1012628).
- tools/kvm_stat: Fix kvm_exit filter name (bnc#1012628).
- xen/balloon: Support xend-based toolstack take two
(bnc#1012628).
- xen/gntdev: Do not use mm notifiers with autotranslating guests
(bnc#1012628).
- watchdog: fix UAF in reboot notifier handling in watchdog core
code (bnc#1012628).
- bcache: add readahead cache policy options via sysfs interface
(bnc#1012628).
- io_uring: don't map read/write iovec potentially twice
(bnc#1012628).
- io_uring: spin for sq thread to idle on shutdown (bnc#1012628).
- eventfd: track eventfd_signal() recursion depth (bnc#1012628).
- aio: prevent potential eventfd recursion on poll (bnc#1012628).
- KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
(bnc#1012628).
- KVM: x86: Protect DR-based index computations from
Spectre-v1/L1TF attacks (bnc#1012628).
- KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from
Spectre-v1/L1TF attacks (bnc#1012628).
- KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect MSR-based index computations in pmu.h from
Spectre-v1/L1TF attacks (bnc#1012628).
- KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect MSR-based index computations from
Spectre-v1/L1TF attacks in x86.c (bnc#1012628).
- KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
(bnc#1012628).
- KVM: x86: Protect MSR-based index computations in
fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
(bnc#1012628).
- KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
(bnc#1012628).
- KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
(bnc#1012628).
- KVM: PPC: Book3S PR: Free shared page if mmu initialization
fails (bnc#1012628).
- kvm/svm: PKU not currently supported (bnc#1012628).
- KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
(bnc#1012628).
- KVM: x86: use CPUID to locate host page table reserved bits
(bnc#1012628).
- KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit
KVM (bnc#1012628).
- KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
(bnc#1012628).
- KVM: x86: Don't let userspace set host-reserved cr4 bits
(bnc#1012628).
- KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
(bnc#1012628).
- KVM: x86: fix overlap between SPTE_MMIO_MASK and generation
(bnc#1012628).
- KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu()
(bnc#1012628).
- KVM: x86: Ensure guest's FPU state is loaded when accessing
for emulation (bnc#1012628).
- KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest"
(bnc#1012628).
- KVM: s390: do not clobber registers during guest reset/store
status (bnc#1012628).
- KVM: x86: reorganize pvclock_gtod_data members (bnc#1012628).
- KVM: x86: use raw clock values consistently (bnc#1012628).
- ocfs2: fix oops when writing cloned file (bnc#1012628).
- mm/page_alloc.c: fix uninitialized memmaps on a partially
populated last section (bnc#1012628).
- arm64: dts: qcom: qcs404-evb: Set vdd_apc regulator in high
power mode (bnc#1012628).
- mm/mmu_gather: invalidate TLB correctly on batch allocation
failure and flush (bnc#1012628).
- clk: tegra: Mark fuse clock as critical (bnc#1012628).
- drm/amdgpu/navi: fix index for OD MCLK (bnc#1012628).
- drm/tegra: Relax IOMMU usage criteria on old Tegra
(bnc#1012628).
- drm/tegra: Reuse IOVA mapping where possible (bnc#1012628).
- drm/amd/powerplay: fix navi10 system intermittent reboot issue
V2 (bnc#1012628).
- drm/amd/dm/mst: Ignore payload update failures (bnc#1012628).
- drm/amdgpu: fetch default VDDC curve voltages (v2)
(bnc#1012628).
- drm/amdgpu/navi10: add OD_RANGE for navi overclocking
(bnc#1012628).
- drm/amdgpu/smu_v11_0: Correct behavior of restoring default
tables (v2) (bnc#1012628).
- virtio-balloon: initialize all vq callbacks (bnc#1012628).
- virtio-pci: check name when counting MSI-X vectors
(bnc#1012628).
- fix up iter on short count in fuse_direct_io() (bnc#1012628).
- broken ping to ipv6 linklocal addresses on debian buster
(bnc#1012628).
- percpu: Separate decrypted varaibles anytime encryption can
be enabled (bnc#1012628).
- ASoC: meson: axg-fifo: fix fifo threshold setup (bnc#1012628).
- scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size()
return type (bnc#1012628).
- scsi: csiostor: Adjust indentation in csio_device_reset
(bnc#1012628).
- scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
(bnc#1012628).
- scsi: ufs: Recheck bkops level if bkops is disabled
(bnc#1012628).
- compat: scsi: sg: fix v3 compat read/write interface
(bnc#1012628).
- mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two
(bnc#1012628).
- phy: qualcomm: Adjust indentation in read_poll_timeout
(bnc#1012628).
- ext2: Adjust indentation in ext2_fill_super (bnc#1012628).
- powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
(bnc#1012628).
- drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable
(bnc#1012628).
- NFC: pn544: Adjust indentation in pn544_hci_check_presence
(bnc#1012628).
- ppp: Adjust indentation into ppp_async_input (bnc#1012628).
- net: smc911x: Adjust indentation in smc911x_phy_configure
(bnc#1012628).
- net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
(bnc#1012628).
- IB/mlx5: Fix outstanding_pi index for GSI qps (bnc#1012628).
- IB/core: Fix ODP get user pages flow (bnc#1012628).
- IB/core: Fix ODP with IB_ACCESS_HUGETLB handling (bnc#1012628).
- staging: wfx: revert unexpected change in debugfs output
(bnc#1012628).
- nfsd: fix delay timer on 32-bit architectures (bnc#1012628).
- nfsd: fix jiffies/time_t mixup in LRU list (bnc#1012628).
- nfsd: Return the correct number of bytes written to the file
(bnc#1012628).
- virtio-balloon: Fix memory leak when unloading while hinting
is in progress (bnc#1012628).
- virtio_balloon: Fix memory leaks on errors in
virtballoon_probe() (bnc#1012628).
- ubi: fastmap: Fix inverted logic in seen selfcheck
(bnc#1012628).
- ubi: Fix an error pointer dereference in error handling code
(bnc#1012628).
- ubifs: Fix memory leak from c->sup_node (bnc#1012628).
- regulator: core: Add regulator_is_equal() helper (bnc#1012628).
- ASoC: sgtl5000: Fix VDDA and VDDIO comparison (bnc#1012628).
- ASoC: Intel: skl_hda_dsp_common: Fix global-out-of-bounds bug
(bnc#1012628).
- mfd: da9062: Fix watchdog compatible string (bnc#1012628).
- mfd: rn5t618: Mark ADC control register volatile (bnc#1012628).
- mfd: bd70528: Fix hour register mask (bnc#1012628).
- mfd: ab8500: Fix ab8500-clk typo (bnc#1012628).
- bpf: Fix trampoline usage in preempt (bnc#1012628).
- libbpf: Extract and generalize CPU mask parsing logic
(bnc#1012628).
- x86/timer: Don't skip PIT setup when APIC is disabled or in
legacy mode (bnc#1012628).
- bonding/alb: properly access headers in bond_alb_xmit()
(bnc#1012628).
- devlink: report 0 after hitting end in region read
(bnc#1012628).
- dpaa_eth: support all modes with rate adapting PHYs
(bnc#1012628).
- net: dsa: b53: Always use dev->vlan_enabled in
b53_configure_vlan() (bnc#1012628).
- net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
(bnc#1012628).
- net: dsa: microchip: enable module autoprobe (bnc#1012628).
- net: mvneta: move rx_dropped and rx_errors in per-cpu stats
(bnc#1012628).
- net_sched: fix a resource leak in tcindex_set_parms()
(bnc#1012628).
- net: stmmac: fix a possible endless loop (bnc#1012628).
- net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
(bnc#1012628).
- net/mlx5: IPsec, Fix esp modify function attribute
(bnc#1012628).
- net/mlx5: IPsec, fix memory leak at
mlx5_fpga_ipsec_delete_sa_ctx (bnc#1012628).
- net: macb: Remove unnecessary alignment check for TSO
(bnc#1012628).
- net: macb: Limit maximum GEM TX length in TSO (bnc#1012628).
- net: stmmac: fix incorrect GMAC_VLAN_TAG register writting in
GMAC4+ (bnc#1012628).
- net: stmmac: xgmac: fix incorrect XGMAC_VLAN_TAG register
writting (bnc#1012628).
- net: stmmac: fix missing IFF_MULTICAST check in
dwmac4_set_filter (bnc#1012628).
- net: stmmac: xgmac: fix missing IFF_MULTICAST checki in
dwxgmac2_set_filter (bnc#1012628).
- net: stmmac: update pci platform data to use phy_interface
(bnc#1012628).
- taprio: Fix enabling offload with wrong number of traffic
classes (bnc#1012628).
- taprio: Fix still allowing changing the flags during runtime
(bnc#1012628).
- taprio: Add missing policy validation for flags (bnc#1012628).
- taprio: Use taprio_reset_tc() to reset Traffic Classes
configuration (bnc#1012628).
- taprio: Fix dropping packets when using taprio + ETF offloading
(bnc#1012628).
- ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
(bnc#1012628).
- qed: Fix timestamping issue for L2 unicast ptp packets
(bnc#1012628).
- drop_monitor: Do not cancel uninitialized work item
(bnc#1012628).
- net/mlx5: Fix deadlock in fs_core (bnc#1012628).
- net/mlx5: Deprecate usage of generic TLS HW capability bit
(bnc#1012628).
- r8169: fix performance regression related to PCIe max read
request size (bnc#1012628).
- net/mlx5e: TX, Error completion is for last WQE in batch
(bnc#1012628).
- cifs: fail i/o on soft mounts if sessionsetup errors out
(bnc#1012628).
- cifs: fix mode bits from dir listing when mounted with
modefromsid (bnc#1012628).
- x86/apic/msi: Plug non-maskable MSI affinity race (bnc#1012628).
- clocksource: Prevent double add_timer_on() for watchdog_timer
(bnc#1012628).
- perf/core: Fix mlock accounting in perf_mmap() (bnc#1012628).
- perf/cgroups: Install cgroup events to correct cpuctx
(bnc#1012628).
- drm/dp_mst: Remove VCPI while disabling topology mgr
(bnc#1012628).
- io_uring: enable option to only trigger eventfd for async
completions (bnc#1012628).
- io_uring: prevent potential eventfd recursion on poll
(bnc#1012628).
- KVM: x86: Protect exit_reason from being used in Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: nVMX: vmread should not set rflags to specify success in
case of #PF (bnc#1012628).
- KVM: Use vcpu-specific gva->hva translation when querying host
page size (bnc#1012628).
- KVM: Play nice with read-only memslots when querying host page
size (bnc#1012628).
- rxrpc: Fix service call disconnection (bnc#1012628).
- IB/core: Fix build failure without hugepages (bnc#1012628).
- crypto: atmel-{aes,tdes} - Do not save IV for ECB mode
(bnc#1012628).
- crypto: atmel-aes - Fix saving of IV for CTR mode (bnc#1012628).
- crypto: atmel-aes - Fix CTR counter overflow when multiple
fragments (bnc#1012628).
- crypto: atmel-tdes - Map driver data flags to Mode Register
(bnc#1012628).
- regulator fix for "regulator: core: Add regulator_is_equal()
helper" (bnc#1012628).
- powerpc/kuap: Fix set direction in allow/prevent_user_access()
(bnc#1012628).
- compat: ARM64: always include asm-generic/compat.h
(bnc#1012628).
- Update config files.
- commit ffbbfe8
- cgroup: init_tasks shouldn't be linked to the root cgroup
(bsc#1163370).
- commit 00b4c73
- ipmi_si: Avoid spurious errors for optional IRQs (bsc#1161943).
- commit 481e5b9
- media: go7007: Fix URB type for interrupt handling
(bsc#1162583).
- commit ae333f8
- iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168
devices (bsc#1163213).
- commit f4b8e5e
==== libeconf ====
Version update (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
- Update to version 0.3.5+git20200203.3144b69:
* Release version 0.3.5
* Use float.h instead of obsolete gnuism values.h
* Remove gnuism (strdupa)
* Check for empty value (NULL pointer) before calling strdup.
- Update to version 0.3.4+git20200121.febebf2:
* Release version 0.3.4
* Fix buffer overflow in econf_readDirs
* Fix parsing of quoted strings, and values starting with delimiters
* tests: add test for quoted strings
* tests: tst-configdirs5: fix config dir paths
==== libxcrypt ====
Version update (4.4.10 -> 4.4.12)
- Update to version 4.4.12
* Another fix for GCC v10.x, which occurs on s390 architectures only.
- Update to version 4.4.11
* Fixes for GCC v10.x
* Change how the known-answer tests are parallelized
- gcc10.patch: remove
==== openssh ====
- Add patches to fix the sandbox blocking glibc on 32bit platforms
(boo#1164061):
* openssh-8.1p1-seccomp-clock_nanosleep_time64.patch
* openssh-8.1p1-seccomp-clock_gettime64.patch
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap
- Move fcoe-utils and irqbalance to hardware pattern, not useful
on guest install.
- Introduce MicroOS Desktop patterns [boo#1163453]
==== podman ====
Version update (1.7.0 -> 1.8.0)
Subpackages: podman-cni-config
- Remove: 0001-clarify-container-prune-force.patch because it's now
included in the release
- Update podman to v1.8.0:
* Features
- The podman system service command has been added, providing a
preview of Podman's new Docker-compatible API. This API is
still very new, and not yet ready for production use, but is
available for early testing
- Rootless Podman now uses Rootlesskit for port forwarding,
which should greatly improve performance and capabilities
- The podman untag command has been added to remove tags from
images without deleting them
- The podman inspect command on images now displays previous
names they used
- The podman generate systemd command now supports a --new
option to generate service files that create and run new
containers instead of managing existing containers
- Support for --log-opt tag= to set logging tags has been added
to the journald log driver
- Added support for using Seccomp profiles embedded in images
for podman run and podman create via the new --seccomp-policy
CLI flag
- The podman play kube command now honors pull policy
* Bugfixes
- Fixed a bug where the podman cp command would not copy the
contents of directories when paths ending in /. were given
- Fixed a bug where the podman play kube command did not
properly locate Seccomp profiles specified relative to
localhost
- Fixed a bug where the podman info command for remote Podman
did not show registry information
- Fixed a bug where the podman exec command did not support
having input piped into it
- Fixed a bug where the podman cp command with rootless Podman
on CGroups v2 systems did not properly determine if the
container could be paused while copying
- Fixed a bug where the podman container prune --force command
could possible remove running containers if they were started
while the command was running
- Fixed a bug where Podman, when run as root, would not
properly configure slirp4netns networking when requested
- Fixed a bug where podman run --userns=keep-id did not work
when the user had a UID over 65535
- Fixed a bug where rootless podman run and podman create with
the --userns=keep-id option could change permissions on
/run/user/$UID and break KDE
- Fixed a bug where rootless Podman could not be run in a
systemd service on systems using CGroups v2
- Fixed a bug where podman inspect would show CPUShares as 0,
instead of the default (1024), when it was not explicitly set
- Fixed a bug where podman-remote push would segfault
- Fixed a bug where image healthchecks were not shown in the
output of podman inspect
- Fixed a bug where named volumes created with containers from
pre-1.6.3 releases of Podman would be autoremoved with their
containers if the --rm flag was given, even if they were
given names
- Fixed a bug where podman history was not computing image
sizes correctly
- Fixed a bug where Podman would not error on invalid values to
the --sort flag to podman images
- Fixed a bug where providing a name for the image made by
podman commit was mandatory, not optional as it should be
- Fixed a bug where the remote Podman client would append an
extra " to %PATH
- Fixed a bug where the podman build command would sometimes
ignore the -f option and build the wrong Containerfile
- Fixed a bug where the podman ps --filter command would only
filter running containers, instead of all containers, if
- -all was not passed
- Fixed a bug where the podman load command on compressed
images would leave an extra copy on disk
- Fixed a bug where the podman restart command would not
properly clean up the network, causing it to function
differently from podman stop; podman start
- Fixed a bug where setting the --memory-swap flag to podman
create and podman run to -1 (to indicate unlimited) was not
supported
* Misc
- Initial work on version 2 of the Podman remote API has been
merged, but is still in an alpha state and not ready for use.
Read more here
- Many formatting corrections have been made to the manpages
- The changes to address (#5009) may cause anonymous volumes
created by Podman versions 1.6.3 to 1.7.0 to not be removed
when their container is removed
- Updated vendored Buildah to v1.13.1
- Updated vendored containers/storage to v1.15.8
- Updated vendored containers/image to v5.2.0
==== sudo ====
Version update (1.8.28p1 -> 1.8.31)
- Update to 1.8.31
Major changes between version 1.8.31 and 1.8.30:
* This version fixes a potential security issue that can lead to
a buffer overflow if the pwfeedback option is enabled in
sudoers [CVE-2019-18634] [bsc#1162202]
* The sudoedit_checkdir option now treats a user-owned directory
as writable, even if it does not have the write bit set at the
time of check. Symbolic links will no longer be followed by
sudoedit in any user-owned directory. Bug #912.
* Fixed a crash introduced in sudo 1.8.30 when suspending sudo
at the password prompt. Bug #914.
* Fixed compilation on systems where the mmap MAP_ANON flag is
not available. Bug #915.
Major changes between version 1.8.30 and 1.8.29:
* Sudo now closes file descriptors before changing uids. This
prevents a non-root process from interfering with sudo's ability
to close file descriptors on systems that support the prlimit(2)
system call.
* Sudo now treats an attempt to run sudo sudoedit as simply
sudoedit If the sudoers file contains a fully-qualified path
to sudoedit, sudo will now treat it simply as sudoedit
(with no path). Visudo will will now treat a fully-qualified
path to sudoedit as an error. Bug #871.
* Fixed a bug introduced in sudo 1.8.28 where sudo would warn
about a missing /etc/environment file on AIX and Linux when
PAM is not enabled. Bug #907.
* Fixed a bug on Linux introduced in sudo 1.8.29 that prevented
the askpass program from running due to an unlimited stack size
resource limit. Bug #908.
* If a group provider plugin has optional arguments, the argument
list passed to the plugin is now NULL terminated as per the
documentation.
* The user's time stamp file is now only updated if both authentication
and approval phases succeed. This is consistent with the behavior
of sudo prior to version 1.8.23. Bug #910.
* The new allow_unknown_runas_id sudoers setting can be used to
enable or disable the use of unknown user or group IDs.
Previously, sudo would always allow unknown user or group IDs if
the sudoers entry permitted it, including via the ALL alias.
As of sudo 1.8.30, the admin must explicitly enable support for
unknown IDs.
* The new runas_check_shell sudoers setting can be used to require
that the runas user have a shell listed in the /etc/shells file.
On many systems, users such as bin, do not have a valid shell and
this flag can be used to prevent commands from being run as
those users.
* Fixed a problem restoring the SELinux tty context during reboot
if mctransd is killed before sudo finishes. GitHub Issue #17.
* Fixed an intermittent warning on NetBSD when sudo restores the
initial stack size limit.
Major changes between version 1.8.29 and 1.8.28p1:
* The cvtsudoers command will now reject non-LDIF input when
converting from LDIF format to sudoers or JSON formats.
* The new log_allowed and log_denied sudoers settings make it
possible to disable logging and auditing of allowed and/or
denied commands.
* The umask is now handled differently on systems with PAM or
login.conf. If the umask is explicitly set in sudoers, that
value is used regardless of what PAM or login.conf may specify.
However, if the umask is not explicitly set in sudoers, PAM or
login.conf may now override the default sudoers umask. Bug #900.
* For make install, the sudoers file is no longer checked for syntax
errors when DESTDIR is set. The default sudoers file includes the
contents of /etc/sudoers.d which may not be readable as non-root.
Bug #902.
* Sudo now sets most resource limits to their maximum value to avoid
problems caused by insufficient resources, such as an inability to
allocate memory or open files and pipes. Fixed a regression introduced
in sudo 1.8.28 where sudo would refuse to run if the parent process was
not associated with a session. This was due to sudo passing a session
ID of -1 to the plugin.
- refresh sudo-sudoers.patch
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
btrfsprogs (5.4 -> 5.4.1)
chrony
cri-o (1.16.1 -> 1.17.0)
glibc (2.30 -> 2.31)
grep (3.3 -> 3.4)
issue-generator (1.7 -> 1.8)
kernel-firmware (20200122 -> 20200207)
kernel-source (5.5.2 -> 5.5.4)
libeconf (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
libxcrypt (4.4.10 -> 4.4.12)
nfs-utils
openssh
patterns-microos
podman (1.7.0 -> 1.8.0)
sudo (1.8.28p1 -> 1.8.31)
=== Details ===
==== btrfsprogs ====
Version update (5.4 -> 5.4.1)
Subpackages: btrfsprogs-udev-rules libbtrfs0
- Update to 5.4.1
* build: fix docbook5 build
* check: do extra verification of extent items, inode items and chunks
* qgroup: return ENOTCONN if quotas not running (needs updated kernel)
* other: various test fixups
==== chrony ====
- Add chrony-test-update-processing-of-packet-log.patch in order
to fix test-suite failure.
- Update clknetsim to version 79ffe44 (fixes boo#1162964).
- Backport chrony-test-fix-util-unit-test-for-NTP-era-split.patch.
==== cri-o ====
Version update (1.16.1 -> 1.17.0)
Subpackages: cri-o-kubeadm-criconfig
- Put default configuration in /etc/crio/crio.conf.d/00-default.conf
in replacement for /etc/crio/crio.conf
- Uncomment default apparmor profile to always fallback to the
default one
- Remove prevent-local-loopback-teardown-rh1754154.patch which is
now included in upstream
- Update to v1.17.0:
* Major Changes
- Allow CRI-O to manage IPC and UTS namespaces, in addition to
Network
- Add support for drop-in configuration files
- Added image pull and network setup metrics
- Image decryption support
- Remove unneeded host_ip configuration value
* Minor Changes
- Setup container environment variables before user
- Move default version file location to a tmpfs
- Failures to stop the network will now cause a stop sandbox
request to fail
- Persist container exit codes across reboot
- Add conmonmon: a conmon monitoring loop to protect against
conmon being OOM'd
- Add namespaces{-_}dir CLI and config option
- Add disk usage for ListContainerStats
- Introduce new runtime field to restrict devices in privileged
mode
==== glibc ====
Version update (2.30 -> 2.31)
Subpackages: glibc-locale glibc-locale-base
- nsswitch.conf: comment out initgroups setting, so that it defaults to
the group setting (bsc#1164075)
- fix-locking-in-_IO_cleanup.patch: update to latest version
- Update to glibc 2.31
* The GNU C Library now supports a feature test macro _ISOC2X_SOURCE to
enable features from the draft ISO C2X standard
* The <math.h> functions that round their results to a narrower type now
have corresponding type-generic macros in <tgmath.h>
* The function pthread_clockjoin_np has been added, enabling join with a
terminated thread with a specific clock
* New locale added: mnw_MM (Mon language spoken in Myanmar).
* The DNS stub resolver will optionally send the AD (authenticated data) bit
in queries if the trust-ad option is set via the options directive in
/etc/resolv.conf (or if RES_TRUSTAD is set in _res.options)
* The totalorder and totalordermag functions, and the corresponding
functions for other floating-point types, now take pointer arguments to
avoid signaling NaNs possibly being converted to quiet NaNs in argument
passing
* The obsolete function stime is no longer available to newly linked
binaries, and its declaration has been removed from <time.h>
* The gettimeofday function no longer reports information about a
system-wide time zone
* If a lazy binding failure happens during dlopen, during the execution of
an ELF constructor, the process is now terminated
- malloc-info-whitespace.patch, riscv-vfork.patch,
prefer-map-32bit-exec.patch, backtrace-powerpc.patch,
ldconfig-dynstr.patch: Removed.
- backtrace-powerpc.patch: Fix array overflow in backtrace on PowerPC
(bsc#1158996, BZ #25423)
- Drop support for pluggable gconv modules (bsc#1159851)
==== grep ====
Version update (3.3 -> 3.4)
- Switch back to system regex to avoid undefined behaviour
- grep 3.4:
* new --no-ignore-case option causes grep to observe case
distinctions, overriding any previous -i (--ignore-case) option
* '.' no longer matches some invalid byte sequences in UTF-8 locales
* grep -Fw can no longer false match in non-UTF-8 multibyte locales
* The exit status of 'grep -L' is no longer incorrect when standard
output is /dev/null
* fix some performance bugs
- drop test-pcre-jitstack.diff
==== issue-generator ====
Version update (1.7 -> 1.8)
- Update to version 1.8
- Handle network interface renames
==== kernel-firmware ====
Version update (20200122 -> 20200207)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd
- Update to version 20200207 (git commit 6f89735800fe):
* rtl_nic: update firmware for RTL8153A
* rtl_bt: Update RTL8822C BT FW to V0x0998_C2B4
* linux-firmware: add firmware for MT7622
* linux-firmware: add version 2 for MT7615E
* amdgpu: update to latest navi10 firmware from 19.50
* Revert "radeon: update oland rlc microcode from amdgpu"
* amlogic: update video decoder firmwares
* amdgpu: add renoir firmware for 19.50
* amdgpu: update raven2 firmware for 19.50
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.12.A.13
* qca: update bluetooth firmware for QCA6174
- Update topics and alias list
==== kernel-source ====
Version update (5.5.2 -> 5.5.4)
- bcache: fix incorrect data type usage in btree_flush_write()
(git-fixes).
- commit 119f9ca
- Linux 5.5.4 (bnc#1012628).
- selinux: fall back to ref-walk if audit is required
(bnc#1012628).
- libertas: make lbs_ibss_join_existing() return error code on
rates overflow (bnc#1012628).
- libertas: don't exit from lbs_ibss_join_existing() with RCU
read lock held (bnc#1012628).
- mwifiex: Fix possible buffer overflows in
mwifiex_cmd_append_vsie_tlv() (bnc#1012628).
- mwifiex: Fix possible buffer overflows in
mwifiex_ret_wmm_get_status() (bnc#1012628).
- dmaengine: axi-dmac: add a check for devm_regmap_init_mmio
(bnc#1012628).
- clk: meson: g12a: fix missing uart2 in regmap table
(bnc#1012628).
- mfd: max77650: Select REGMAP_IRQ in Kconfig (bnc#1012628).
- regmap: fix writes to non incrementing registers (bnc#1012628).
- pinctrl: qcom: Don't lock around irq_set_irq_wake()
(bnc#1012628).
- pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
(bnc#1012628).
- pinctrl: sh-pfc: r8a77965: Fix DU_DOTCLKIN3 drive/bias control
(bnc#1012628).
- pinctrl: baytrail: Allocate IRQ chip dynamic (bnc#1012628).
- selinux: fix regression introduced by move_mount(2) syscall
(bnc#1012628).
- selinux: revert "stop passing MAY_NOT_BLOCK to the AVC upon
follow_link" (bnc#1012628).
- x86/alternatives: add missing insn.h include (bnc#1012628).
- bcache: avoid unnecessary btree nodes flushing in
btree_flush_write() (bnc#1012628).
- ASoC: soc-generic-dmaengine-pcm: Fix error handling
(bnc#1012628).
- dt-bindings: iio: adc: ad7606: Fix wrong maxItems value
(bnc#1012628).
- i2c: cros-ec-tunnel: Fix ACPI identifier (bnc#1012628).
- i2c: cros-ec-tunnel: Fix slave device enumeration (bnc#1012628).
- media: i2c: adv748x: Fix unsafe macros (bnc#1012628).
- drivers: watchdog: stm32_iwdg: set WDOG_HW_RUNNING at probe
(bnc#1012628).
- crypto: caam/qi2 - fix typo in algorithm's driver name
(bnc#1012628).
- crypto: atmel-sha - fix error handling when setting hmac key
(bnc#1012628).
- crypto: artpec6 - return correct error code for failed setkey()
(bnc#1012628).
- crypto: testmgr - don't try to decrypt uninitialized buffers
(bnc#1012628).
- mtd: sharpslpart: Fix unsigned comparison to zero (bnc#1012628).
- mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
(bnc#1012628).
- arm64: kvm: Fix IDMAP overlap with HYP VA (bnc#1012628).
- arm64: nofpsmid: Handle TIF_FOREIGN_FPSTATE flag cleanly
(bnc#1012628).
- KVM: arm64: Treat emulated TVAL TimerValue as a signed 32-bit
integer (bnc#1012628).
- KVM: arm64: pmu: Fix chained SW_INCR counters (bnc#1012628).
- KVM: arm64: pmu: Don't increment SW_INCR if PMCR.E is unset
(bnc#1012628).
- KVM: arm: Make inject_abt32() inject an external abort instead
(bnc#1012628).
- KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
(bnc#1012628).
- KVM: arm/arm64: Fix young bit from mmu notifier (bnc#1012628).
- crypto: arm/chacha - fix build failured when kernel mode NEON
is disabled (bnc#1012628).
- arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
(bnc#1012628).
- arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
(bnc#1012628).
- arm64: cpufeature: Fix the type of no FP/SIMD capability
(bnc#1012628).
- arm64: kernel: Correct annotation of end of el0_sync
(bnc#1012628).
- sched/uclamp: Fix a bug in propagating uclamp value in new
cgroups (bnc#1012628).
- ARM: 8949/1: mm: mark free_memmap as __init (bnc#1012628).
- KVM: arm/arm64: vgic-its: Fix restoration of unmapped
collections (bnc#1012628).
- ARM: at91: pm: use of_device_id array to find the proper shdwc
node (bnc#1012628).
- ARM: at91: pm: use SAM9X60 PMC's compatible (bnc#1012628).
- iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
(bnc#1012628).
- powerpc/pseries: Allow not having ibm,
hypertas-functions::hcall-multi-tce for DDW (bnc#1012628).
- powerpc/pseries/vio: Fix iommu_table use-after-free refcount
warning (bnc#1012628).
- powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some
paths (bnc#1012628).
- powerpc/ptdump: Only enable PPC_CHECK_WX with STRICT_KERNEL_RWX
(bnc#1012628).
- powerpc/ptdump: Fix W+X verification call in mark_rodata_ro()
(bnc#1012628).
- Revert "powerpc/pseries/iommu: Don't use dma_iommu_ops on
secure guests" (bnc#1012628).
- soc: qcom: rpmhpd: Set 'active_only' for active only power
domains (bnc#1012628).
- tools/power/acpi: fix compilation error (bnc#1012628).
- ARM: dts: at91: sama5d3: define clock rate range for tcb1
(bnc#1012628).
- ARM: dts: at91: sama5d3: fix maximum peripheral clock rates
(bnc#1012628).
- ARM: dts: meson8b: use the actual frequency for the GPU's
364MHz OPP (bnc#1012628).
- ARM: dts: meson8: use the actual frequency for the GPU's
182.1MHz OPP (bnc#1012628).
- arm64: dts: marvell: clearfog-gt-8k: fix switch cpu port node
(bnc#1012628).
- arm64: dts: renesas: r8a77990: ebisu: Remove
clkout-lr-synchronous from sound (bnc#1012628).
- ARM: dts: am43xx: add support for clkout1 clock (bnc#1012628).
- ARM: dts: at91: Reenable UART TX pull-ups (bnc#1012628).
- arm64: dts: qcom: msm8998-mtp: Add alias for blsp1_uart3
(bnc#1012628).
- arm64: dts: uDPU: fix broken ethernet (bnc#1012628).
- arm64: dts: qcom: msm8998: Fix tcsr syscon size (bnc#1012628).
- platform/x86: intel_mid_powerbtn: Take a copy of ddata
(bnc#1012628).
- ARC: [plat-axs10x]: Add missing multicast filter number to
GMAC node (bnc#1012628).
- MIPS: Loongson: Fix potential NULL dereference in
loongson3_platform_init() (bnc#1012628).
- watchdog: qcom: Use platform_get_irq_optional() for bark irq
(bnc#1012628).
- rtc: cmos: Stop using shared IRQ (bnc#1012628).
- rtc: hym8563: Return -EINVAL if the time is known to be invalid
(bnc#1012628).
- rtc: mt6397: drop free_irq of devm_ allocated irq (bnc#1012628).
- netdevsim: use __GFP_NOWARN to avoid memalloc warning
(bnc#1012628).
- netdevsim: fix panic in nsim_dev_take_snapshot_write()
(bnc#1012628).
- netdevsim: disable devlink reload when resources are being used
(bnc#1012628).
- netdevsim: fix using uninitialized resources (bnc#1012628).
- mt76: mt7615: fix max_nss in mt7615_eeprom_parse_hw_cap
(bnc#1012628).
- bpf, sockmap: Check update requirements after locking
(bnc#1012628).
- bpf: Improve bucket_log calculation logic (bnc#1012628).
- selftests/bpf: Test freeing sockmap/sockhash with a socket in it
(bnc#1012628).
- bpf, sockhash: Synchronize_rcu before free'ing map
(bnc#1012628).
- bpf, sockmap: Don't sleep while holding RCU lock on tear-down
(bnc#1012628).
- bpftool: Don't crash on missing xlated program instructions
(bnc#1012628).
- x86/boot: Handle malformed SRAT tables during early ACPI parsing
(bnc#1012628).
- NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals
(bnc#1012628).
- NFSv4: try lease recovery on NFS4ERR_EXPIRED (bnc#1012628).
- NFSv4: pnfs_roc() must use cred_fscmp() to compare creds
(bnc#1012628).
- NFS: Fix fix of show_nfs_errors (bnc#1012628).
- NFS/pnfs: Fix pnfs_generic_prepare_to_resend_writes()
(bnc#1012628).
- NFS: Revalidate the file size on a fatal write error
(bnc#1012628).
- nfs: NFS_SWAP should depend on SWAP (bnc#1012628).
- NFSv4.x recover from pre-mature loss of openstateid
(bnc#1012628).
- netfilter: flowtable: Fix missing flush hardware on table free
(bnc#1012628).
- netfilter: flowtable: Fix hardware flush order on
nf_flow_table_cleanup (bnc#1012628).
- netfilter: flowtable: restrict flow dissector match on meta
ingress device (bnc#1012628).
- netfilter: flowtable: fetch stats only if flow is still alive
(bnc#1012628).
- iwlwifi: mvm: fix TDLS discovery with the new firmware API
(bnc#1012628).
- iwlwifi: mvm: avoid use after free for pmsr request
(bnc#1012628).
- PCI/AER: Initialize aer_fifo (bnc#1012628).
- PCI: Don't disable bridge BARs when assigning bus resources
(bnc#1012628).
- PCI: tegra: Fix afi_pex2_ctrl reg offset for Tegra30
(bnc#1012628).
- PCI/switchtec: Fix vep_vector_number ioread width (bnc#1012628).
- PCI/switchtec: Use dma_set_mask_and_coherent() (bnc#1012628).
- ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
(bnc#1012628).
- PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (bnc#1012628).
- scsi: ufs: Fix ufshcd_probe_hba() reture value in case
ufshcd_scsi_add_wlus() fails (bnc#1012628).
- RDMA/umem: Fix ib_umem_find_best_pgsz() (bnc#1012628).
- RDMA/cma: Fix unbalanced cm_id reference count during address
resolve (bnc#1012628).
- RDMA/core: Ensure that rdma_user_mmap_entry_remove() is a fence
(bnc#1012628).
- RDMA/mlx5: Fix handling of IOVA != user_va in ODP paths
(bnc#1012628).
- RDMA/uverbs: Verify MR access flags (bnc#1012628).
- RDMA/core: Fix locking in ib_uverbs_event_read (bnc#1012628).
- RDMA/i40iw: fix a potential NULL pointer dereference
(bnc#1012628).
- RDMA/netlink: Do not always generate an ACK for some netlink
operations (bnc#1012628).
- IB/mlx4: Fix leak in id_map_find_del (bnc#1012628).
- IB/mlx5: Return the administrative GUID if exists (bnc#1012628).
- IB/srp: Never use immediate data if it is disabled by a user
(bnc#1012628).
- IB/mlx4: Fix memory leak in add_gid error flow (bnc#1012628).
- commit 271ee1b
- Update config files: enable CONFIG_FW_CFG_SYSFS for arm64 (bsc#1163521)
- commit d888576
- Update config files: CONFIG_NVME_HWMON=y
When the config files were updated for kernel v5.5, the commit
message claimed CONFIG_NVME_HWMON was to be enabled, however the
configuration files themselves had the option disabled. We definitely
want hardware monitoring enabled on NVME devices, so fix the
configuration files to match the original intent.
- commit d654690
- Linux 5.5.3 (bnc#1012628).
- sparc32: fix struct ipc64_perm type definition (bnc#1012628).
- bnxt_en: Move devlink_register before registering netdev
(bnc#1012628).
- gtp: use __GFP_NOWARN to avoid memalloc warning (bnc#1012628).
- l2tp: Allow duplicate session creation with UDP (bnc#1012628).
- net: hsr: fix possible NULL deref in hsr_handle_frame()
(bnc#1012628).
- net_sched: fix an OOB access in cls_tcindex (bnc#1012628).
- net/core: Do not clear VF index for node/port GUIDs query
(bnc#1012628).
- net: mvneta: fix XDP support if sw bm is used as fallback
(bnc#1012628).
- bnxt_en: Fix TC queue mapping (bnc#1012628).
- net: stmmac: Delete txtimer in suspend() (bnc#1012628).
- tcp: clear tp->total_retrans in tcp_disconnect() (bnc#1012628).
- tcp: clear tp->delivered in tcp_disconnect() (bnc#1012628).
- tcp: clear tp->data_segs{in|out} in tcp_disconnect()
(bnc#1012628).
- tcp: clear tp->segs_{in|out} in tcp_disconnect() (bnc#1012628).
- cls_rsvp: fix rsvp_policy (bnc#1012628).
- rxrpc: Fix use-after-free in rxrpc_put_local() (bnc#1012628).
- rxrpc: Fix insufficient receive notification generation
(bnc#1012628).
- rxrpc: Fix missing active use pinning of rxrpc_local object
(bnc#1012628).
- rxrpc: Fix NULL pointer deref due to call->conn being cleared
on disconnect (bnc#1012628).
- bnxt_en: Refactor logic to re-enable SRIOV after firmware
reset detected (bnc#1012628).
- net: phy: at803x: disable vddio regulator (bnc#1012628).
- bnxt_en: Fix RDMA driver failure with SRIOV after firmware reset
(bnc#1012628).
- ionic: fix rxq comp packet type mask (bnc#1012628).
- MAINTAINERS: correct entries for ISDN/mISDN section
(bnc#1012628).
- netdevsim: fix stack-out-of-bounds in nsim_dev_debugfs_init()
(bnc#1012628).
- bnxt_en: Fix logic that disables Bus Master during firmware
reset (bnc#1012628).
- media: uvcvideo: Avoid cyclic entity chains due to malformed
USB descriptors (bnc#1012628).
- mfd: dln2: More sanity checking for endpoints (bnc#1012628).
- netfilter: ipset: fix suspicious RCU usage in find_set_and_id
(bnc#1012628).
- ALSA: pcm: Fix memory leak at closing a stream without hw_free
(bnc#1012628).
- ipc/msg.c: consolidate all xxxctl_down() functions
(bnc#1012628).
- tracing/kprobes: Have uname use __get_str() in print_fmt
(bnc#1012628).
- tracing: Fix sched switch start/stop refcount racy updates
(bnc#1012628).
- rcu: Use *_ONCE() to protect lockless ->expmask accesses
(bnc#1012628).
- rcu: Avoid data-race in rcu_gp_fqs_check_wake() (bnc#1012628).
- srcu: Apply *_ONCE() to ->srcu_last_gp_end (bnc#1012628).
- rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
(bnc#1012628).
- nvmet: Fix error print message at nvmet_install_queue function
(bnc#1012628).
- nvmet: Fix controller use after free (bnc#1012628).
- Bluetooth: btusb: fix memory leak on fw (bnc#1012628).
- Bluetooth: btusb: Disable runtime suspend on Realtek devices
(bnc#1012628).
- brcmfmac: Fix memory leak in brcmf_usbdev_qinit (bnc#1012628).
- usb: dwc3: gadget: Check END_TRANSFER completion (bnc#1012628).
- usb: dwc3: gadget: Delay starting transfer (bnc#1012628).
- usb: typec: tcpci: mask event interrupts when remove driver
(bnc#1012628).
- objtool: Silence build output (bnc#1012628).
- usb: gadget: f_fs: set req->num_sgs as 0 for non-sg transfer
(bnc#1012628).
- usb: gadget: legacy: set max_speed to super-speed (bnc#1012628).
- usb: gadget: f_ncm: Use atomic_t to track in-flight request
(bnc#1012628).
- usb: gadget: f_ecm: Use atomic_t to track in-flight request
(bnc#1012628).
- ALSA: usb-audio: Fix endianess in descriptor validation
(bnc#1012628).
- ALSA: usb-audio: Annotate endianess in Scarlett gen2 quirk
(bnc#1012628).
- ALSA: dummy: Fix PCM format loop in proc output (bnc#1012628).
- memcg: fix a crash in wb_workfn when a device disappears
(bnc#1012628).
- mm/sparse.c: reset section's mem_map when fully deactivated
(bnc#1012628).
- utimes: Clamp the timestamps in notify_change() (bnc#1012628).
- mm/migrate.c: also overwrite error when it is bigger than zero
(bnc#1012628).
- mm/memory_hotplug: fix remove_memory() lockdep splat
(bnc#1012628).
- mm: thp: don't need care deferred split queue in memcg charge
move path (bnc#1012628).
- mm: move_pages: report the number of non-attempted pages
(bnc#1012628).
- media/v4l2-core: set pages dirty upon releasing DMA buffers
(bnc#1012628).
- media: v4l2-core: compat: ignore native command codes
(bnc#1012628).
- media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left
adjustments (bnc#1012628).
- lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
(bnc#1012628).
- irqdomain: Fix a memory leak in irq_domain_push_irq()
(bnc#1012628).
- x86/cpu: Update cached HLE state on write to
TSX_CTRL_CPUID_CLEAR (bnc#1012628).
- platform/x86: intel_scu_ipc: Fix interrupt support
(bnc#1012628).
- ALSA: hda: Add Clevo W65_67SB the power_save blacklist
(bnc#1012628).
- ALSA: hda: Add JasperLake PCI ID and codec vid (bnc#1012628).
- ALSA: hda - Fix DP-MST support for NVIDIA codecs (bnc#1012628).
- arm64: acpi: fix DAIF manipulation with pNMI (bnc#1012628).
- KVM: arm64: Correct PSTATE on exception entry (bnc#1012628).
- KVM: arm/arm64: Correct CPSR on exception entry (bnc#1012628).
- KVM: arm/arm64: Correct AArch32 SPSR on exception entry
(bnc#1012628).
- KVM: arm64: Only sign-extend MMIO up to register width
(bnc#1012628).
- MIPS: syscalls: fix indentation of the 'SYSNR' message
(bnc#1012628).
- MIPS: fix indentation of the 'RELOCS' message (bnc#1012628).
- MIPS: boot: fix typo in 'vmlinux.lzma.its' target (bnc#1012628).
- MIPS: SGI-IP30: Check for valid pointer before using it
(bnc#1012628).
- MIPS: asm: local: add barriers for Loongson (bnc#1012628).
- s390/mm: fix dynamic pagetable upgrade for hugetlbfs
(bnc#1012628).
- powerpc/mmu_gather: enable RCU_TABLE_FREE even for !SMP case
(bnc#1012628).
- powerpc/ptdump: Fix W+X verification (bnc#1012628).
- powerpc/xmon: don't access ASDR in VMs (bnc#1012628).
- powerpc/pseries: Advance pfn if section is not present in
lmb_is_removable() (bnc#1012628).
- powerpc/32s: Fix bad_kuap_fault() (bnc#1012628).
- powerpc/32s: Fix CPU wake-up from sleep mode (bnc#1012628).
- PCI/ATS: Use PF PASID for VFs (bnc#1012628).
- PCI: tegra: Fix return value check of pm_runtime_get_sync()
(bnc#1012628).
- PCI: keystone: Fix outbound region mapping (bnc#1012628).
- PCI: keystone: Fix link training retries initiation
(bnc#1012628).
- PCI: keystone: Fix error handling when "num-viewport" DT
property is not populated (bnc#1012628).
- mmc: spi: Toggle SPI polarity, do not hardcode it (bnc#1012628).
- ACPI: video: Do not export a non working backlight interface
on MSI MS-7721 boards (bnc#1012628).
- ACPI / battery: Deal with design or full capacity being reported
as -1 (bnc#1012628).
- ACPI / battery: Use design-cap for capacity calculations if
full-cap is not available (bnc#1012628).
- ACPI / battery: Deal better with neither design nor full
capacity not being reported (bnc#1012628).
- smb3: fix default permissions on new files when mounting with
modefromsid (bnc#1012628).
- alarmtimer: Unregister wakeup source when module get fails
(bnc#1012628).
- fscrypt: don't print name of busy file when removing key
(bnc#1012628).
- ubifs: don't trigger assertion on invalid no-key filename
(bnc#1012628).
- ubifs: Fix wrong memory allocation (bnc#1012628).
- ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
(bnc#1012628).
- ubifs: Fix deadlock in concurrent bulk-read and writepage
(bnc#1012628).
- mmc: sdhci-of-at91: fix memleak on clk_get failure
(bnc#1012628).
- ASoC: tegra: Revert 24 and 32 bit support (bnc#1012628).
- ASoC: topology: fix soc_tplg_fe_link_create() - link->dobj
initialization order (bnc#1012628).
- hv_balloon: Balloon up according to request page number
(bnc#1012628).
- mfd: axp20x: Mark AXP20X_VBUS_IPSOUT_MGMT as volatile
(bnc#1012628).
- nvmem: imx: scu: fix write SIP (bnc#1012628).
- nvmem: core: fix memory abort in cleanup path (bnc#1012628).
- crypto: api - Check spawn->alg under lock in crypto_drop_spawn
(bnc#1012628).
- crypto: ccree - fix backlog memory leak (bnc#1012628).
- crypto: ccree - fix AEAD decrypt auth fail (bnc#1012628).
- crypto: ccree - fix pm wrongful error reporting (bnc#1012628).
- crypto: ccree - fix FDE descriptor sequence (bnc#1012628).
- crypto: ccree - fix PM race condition (bnc#1012628).
- padata: Remove broken queue flushing (bnc#1012628).
- fs: allow deduplication of eof block into the end of the
destination file (bnc#1012628).
- scripts/find-unused-docs: Fix massive false positives
(bnc#1012628).
- erofs: fix out-of-bound read for shifted uncompressed block
(bnc#1012628).
- scsi: megaraid_sas: Do not initiate OCR if controller is not
in ready state (bnc#1012628).
- scsi: qla2xxx: Fix stuck login session using prli_pend_timer
(bnc#1012628).
- scsi: qla2xxx: Fix mtcp dump collection failure (bnc#1012628).
- cpupower: Revert library ABI changes from commit
ae2917093fb60bdc1ed3e (bnc#1012628).
- power: supply: axp20x_ac_power: Fix reporting online status
(bnc#1012628).
- power: supply: ltc2941-battery-gauge: fix use-after-free
(bnc#1012628).
- ovl: fix wrong WARN_ON() in ovl_cache_update_ino()
(bnc#1012628).
- ovl: fix lseek overflow on 32bit (bnc#1012628).
- f2fs: fix miscounted block limit in f2fs_statfs_project()
(bnc#1012628).
- f2fs: code cleanup for f2fs_statfs_project() (bnc#1012628).
- f2fs: fix dcache lookup of !casefolded directories
(bnc#1012628).
- f2fs: fix race conditions in ->d_compare() and ->d_hash()
(bnc#1012628).
- PM: core: Fix handling of devices deleted during system-wide
resume (bnc#1012628).
- cpufreq: Avoid creating excessively large stack frames
(bnc#1012628).
- of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
(bnc#1012628).
- ARM: dma-api: fix max_pfn off-by-one error in __dma_supported()
(bnc#1012628).
- dm zoned: support zone sizes smaller than 128MiB (bnc#1012628).
- dm space map common: fix to ensure new block isn't already in
use (bnc#1012628).
- dm writecache: fix incorrect flush sequence when doing SSD
mode commit (bnc#1012628).
- dm crypt: fix GFP flags passed to skcipher_request_alloc()
(bnc#1012628).
- dm crypt: fix benbi IV constructor crash if used in
authenticated mode (bnc#1012628).
- dm thin metadata: use pool locking at end of
dm_pool_metadata_close (bnc#1012628).
- dm thin: fix use-after-free in metadata_pre_commit_callback
(bnc#1012628).
- dm: fix potential for q->make_request_fn NULL pointer
(bnc#1012628).
- tracing: Annotate ftrace_graph_hash pointer with __rcu
(bnc#1012628).
- tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
(bnc#1012628).
- ftrace: Add comment to why rcu_dereference_sched() is open coded
(bnc#1012628).
- ftrace: Protect ftrace_graph_hash with ftrace_sync
(bnc#1012628).
- crypto: pcrypt - Avoid deadlock by using per-instance padata
queues (bnc#1012628).
- btrfs: fix improper setting of scanned for range cyclic write
cache pages (bnc#1012628).
- btrfs: Handle another split brain scenario with metadata uuid
feature (bnc#1012628).
- riscv, bpf: Fix broken BPF tail calls (bnc#1012628).
- libbpf: Fix readelf output parsing for Fedora (bnc#1012628).
- libbpf: Fix printf compilation warnings on ppc64le arch
(bnc#1012628).
- libbpf: Don't attach perf_buffer to offline/missing CPUs
(bnc#1012628).
- selftests/bpf: Fix perf_buffer test on systems w/ offline CPUs
(bnc#1012628).
- flow_dissector: Fix to use new variables for port ranges in
bpf hook (bnc#1012628).
- bpf, devmap: Pass lockdep expression to RCU lists (bnc#1012628).
- libbpf: Add missing newline in opts validation macro
(bnc#1012628).
- libbpf: Fix realloc usage in bpf_core_find_cands (bnc#1012628).
- tc-testing: fix eBPF tests failure on linux fresh clones
(bnc#1012628).
- samples/bpf: Don't try to remove user's homedir on clean
(bnc#1012628).
- samples/bpf: Xdp_redirect_cpu fix missing tracepoint attach
(bnc#1012628).
- samples/bpf: Reintroduce missed build targets (bnc#1012628).
- selftests/bpf: Fix test_attach_probe (bnc#1012628).
- selftests/bpf: Skip perf hw events test if the setup disabled it
(bnc#1012628).
- selftests: bpf: Use a temporary file in test_sockmap
(bnc#1012628).
- selftests: bpf: Ignore FIN packets for reuseport tests
(bnc#1012628).
- crypto: sun8i-ss - fix removal of module (bnc#1012628).
- crypto: amlogic - fix removal of module (bnc#1012628).
- crypto: sun8i-ce - fix removal of module (bnc#1012628).
- crypto: api - fix unexpectedly getting generic implementation
(bnc#1012628).
- crypto: hisilicon - Fix issue with wrong number of sg elements
after dma map (bnc#1012628).
- crypto: hisilicon - Use the offset fields in sqe to avoid need
to split scatterlists (bnc#1012628).
- crypto: ccp - set max RSA modulus size for v3 platform devices
as well (bnc#1012628).
- crypto: arm64/ghash-neon - bump priority to 150 (bnc#1012628).
- crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
(bnc#1012628).
- crypto: hisilicon - select CRYPTO_SKCIPHER, not CRYPTO_BLKCIPHER
(bnc#1012628).
- crypto: atmel-aes - Fix counter overflow in CTR mode
(bnc#1012628).
- crypto: api - Fix race condition in crypto_spawn_alg
(bnc#1012628).
- crypto: picoxcell - adjust the position of tasklet_init and
fix missed tasklet_kill (bnc#1012628).
- powerpc/futex: Fix incorrect user access blocking (bnc#1012628).
- scsi: qla2xxx: Fix unbound NVME response length (bnc#1012628).
- NFS: Fix memory leaks and corruption in readdir (bnc#1012628).
- NFS: Directory page cache pages need to be locked when read
(bnc#1012628).
- nfsd: fix filecache lookup (bnc#1012628).
- jbd2_seq_info_next should increase position index (bnc#1012628).
- ext4: fix deadlock allocating crypto bounce page from mempool
(bnc#1012628).
- ext4: fix race conditions in ->d_compare() and ->d_hash()
(bnc#1012628).
- Btrfs: fix missing hole after hole punching and fsync when
using NO_HOLES (bnc#1012628).
- Btrfs: make deduplication with range including the last block
work (bnc#1012628).
- Btrfs: fix infinite loop during fsync after rename operations
(bnc#1012628).
- btrfs: set trans->drity in btrfs_commit_transaction
(bnc#1012628).
- btrfs: drop log root for dropped roots (bnc#1012628).
- btrfs: free block groups after free'ing fs trees (bnc#1012628).
- Btrfs: fix race between adding and putting tree mod seq elements
and nodes (bnc#1012628).
- btrfs: flush write bio if we loop in extent_write_cache_pages
(bnc#1012628).
- btrfs: Correctly handle empty trees in
find_first_clear_extent_bit (bnc#1012628).
- Btrfs: send, fix emission of invalid clone operations within
the same file (bnc#1012628).
- ARM: tegra: Enable PLLP bypass during Tegra124 LP1
(bnc#1012628).
- iwlwifi: don't throw error when trying to remove IGTK
(bnc#1012628).
- mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
(bnc#1012628).
- sunrpc: expiry_time should be seconds not timeval (bnc#1012628).
- gfs2: fix gfs2_find_jhead that returns uninitialized jhead
with seq 0 (bnc#1012628).
- gfs2: move setting current->backing_dev_info (bnc#1012628).
- gfs2: fix O_SYNC write handling (bnc#1012628).
- drm: atmel-hlcdc: use double rate for pixel clock only if
supported (bnc#1012628).
- drm: atmel-hlcdc: enable clock before configuring timing engine
(bnc#1012628).
- drm: atmel-hlcdc: prefer a lower pixel-clock than requested
(bnc#1012628).
- drm/rect: Avoid division by zero (bnc#1012628).
- media: iguanair: fix endpoint sanity check (bnc#1012628).
- media: rc: ensure lirc is initialized before registering input
device (bnc#1012628).
- tools/kvm_stat: Fix kvm_exit filter name (bnc#1012628).
- xen/balloon: Support xend-based toolstack take two
(bnc#1012628).
- xen/gntdev: Do not use mm notifiers with autotranslating guests
(bnc#1012628).
- watchdog: fix UAF in reboot notifier handling in watchdog core
code (bnc#1012628).
- bcache: add readahead cache policy options via sysfs interface
(bnc#1012628).
- io_uring: don't map read/write iovec potentially twice
(bnc#1012628).
- io_uring: spin for sq thread to idle on shutdown (bnc#1012628).
- eventfd: track eventfd_signal() recursion depth (bnc#1012628).
- aio: prevent potential eventfd recursion on poll (bnc#1012628).
- KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
(bnc#1012628).
- KVM: x86: Protect DR-based index computations from
Spectre-v1/L1TF attacks (bnc#1012628).
- KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from
Spectre-v1/L1TF attacks (bnc#1012628).
- KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect MSR-based index computations in pmu.h from
Spectre-v1/L1TF attacks (bnc#1012628).
- KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: x86: Protect MSR-based index computations from
Spectre-v1/L1TF attacks in x86.c (bnc#1012628).
- KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
(bnc#1012628).
- KVM: x86: Protect MSR-based index computations in
fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks
(bnc#1012628).
- KVM: x86: Fix potential put_fpu() w/o load_fpu() on MPX platform
(bnc#1012628).
- KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
(bnc#1012628).
- KVM: PPC: Book3S PR: Free shared page if mmu initialization
fails (bnc#1012628).
- kvm/svm: PKU not currently supported (bnc#1012628).
- KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
(bnc#1012628).
- KVM: x86: use CPUID to locate host page table reserved bits
(bnc#1012628).
- KVM: x86: Use gpa_t for cr2/gpa to fix TDP support on 32-bit
KVM (bnc#1012628).
- KVM: VMX: Add non-canonical check on writes to RTIT address MSRs
(bnc#1012628).
- KVM: x86: Don't let userspace set host-reserved cr4 bits
(bnc#1012628).
- KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
(bnc#1012628).
- KVM: x86: fix overlap between SPTE_MMIO_MASK and generation
(bnc#1012628).
- KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu()
(bnc#1012628).
- KVM: x86: Ensure guest's FPU state is loaded when accessing
for emulation (bnc#1012628).
- KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest"
(bnc#1012628).
- KVM: s390: do not clobber registers during guest reset/store
status (bnc#1012628).
- KVM: x86: reorganize pvclock_gtod_data members (bnc#1012628).
- KVM: x86: use raw clock values consistently (bnc#1012628).
- ocfs2: fix oops when writing cloned file (bnc#1012628).
- mm/page_alloc.c: fix uninitialized memmaps on a partially
populated last section (bnc#1012628).
- arm64: dts: qcom: qcs404-evb: Set vdd_apc regulator in high
power mode (bnc#1012628).
- mm/mmu_gather: invalidate TLB correctly on batch allocation
failure and flush (bnc#1012628).
- clk: tegra: Mark fuse clock as critical (bnc#1012628).
- drm/amdgpu/navi: fix index for OD MCLK (bnc#1012628).
- drm/tegra: Relax IOMMU usage criteria on old Tegra
(bnc#1012628).
- drm/tegra: Reuse IOVA mapping where possible (bnc#1012628).
- drm/amd/powerplay: fix navi10 system intermittent reboot issue
V2 (bnc#1012628).
- drm/amd/dm/mst: Ignore payload update failures (bnc#1012628).
- drm/amdgpu: fetch default VDDC curve voltages (v2)
(bnc#1012628).
- drm/amdgpu/navi10: add OD_RANGE for navi overclocking
(bnc#1012628).
- drm/amdgpu/smu_v11_0: Correct behavior of restoring default
tables (v2) (bnc#1012628).
- virtio-balloon: initialize all vq callbacks (bnc#1012628).
- virtio-pci: check name when counting MSI-X vectors
(bnc#1012628).
- fix up iter on short count in fuse_direct_io() (bnc#1012628).
- broken ping to ipv6 linklocal addresses on debian buster
(bnc#1012628).
- percpu: Separate decrypted varaibles anytime encryption can
be enabled (bnc#1012628).
- ASoC: meson: axg-fifo: fix fifo threshold setup (bnc#1012628).
- scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size()
return type (bnc#1012628).
- scsi: csiostor: Adjust indentation in csio_device_reset
(bnc#1012628).
- scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
(bnc#1012628).
- scsi: ufs: Recheck bkops level if bkops is disabled
(bnc#1012628).
- compat: scsi: sg: fix v3 compat read/write interface
(bnc#1012628).
- mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two
(bnc#1012628).
- phy: qualcomm: Adjust indentation in read_poll_timeout
(bnc#1012628).
- ext2: Adjust indentation in ext2_fill_super (bnc#1012628).
- powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
(bnc#1012628).
- drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable
(bnc#1012628).
- NFC: pn544: Adjust indentation in pn544_hci_check_presence
(bnc#1012628).
- ppp: Adjust indentation into ppp_async_input (bnc#1012628).
- net: smc911x: Adjust indentation in smc911x_phy_configure
(bnc#1012628).
- net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
(bnc#1012628).
- IB/mlx5: Fix outstanding_pi index for GSI qps (bnc#1012628).
- IB/core: Fix ODP get user pages flow (bnc#1012628).
- IB/core: Fix ODP with IB_ACCESS_HUGETLB handling (bnc#1012628).
- staging: wfx: revert unexpected change in debugfs output
(bnc#1012628).
- nfsd: fix delay timer on 32-bit architectures (bnc#1012628).
- nfsd: fix jiffies/time_t mixup in LRU list (bnc#1012628).
- nfsd: Return the correct number of bytes written to the file
(bnc#1012628).
- virtio-balloon: Fix memory leak when unloading while hinting
is in progress (bnc#1012628).
- virtio_balloon: Fix memory leaks on errors in
virtballoon_probe() (bnc#1012628).
- ubi: fastmap: Fix inverted logic in seen selfcheck
(bnc#1012628).
- ubi: Fix an error pointer dereference in error handling code
(bnc#1012628).
- ubifs: Fix memory leak from c->sup_node (bnc#1012628).
- regulator: core: Add regulator_is_equal() helper (bnc#1012628).
- ASoC: sgtl5000: Fix VDDA and VDDIO comparison (bnc#1012628).
- ASoC: Intel: skl_hda_dsp_common: Fix global-out-of-bounds bug
(bnc#1012628).
- mfd: da9062: Fix watchdog compatible string (bnc#1012628).
- mfd: rn5t618: Mark ADC control register volatile (bnc#1012628).
- mfd: bd70528: Fix hour register mask (bnc#1012628).
- mfd: ab8500: Fix ab8500-clk typo (bnc#1012628).
- bpf: Fix trampoline usage in preempt (bnc#1012628).
- libbpf: Extract and generalize CPU mask parsing logic
(bnc#1012628).
- x86/timer: Don't skip PIT setup when APIC is disabled or in
legacy mode (bnc#1012628).
- bonding/alb: properly access headers in bond_alb_xmit()
(bnc#1012628).
- devlink: report 0 after hitting end in region read
(bnc#1012628).
- dpaa_eth: support all modes with rate adapting PHYs
(bnc#1012628).
- net: dsa: b53: Always use dev->vlan_enabled in
b53_configure_vlan() (bnc#1012628).
- net: dsa: bcm_sf2: Only 7278 supports 2Gb/sec IMP port
(bnc#1012628).
- net: dsa: microchip: enable module autoprobe (bnc#1012628).
- net: mvneta: move rx_dropped and rx_errors in per-cpu stats
(bnc#1012628).
- net_sched: fix a resource leak in tcindex_set_parms()
(bnc#1012628).
- net: stmmac: fix a possible endless loop (bnc#1012628).
- net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
(bnc#1012628).
- net/mlx5: IPsec, Fix esp modify function attribute
(bnc#1012628).
- net/mlx5: IPsec, fix memory leak at
mlx5_fpga_ipsec_delete_sa_ctx (bnc#1012628).
- net: macb: Remove unnecessary alignment check for TSO
(bnc#1012628).
- net: macb: Limit maximum GEM TX length in TSO (bnc#1012628).
- net: stmmac: fix incorrect GMAC_VLAN_TAG register writting in
GMAC4+ (bnc#1012628).
- net: stmmac: xgmac: fix incorrect XGMAC_VLAN_TAG register
writting (bnc#1012628).
- net: stmmac: fix missing IFF_MULTICAST check in
dwmac4_set_filter (bnc#1012628).
- net: stmmac: xgmac: fix missing IFF_MULTICAST checki in
dwxgmac2_set_filter (bnc#1012628).
- net: stmmac: update pci platform data to use phy_interface
(bnc#1012628).
- taprio: Fix enabling offload with wrong number of traffic
classes (bnc#1012628).
- taprio: Fix still allowing changing the flags during runtime
(bnc#1012628).
- taprio: Add missing policy validation for flags (bnc#1012628).
- taprio: Use taprio_reset_tc() to reset Traffic Classes
configuration (bnc#1012628).
- taprio: Fix dropping packets when using taprio + ETF offloading
(bnc#1012628).
- ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
(bnc#1012628).
- qed: Fix timestamping issue for L2 unicast ptp packets
(bnc#1012628).
- drop_monitor: Do not cancel uninitialized work item
(bnc#1012628).
- net/mlx5: Fix deadlock in fs_core (bnc#1012628).
- net/mlx5: Deprecate usage of generic TLS HW capability bit
(bnc#1012628).
- r8169: fix performance regression related to PCIe max read
request size (bnc#1012628).
- net/mlx5e: TX, Error completion is for last WQE in batch
(bnc#1012628).
- cifs: fail i/o on soft mounts if sessionsetup errors out
(bnc#1012628).
- cifs: fix mode bits from dir listing when mounted with
modefromsid (bnc#1012628).
- x86/apic/msi: Plug non-maskable MSI affinity race (bnc#1012628).
- clocksource: Prevent double add_timer_on() for watchdog_timer
(bnc#1012628).
- perf/core: Fix mlock accounting in perf_mmap() (bnc#1012628).
- perf/cgroups: Install cgroup events to correct cpuctx
(bnc#1012628).
- drm/dp_mst: Remove VCPI while disabling topology mgr
(bnc#1012628).
- io_uring: enable option to only trigger eventfd for async
completions (bnc#1012628).
- io_uring: prevent potential eventfd recursion on poll
(bnc#1012628).
- KVM: x86: Protect exit_reason from being used in Spectre-v1/L1TF
attacks (bnc#1012628).
- KVM: nVMX: vmread should not set rflags to specify success in
case of #PF (bnc#1012628).
- KVM: Use vcpu-specific gva->hva translation when querying host
page size (bnc#1012628).
- KVM: Play nice with read-only memslots when querying host page
size (bnc#1012628).
- rxrpc: Fix service call disconnection (bnc#1012628).
- IB/core: Fix build failure without hugepages (bnc#1012628).
- crypto: atmel-{aes,tdes} - Do not save IV for ECB mode
(bnc#1012628).
- crypto: atmel-aes - Fix saving of IV for CTR mode (bnc#1012628).
- crypto: atmel-aes - Fix CTR counter overflow when multiple
fragments (bnc#1012628).
- crypto: atmel-tdes - Map driver data flags to Mode Register
(bnc#1012628).
- regulator fix for "regulator: core: Add regulator_is_equal()
helper" (bnc#1012628).
- powerpc/kuap: Fix set direction in allow/prevent_user_access()
(bnc#1012628).
- compat: ARM64: always include asm-generic/compat.h
(bnc#1012628).
- Update config files.
- commit ffbbfe8
- cgroup: init_tasks shouldn't be linked to the root cgroup
(bsc#1163370).
- commit 00b4c73
- ipmi_si: Avoid spurious errors for optional IRQs (bsc#1161943).
- commit 481e5b9
- media: go7007: Fix URB type for interrupt handling
(bsc#1162583).
- commit ae333f8
- iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168
devices (bsc#1163213).
- commit f4b8e5e
==== libeconf ====
Version update (0.3.3+git20191028.3ac14ce -> 0.3.5+git20200203.3144b69)
- Update to version 0.3.5+git20200203.3144b69:
* Release version 0.3.5
* Use float.h instead of obsolete gnuism values.h
* Remove gnuism (strdupa)
* Check for empty value (NULL pointer) before calling strdup.
- Update to version 0.3.4+git20200121.febebf2:
* Release version 0.3.4
* Fix buffer overflow in econf_readDirs
* Fix parsing of quoted strings, and values starting with delimiters
* tests: add test for quoted strings
* tests: tst-configdirs5: fix config dir paths
==== libxcrypt ====
Version update (4.4.10 -> 4.4.12)
- Update to version 4.4.12
* Another fix for GCC v10.x, which occurs on s390 architectures only.
- Update to version 4.4.11
* Fixes for GCC v10.x
* Change how the known-answer tests are parallelized
- gcc10.patch: remove
==== nfs-utils ====
Subpackages: libnfsidmap1 nfs-client
- Update to version 2.4.3
Dropped patches (accepted upstream):
- 0001-nfs.conf-allow-empty-assignments.patch
- 0002-Let-systemd-know-when-rpc.statd-is-needed.patch
- 0003-systemd-run-statd-notify-even-when-nfs-client-isn-t-.patch
- 0004-nfsidmap-honour-with-pluginpath-for-instalation.patch
- 0005-nfs.conf-fail-to-disable-major-NFS-version-4-using-v.patch
- 0006-conffile-allow-optional-include-files.patch
- 0007-statd-user-from-sm
- 0008-mountd-Initialize-logging-early.patch
Dropped patches (upstream used different solution):
- 0009-Allow-compilation-to-succeed-with-fno-common.patch (btw this used
Patch0: instead of Patch10:) (boo#1160405)
Add nfsdcld - NFSv4 Client Tracking Daemon, add nfsdcld.service and enable it
for nfs-kernel-server, add man page
Add clddb-tool - tool for downgrading the nfsdcld sqlite database schema,
add man page
Removed osd_login (dropped in upstream in 2.3.4 rc1)
- 0009-Allow-compilation-to-succeed-with-fno-common.patch
Allow compilation to success with -fno-common
(boo#1160405)
==== openssh ====
- Add patches to fix the sandbox blocking glibc on 32bit platforms
(boo#1164061):
* openssh-8.1p1-seccomp-clock_nanosleep_time64.patch
* openssh-8.1p1-seccomp-clock_gettime64.patch
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap
- Move fcoe-utils and irqbalance to hardware pattern, not useful
on guest install.
- Introduce MicroOS Desktop patterns [boo#1163453]
==== podman ====
Version update (1.7.0 -> 1.8.0)
Subpackages: podman-cni-config
- Remove: 0001-clarify-container-prune-force.patch because it's now
included in the release
- Update podman to v1.8.0:
* Features
- The podman system service command has been added, providing a
preview of Podman's new Docker-compatible API. This API is
still very new, and not yet ready for production use, but is
available for early testing
- Rootless Podman now uses Rootlesskit for port forwarding,
which should greatly improve performance and capabilities
- The podman untag command has been added to remove tags from
images without deleting them
- The podman inspect command on images now displays previous
names they used
- The podman generate systemd command now supports a --new
option to generate service files that create and run new
containers instead of managing existing containers
- Support for --log-opt tag= to set logging tags has been added
to the journald log driver
- Added support for using Seccomp profiles embedded in images
for podman run and podman create via the new --seccomp-policy
CLI flag
- The podman play kube command now honors pull policy
* Bugfixes
- Fixed a bug where the podman cp command would not copy the
contents of directories when paths ending in /. were given
- Fixed a bug where the podman play kube command did not
properly locate Seccomp profiles specified relative to
localhost
- Fixed a bug where the podman info command for remote Podman
did not show registry information
- Fixed a bug where the podman exec command did not support
having input piped into it
- Fixed a bug where the podman cp command with rootless Podman
on CGroups v2 systems did not properly determine if the
container could be paused while copying
- Fixed a bug where the podman container prune --force command
could possible remove running containers if they were started
while the command was running
- Fixed a bug where Podman, when run as root, would not
properly configure slirp4netns networking when requested
- Fixed a bug where podman run --userns=keep-id did not work
when the user had a UID over 65535
- Fixed a bug where rootless podman run and podman create with
the --userns=keep-id option could change permissions on
/run/user/$UID and break KDE
- Fixed a bug where rootless Podman could not be run in a
systemd service on systems using CGroups v2
- Fixed a bug where podman inspect would show CPUShares as 0,
instead of the default (1024), when it was not explicitly set
- Fixed a bug where podman-remote push would segfault
- Fixed a bug where image healthchecks were not shown in the
output of podman inspect
- Fixed a bug where named volumes created with containers from
pre-1.6.3 releases of Podman would be autoremoved with their
containers if the --rm flag was given, even if they were
given names
- Fixed a bug where podman history was not computing image
sizes correctly
- Fixed a bug where Podman would not error on invalid values to
the --sort flag to podman images
- Fixed a bug where providing a name for the image made by
podman commit was mandatory, not optional as it should be
- Fixed a bug where the remote Podman client would append an
extra " to %PATH
- Fixed a bug where the podman build command would sometimes
ignore the -f option and build the wrong Containerfile
- Fixed a bug where the podman ps --filter command would only
filter running containers, instead of all containers, if
- -all was not passed
- Fixed a bug where the podman load command on compressed
images would leave an extra copy on disk
- Fixed a bug where the podman restart command would not
properly clean up the network, causing it to function
differently from podman stop; podman start
- Fixed a bug where setting the --memory-swap flag to podman
create and podman run to -1 (to indicate unlimited) was not
supported
* Misc
- Initial work on version 2 of the Podman remote API has been
merged, but is still in an alpha state and not ready for use.
Read more here
- Many formatting corrections have been made to the manpages
- The changes to address (#5009) may cause anonymous volumes
created by Podman versions 1.6.3 to 1.7.0 to not be removed
when their container is removed
- Updated vendored Buildah to v1.13.1
- Updated vendored containers/storage to v1.15.8
- Updated vendored containers/image to v5.2.0
==== sudo ====
Version update (1.8.28p1 -> 1.8.31)
- Update to 1.8.31
Major changes between version 1.8.31 and 1.8.30:
* This version fixes a potential security issue that can lead to
a buffer overflow if the pwfeedback option is enabled in
sudoers [CVE-2019-18634] [bsc#1162202]
* The sudoedit_checkdir option now treats a user-owned directory
as writable, even if it does not have the write bit set at the
time of check. Symbolic links will no longer be followed by
sudoedit in any user-owned directory. Bug #912.
* Fixed a crash introduced in sudo 1.8.30 when suspending sudo
at the password prompt. Bug #914.
* Fixed compilation on systems where the mmap MAP_ANON flag is
not available. Bug #915.
Major changes between version 1.8.30 and 1.8.29:
* Sudo now closes file descriptors before changing uids. This
prevents a non-root process from interfering with sudo's ability
to close file descriptors on systems that support the prlimit(2)
system call.
* Sudo now treats an attempt to run sudo sudoedit as simply
sudoedit If the sudoers file contains a fully-qualified path
to sudoedit, sudo will now treat it simply as sudoedit
(with no path). Visudo will will now treat a fully-qualified
path to sudoedit as an error. Bug #871.
* Fixed a bug introduced in sudo 1.8.28 where sudo would warn
about a missing /etc/environment file on AIX and Linux when
PAM is not enabled. Bug #907.
* Fixed a bug on Linux introduced in sudo 1.8.29 that prevented
the askpass program from running due to an unlimited stack size
resource limit. Bug #908.
* If a group provider plugin has optional arguments, the argument
list passed to the plugin is now NULL terminated as per the
documentation.
* The user's time stamp file is now only updated if both authentication
and approval phases succeed. This is consistent with the behavior
of sudo prior to version 1.8.23. Bug #910.
* The new allow_unknown_runas_id sudoers setting can be used to
enable or disable the use of unknown user or group IDs.
Previously, sudo would always allow unknown user or group IDs if
the sudoers entry permitted it, including via the ALL alias.
As of sudo 1.8.30, the admin must explicitly enable support for
unknown IDs.
* The new runas_check_shell sudoers setting can be used to require
that the runas user have a shell listed in the /etc/shells file.
On many systems, users such as bin, do not have a valid shell and
this flag can be used to prevent commands from being run as
those users.
* Fixed a problem restoring the SELinux tty context during reboot
if mctransd is killed before sudo finishes. GitHub Issue #17.
* Fixed an intermittent warning on NetBSD when sudo restores the
initial stack size limit.
Major changes between version 1.8.29 and 1.8.28p1:
* The cvtsudoers command will now reject non-LDIF input when
converting from LDIF format to sudoers or JSON formats.
* The new log_allowed and log_denied sudoers settings make it
possible to disable logging and auditing of allowed and/or
denied commands.
* The umask is now handled differently on systems with PAM or
login.conf. If the umask is explicitly set in sudoers, that
value is used regardless of what PAM or login.conf may specify.
However, if the umask is not explicitly set in sudoers, PAM or
login.conf may now override the default sudoers umask. Bug #900.
* For make install, the sudoers file is no longer checked for syntax
errors when DESTDIR is set. The default sudoers file includes the
contents of /etc/sudoers.d which may not be readable as non-root.
Bug #902.
* Sudo now sets most resource limits to their maximum value to avoid
problems caused by insufficient resources, such as an inability to
allocate memory or open files and pipes. Fixed a regression introduced
in sudo 1.8.28 where sudo would refuse to run if the parent process was
not associated with a session. This was due to sudo passing a session
ID of -1 to the plugin.
- refresh sudo-sudoers.patch
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0