openSUSE Kubic
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
April 2020
- 10 participants
- 53 discussions
09 Apr '20
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ca-certificates-mozilla
ceph (15.1.0.1521+gcdf35413a0 -> 15.2.0.108+g8cf4f02b08)
cloud-init
conmon (2.0.14 -> 2.0.15)
cpio
cri-tools (1.17.0 -> 1.18.0)
cryptsetup (2.3.0 -> 2.3.1)
elfutils (0.178 -> 0.179)
glib2 (2.62.5 -> 2.62.6)
glib2-branding-openSUSE
haproxy (2.1.3+git0.5c020bbdd -> 2.1.4+git0.3cfc2f1d9)
k9s (0.15.2 -> 0.18.1)
kdump
kernel-64kb (5.5.13 -> 5.6.0)
kernel-source (5.5.13 -> 5.6.0)
kexec-tools
krb5
kubernetes
mozilla-nss (3.50 -> 3.51)
nano (4.9 -> 4.9.1)
ncurses
nfs-utils
open-iscsi
openSUSE-build-key
openssl-1_1 (1.1.1d -> 1.1.1f)
pam
permissions (1550_20200228 -> 1550_20200324)
podman
rook (1.2.6+git0.g99024013 -> 1.2.7+git0.g1acfd182)
setools (4.2.2 -> 4.3.0)
system-users
sysuser-tools
transactional-update (2.20.4 -> 2.21)
weave (2.6.1 -> 2.6.2)
wpa_supplicant
xz (5.2.4 -> 5.2.5)
yast2 (4.2.78 -> 4.2.80)
yomi-formula (0.0.1+git.1583771480.5787782 -> 0.0.1+git.1585319502.392f59c)
=== Details ===
==== ca-certificates-mozilla ====
- also run update-ca-certificates in %posttrans
==== ceph ====
Version update (15.1.0.1521+gcdf35413a0 -> 15.2.0.108+g8cf4f02b08)
Subpackages: ceph-common libcephfs2 librados2 libradosstriper1 librbd1 librgw2 python3-ceph-argparse python3-ceph-common python3-cephfs python3-rados python3-rbd python3-rgw
- Update to 15.2.0-108-g8cf4f02b08:
+ rebase on tip of upstream "octopus" branch, SHA1 9267cc03e1b1612109dd57cc6ce74c34ed1f1d00
* cephadm: Fix truncated output of "ceph mgr dump"
- Update to 15.2.0-29-g274f7bc2e7:
+ rebase on tip of upstream "octopus" branch, SHA1 a8062613c81ad08815edcdf06e668fcc77270a03
* upstream 15.2.0 (first Octopus stable) release
https://ceph.io/releases/v15-2-0-octopus-released/
- Update to 15.1.1-220-g0f87374dc1:
+ rebase on tip of upstream "octopus" branch, SHA1 243cbd6224921f7f5c2463705c75cb9eafd0db5c
* upstream 15.1.1 (Octopus release candidate) release
https://github.com/ceph/ceph/releases/tag/v15.1.1
+ cephadm: read everything when calling "ceph mgr dump"
- Update to 15.1.0-2160-g310e512e18:
+ rebase on tip of upstream "octopus" branch, SHA1 465f3855623e30f3b4694f3090adbe27c8cd49c3
- Update to 15.1.0-1766-g3d31471523:
+ rebase on tip of upstream master, SHA1 25b8ecc216b02e848f9719ced8c84670de656e78
==== cloud-init ====
- Update cloud-init-write-routes.patch
+ In cases where the config contains 2 or more default gateway
specifications for an interface only write the first default route,
log warning message about skipped routes
+ Avoid writing invalid route specification if neither the network
nor destination is specified in the route configuration
- Update cloud-init-write-routes.patch
+ Still need to consider the "network" configuration uption
for the v1 config implementation. Fixes regression
introduced with update from Wed Feb 12 19:30:42
- Update cloud-init-write-routes.patch (bsc#1165296)
+ Add the default gateway to the ifroute config file when specified
as part of the subnet configuration
+ Fix typo to properly extrakt provided netmask data (bsc#1163178)
==== conmon ====
Version update (2.0.14 -> 2.0.15)
- Enable support for journald logging (bsc#1162432)
- Update to v2.0.15
- store status while waiting for pid
==== cpio ====
- starting with GCC 10, the default of '-fcommon' option will
change to '-fno-common'. Because cpio build fails with
'fno-common', add '-fcommon' option to optflags as a temporary
workaround for this problem till it's properly fixed [bsc#1160870]
==== cri-tools ====
Version update (1.17.0 -> 1.18.0)
- Update to v1.18.0:
* Main Changes
* Update Kubernetes to v1.18.0
* Switch to urfave/cli/v2
* CRI CLI (crictl)
* Use ContextDialer to fix build
* Add go-template option for inspect commands
* Fix invalid log_path in docs
* CRI validation testing (critest)
* Make apparmor failure test more flexible
* Start container before fetching metrics
* Cleanup container create test to reduce duplication
* Add container stats test
==== cryptsetup ====
Version update (2.3.0 -> 2.3.1)
Subpackages: libcryptsetup12
- Split translations to -lang package
- New version to 2.3.1
* Support VeraCrypt 128 bytes passwords.
VeraCrypt now allows passwords of maximal length 128 bytes
(compared to legacy TrueCrypt where it was limited by 64 bytes).
* Strip extra newline from BitLocker recovery keys
There might be a trailing newline added by the text editor when
the recovery passphrase was passed using the --key-file option.
* Detect separate libiconv library.
It should fix compilation issues on distributions with iconv
implemented in a separate library.
* Various fixes and workarounds to build on old Linux distributions.
* Split lines with hexadecimal digest printing for large key-sizes.
* Do not wipe the device with no integrity profile.
With --integrity none we performed useless full device wipe.
* Workaround for dm-integrity kernel table bug.
Some kernels show an invalid dm-integrity mapping table
if superblock contains the "recalculate" bit. This causes
integritysetup to not recognize the dm-integrity device.
Integritysetup now specifies kernel options such a way that
even on unpatched kernels mapping table is correct.
* Print error message if LUKS1 keyslot cannot be processed.
If the crypto backend is missing support for hash algorithms
used in PBKDF2, the error message was not visible.
* Properly align LUKS2 keyslots area on conversion.
If the LUKS1 payload offset (data offset) is not aligned
to 4 KiB boundary, new LUKS2 keyslots area in now aligned properly.
* Validate LUKS2 earlier on conversion to not corrupt the device
if binary keyslots areas metadata are not correct.
==== elfutils ====
Version update (0.178 -> 0.179)
Subpackages: libasm1 libdw1 libelf1
- Update to version 0.179:
debuginfod-client: When DEBUGINFOD_PROGRESS is set and the program doesn't
install its own debuginfod_progressfn_t show download
progress on stderr.
DEBUGINFOD_TIMEOUT is now defined as seconds to get at
least 100K, defaults to 90 seconds.
Default to $XDG_CACHE_HOME/debuginfod_client.
New functions debuginfod_set_user_data,
debuginfod_get_user_data, debuginfod_get_url and
debuginfod_add_http_header.
Support for file:// URLs.
debuginfod: Uses libarchive directly for reading rpm archives.
Support for indexing .deb/.ddeb archives through dpkg-deb
or bsdtar.
Generic archive support through -Z EXT[=CMD]. Which can be
used for example for arch-linux pacman files by using
- Z '.tar.zst=zstdcat'.
Better logging using User-Agent and X-Forwarded-For headers.
More prometheus metrics.
Support for eliding dots or extraneous slashes in path names.
debuginfod-find: Accept /path/names in place of buildid hex.
libelf: Handle PN_XNUM in elf_getphdrnum before shdr 0 is cached
Ensure zlib resource cleanup on failure.
libdwfl: dwfl_linux_kernel_find_elf and dwfl_linux_kernel_report_offline
now find and handle a compressed vmlinuz image.
readelf, elflint: Handle PT_GNU_PROPERTY.
translations: Updated Ukrainian translation.
==== glib2 ====
Version update (2.62.5 -> 2.62.6)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0
- Update to version 2.62.6:
+ This is expected to be the final release in the 2.62.x stable
series; maintenance effort will shift to the newer 2.64.x
stable series now.
+ Fix SOCKS5 username/password authentication.
+ Exception handling fixes on Windows.
+ Bugs fixed: glgo#GNOME/GLib#1986, glgo#GNOME/GLib#1988,
glgo#GNOME/GLib#2049, glgo#GNOME/GLib!1378,
glgo#GNOME/GLib!1380, glgo#GNOME/GLib!1393,
glgo#GNOME/GLib!1394, glgo#GNOME/GLib!1411.
+ Updated translations.
==== glib2-branding-openSUSE ====
- Update .gschema.override.in:
+ Set sleep-inactive-ac-timeout, sleep-inactive-battery-timeout to
0 for Leap to be consistent with SLE and old versions (bsc#1158497).
==== haproxy ====
Version update (2.1.3+git0.5c020bbdd -> 2.1.4+git0.3cfc2f1d9)
- Update to version 2.1.4+git0.3cfc2f1d9: (boo#1168023) CVE-2020-11100
- SCRIPTS: make announce-release executable again
- BUG/MINOR: namespace: avoid closing fd when socket failed in
my_socketat
- BUG/MEDIUM: muxes: Use the right argument when calling the
destroy method.
- BUG/MINOR: mux-fcgi: Forbid special characters when matching
PATH_INFO param
- MINOR: mux-fcgi: Make the capture of the path-info optional in
pathinfo regex
- SCRIPTS: announce-release: use mutt -H instead of -i to include
the draft
- MINOR: http-htx: Add a function to retrieve the headers size of
an HTX message
- MINOR: filters: Forward data only if the last filter forwards
something
- BUG/MINOR: filters: Count HTTP headers as filtered data but
don't forward them
- BUG/MINOR: http-htx: Don't return error if authority is updated
without changes
- BUG/MINOR: http-ana: Matching on monitor-uri should be
case-sensitive
- MINOR: http-ana: Match on the path if the monitor-uri starts by
a /
- BUG/MAJOR: http-ana: Always abort the request when a tarpit is
triggered
- MINOR: ist: add an iststop() function
- BUG/MINOR: http: http-request replace-path duplicates the query
string
- BUG/MEDIUM: shctx: make sure to keep all blocks aligned
- MINOR: compiler: move CPU capabilities definition from config.h
and complete them
- BUG/MEDIUM: ebtree: don't set attribute packed without
unaligned access support
- BUILD: fix recent build failure on unaligned archs
- CLEANUP: cfgparse: Fix type of second calloc() parameter
- BUG/MINOR: sample: fix the json converter's endian-sensitivity
- BUG/MEDIUM: ssl: fix several bad pointer aliases in a few
sample fetch functions
- BUG/MINOR: connection: make sure to correctly tag local PROXY
connections
- MINOR: compiler: add new alignment macros
- BUILD: ebtree: improve architecture-specific alignment
- BUG/MINOR: h2: reject again empty :path pseudo-headers
- BUG/MINOR: sample: Make sure to return stable IDs in the
unique-id fetch
- BUG/MINOR: dns: ignore trailing dot
- BUG/MINOR: http-htx: Do case-insensive comparisons on Host
header name
- MINOR: contrib/prometheus-exporter: Add heathcheck status/code
in server metrics
- MINOR: contrib/prometheus-exporter: Add the last heathcheck
duration metric
- BUG/MEDIUM: random: initialize the random pool a bit better
- MINOR: tools: add 64-bit rotate operators
- BUG/MEDIUM: random: implement a thread-safe and process-safe
PRNG
- MINOR: backend: use a single call to ha_random32() for the
random LB algo
- BUG/MINOR: checks/threads: use ha_random() and not rand()
- BUG/MAJOR: list: fix invalid element address calculation
- MINOR: debug: report the task handler's pointer relative to
main
- BUG/MEDIUM: debug: make the debug_handler check for the thread
in threads_to_dump
- MINOR: haproxy: export main to ease access from debugger
- BUILD: tools: remove obsolete and conflicting trace() from
standard.c
- BUG/MINOR: wdt: do not return an error when the watchdog
couldn't be enabled
- DOC: fix incorrect indentation of http_auth_*
- OPTIM: startup: fast unique_id allocation for acl.
- BUG/MINOR: pattern: Do not pass len = 0 to calloc()
- DOC: configuration.txt: fix various typos
- DOC: assorted typo fixes in the documentation and Makefile
- BUG/MINOR: init: make the automatic maxconn consider the max of
soft/hard limits
- BUG/MAJOR: proxy_protocol: Properly validate TLV lengths
- REGTEST: make the PROXY TLV validation depend on version 2.2
- BUG/MINOR: filters: Use filter offset to decude the amount of
forwarded data
- BUG/MINOR: filters: Forward everything if no data filters are
called
- MINOR: htx: Add a function to return a block at a specific
offset
- BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the
response payload
- BUG/MEDIUM: compression/filters: Fix loop on HTX blocks
compressing the payload
- BUG/MINOR: http-ana: Reset request analysers on a response side
error
- BUG/MINOR: lua: Ignore the reserve to know if a channel is full
or not
- BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject
action
- BUG/MINOR: http-rules: Fix a typo in the reject action function
- BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop
action
- BUG/MINOR: rules: Increment be_counters if backend is assigned
for a silent-drop
- DOC: fix typo about no-tls-tickets
- DOC: improve description of no-tls-tickets
- DOC: assorted typo fixes in the documentation
- DOC: ssl: clarify security implications of TLS tickets
- BUILD: wdt: only test for SI_TKILL when compiled with thread
support
- BUG/MEDIUM: mt_lists: Make sure we set the deleted element to
NULL;
- MINOR: mt_lists: Appease gcc.
- BUG/MEDIUM: random: align the state on 2*64 bits for ARM64
- BUG/MEDIUM: pools: Always update free_list in pool_gc().
- BUG/MINOR: haproxy: always initialize sleeping_thread_mask
- BUG/MINOR: listener/mq: do not dispatch connections to remote
threads when stopping
- BUG/MINOR: haproxy/threads: try to make all threads leave
together
- DOC: proxy_protocol: Reserve TLV type 0x05 as
PP2_TYPE_UNIQUE_ID
- DOC: correct typo in alert message about rspirep
- BUILD: on ARM, must be linked to libatomic.
- BUILD: makefile: fix regex syntax in ARM platform detection
- BUILD: makefile: fix expression again to detect ARM platform
- BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong
cases.
- DOC: assorted typo fixes in the documentation
- MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into
types/signal.h.
- BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in
__signal_process_queue().
- MINOR: memory: Change the flush_lock to a spinlock, and don't
get it in alloc.
- BUG/MINOR: connections: Make sure we free the connection on
failure.
- REGTESTS: use "command -v" instead of "which"
- REGTEST: increase timeouts on the seamless-reload test
- BUG/MINOR: haproxy/threads: close a possible race in soft-stop
detection
- BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized
- BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL
- BUG/MINOR: peers: Use after free of "peers" section.
- MINOR: listener: add so_name sample fetch
- BUILD: ssl: only pass unsigned chars to isspace()
- BUG/MINOR: stats: Fix color of draining servers on stats page
- DOC: internals: Fix spelling errors in filters.txt
- MINOR: http-rules: Add a flag on redirect rules to know the
rule direction
- BUG/MINOR: http_ana: make sure redirect flags don't have
overlapping bits
- MINOR: http-rules: Handle the rule direction when a redirect is
evaluated
- BUG/MINOR: http-ana: Reset request analysers on error when
waiting for response
- BUG/CRITICAL: hpack: never index a header into the headroom
after wrapping
==== k9s ====
Version update (0.15.2 -> 0.18.1)
- Update to version 0.18.1
- Many bug fixes
- Many new features (auto suggestions, revisited logs, k9 plugins)
- see https://github.com/derailed/k9s/releases/
==== kdump ====
- kdump-make-sure-that-the-udev-runtime-directory-exists.patch:
Make sure that the udev runtime directory exists (bsc#1164713).
==== kernel-64kb ====
Version update (5.5.13 -> 5.6.0)
- Refresh
patches.suse/media-go7007-Fix-URB-type-for-interrupt-handling.patch.
Update upstream status.
- commit 46fab61
- mac80211: fix authentication with iwlwifi/mvm
(https://lkml.kernel.org/r/20200329.212136.273575061630425724.davem@davemlof…)
- commit 5032681
- Revert "sign also s390x kernel images (bsc#1163524)"
This reverts commit b38b61155f0a2c3ebca06d4bb0c2e11a19a87f1f.
The pesign-obs-integration changes needed for s390x image signing are
still missing in Factory so that this change breaks s390x builds.
- commit 9544af9
- Update to 5.6 final
- refresh configs
- commit da616f7
==== kernel-source ====
Version update (5.5.13 -> 5.6.0)
- Refresh
patches.suse/media-go7007-Fix-URB-type-for-interrupt-handling.patch.
Update upstream status.
- commit 46fab61
- mac80211: fix authentication with iwlwifi/mvm
(https://lkml.kernel.org/r/20200329.212136.273575061630425724.davem@davemlof…)
- commit 5032681
- Revert "sign also s390x kernel images (bsc#1163524)"
This reverts commit b38b61155f0a2c3ebca06d4bb0c2e11a19a87f1f.
The pesign-obs-integration changes needed for s390x image signing are
still missing in Factory so that this change breaks s390x builds.
- commit 9544af9
- Update to 5.6 final
- refresh configs
- commit da616f7
==== kexec-tools ====
- kexec-tools-Remove-duplicated-variable-declarations.patch:
Remove duplicated variable declarations (boo#1160399).
- kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch: s390:
Reset kernel command line on syscall fallback (bsc#1167868).
==== krb5 ====
- Fix segfault in k5_primary_domain; (bsc#1167620);
- Added patches:
* 0009-Fix-null-dereference-qualifying-short-hostnames.patch
==== kubernetes ====
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet-common kubernetes-kubelet1.17 kubernetes-kubelet1.18
- Rename /usr/lib/sysctl.d/50-kubeadm.conf to 90-kubeadm.conf [boo#1163328]
- Dropping all old CaaSP legacy configuration
==== mozilla-nss ====
Version update (3.50 -> 3.51)
- Update previous patch nss-kremlin-ppc64le.patch
slightly modified to support also ppc64 (BE) versus initial
https://github.com/FStarLang/kremlin/issues/166
- Add patch nss-kremlin-ppc64le.patch to fix ppc and s390x builds
- update to NSS 3.51
* Updated DTLS 1.3 implementation to Draft-34. (bmo#1608892)
* Correct swapped PKCS11 values of CKM_AES_CMAC and
CKM_AES_CMAC_GENERAL (bmo#1611209)
* Complete integration of Wycheproof ECDH test cases (bmo#1612259)
* Check if PPC __has_include(<sys/auxv.h>) (bmo#1614183)
* Fix a compilation error for ?getFIPSEnv? "defined but not used"
(bmo#1614786)
* Send DTLS version numbers in DTLS 1.3 supported_versions extension
to avoid an incompatibility. (bmo#1615208)
* SECU_ReadDERFromFile calls strstr on a string that isn't guaranteed
to be null-terminated (bmo#1538980)
* Correct a warning for comparison of integers of different signs:
'int' and 'unsigned long' in security/nss/lib/freebl/ecl/ecp_25519.c:88
(bmo#1561337)
* Add test for mp_int clamping (bmo#1609751)
* Don't attempt to read the fips_enabled flag on the machine unless
NSS was built with FIPS enabled (bmo#1582169)
* Fix a null pointer dereference in BLAKE2B_Update (bmo#1431940)
* Fix compiler warning in secsign.c (bmo#1617387)
* Fix a OpenBSD/arm64 compilation error: unused variable 'getauxval'
(bmo#1618400)
* Fix a crash on unaligned CMACContext.aes.keySchedule when using
AES-NI intrinsics (bmo#1610687)
==== nano ====
Version update (4.9 -> 4.9.1)
- GNU nano 4.9.1
* fix cursor getting misplaced when undoing line cuts
* fix filtering of the whole buffer to a new buffer
==== ncurses ====
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Add ncurses patch 20200321
+ improve configure-checks to reduce warnings about unused variables.
+ improve description of error-returns in waddch and waddnstr manual
pages (prompted by patch by Benno Schulenberg).
+ add test/move_field.c to demonstrate move_field(), and a stub for
a corresponding demo of dup_field().
- Add ncurses patch 20200314
+ add history note to curs_scanw.3x for <stdarg.h> and <varargs.h>
+ add history note to curs_printw.3x for <stdarg.h> and <varargs.h>
+ add portability note to ncurses.3x regarding <stdarg.h>
==== nfs-utils ====
Subpackages: libnfsidmap1 nfs-client
- Improve the hack to avoid python dependencies.
A new python script had been added since that hack was written.
(boo#1166067)
- 0001-conffile-Don-t-give-warning-for-optional-config-file.patch
Support optional include files correctly
(boo#1164619)
- Update nfs.conf
- change value: udp=n (disabled in 2.2.1.)
- update name: manage-gids
- new: verbosity=0, rpc-verbosity=0, use-gss-proxy=0, rdma-port=20049,
no-notify=0, force=0, lift-grace=y
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Update with two upstream commits:
* Fix issue where "iscsi-iname -p" core dumps. (found upstream)
* Fix iscsi.service so it handles restarts better (bsc#1163499)
* Add Wants=remote-fs-pre.target for sequencing. (bsc#1158536)
updating:
* open-iscsi-SUSE-latest.diff.bz2
- Update SPEC file to work around issue with installcheck
SUSE script. Update the SPEC file while there.
==== openSUSE-build-key ====
- mark the opensuse-container-key and the suse-container-key
for openSUSE:Containers and SUSE:Containers space.
(same as the build keys for SLE15 and openSUSE respectively.)
- Replace the old security(a)suse.de email comm key by the new, move
the old one to the oldkey. (bsc#1166334)
==== openssl-1_1 ====
Version update (1.1.1d -> 1.1.1f)
- Update to 1.1.1f
* Revert the unexpected EOF reporting via SSL_ERROR_SSL
- refresh openssl-1.1.0-no-html.patch
- Update to 1.1.1e
* Properly detect EOF while reading in libssl. Previously if we hit an EOF
while reading in libssl then we would report an error back to the
application (SSL_ERROR_SYSCALL) but errno would be 0. We now add
an error to the stack (which means we instead return SSL_ERROR_SSL) and
therefore give a hint as to what went wrong.
* Check that ed25519 and ed448 are allowed by the security level. Previously
signature algorithms not using an MD were not being checked that they were
allowed by the security level.
* Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername()
was not quite right. The behaviour was not consistent between resumption
and normal handshakes, and also not quite consistent with historical
behaviour. The behaviour in various scenarios has been clarified and
it has been updated to make it match historical behaviour as closely as
possible.
* Corrected the documentation of the return values from the EVP_DigestSign*
set of functions. The documentation mentioned negative values for some
errors, but this was never the case, so the mention of negative values
was removed.
* Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
The presence of this system service is determined at run-time.
* Added newline escaping functionality to a filename when using openssl dgst.
This output format is to replicate the output format found in the '*sum'
checksum programs. This aims to preserve backward compatibility.
* Print all values for a PKCS#12 attribute with 'openssl pkcs12', not just
the first value.
- Update bunch of patches as the internal crypto headers got reorganized
- drop openssl-1_1-CVE-2019-1551.patch (upstream)
- openssl dgst: default to SHA256 only when called without a digest,
not when it couldn't be found (bsc#1166189)
* add openssl-unknown_dgst.patch
- Limit the DRBG selftests to not deplete entropy (bsc#1165274)
* update openssl-fips_selftest_upstream_drbg.patch
==== pam ====
- Listed all manual pages seperately as pam_userdb.8 has been moved
to pam-extra.
Also %exclude %{_defaultdocdir}/pam as the docs are in a separate
package.
[pam.spec]
- pam_userdb moved to a new package pam-extra as pam-modules
is obsolete and not part of SLE.
[bsc#1166510, pam.spec]
==== permissions ====
Version update (1550_20200228 -> 1550_20200324)
Subpackages: chkstat permissions-config
- Update to version 20200324:
* whitelist s390-tools setgid bit on log directory (bsc#1167163)
* whitelist WMP (bsc#1161335)
* regtest: improve readability of path variables by using literals
* regtest: adjust test suite to new path locations in /usr/share/permissions
* regtest: only catch explicit FileNotFoundError
* regtest: provide valid home directory in /root
* regtest: mount permissions src repository in /usr/src/permissions
* regtest: move initialialization of TestBase paths into the prepare() function
* chkstat: suppport new --config-root command line option
* fix spelling of icingacmd group
==== podman ====
Subpackages: podman-cni-config
- Add "systemd" BUILDFLAGS to build with support for journald
logging (bsc#1162432)
==== rook ====
Version update (1.2.6+git0.g99024013 -> 1.2.7+git0.g1acfd182)
- Update to v1.2.7 (bsc#1168160):
* Apply the expected lower PG count for rgw metadata pools (#5091)
* Reject devices smaller than 5GiB for OSDs (#5089)
* Add extra check for filesystem to skip boot volumes for OSD configuration (#5022)
* Avoid duplication of mon pod anti-affinity (#4998)
* Update service monitor definition during upgrade (#5078)
* Resizer container fix due to misinterpretation of the cephcsi version (#5073-1)
* Set ResourceVersion for Prometheus rules (#4528)
* Upgrade doc clarification for RBAC related to the helm chart (#5054)
==== setools ====
Version update (4.2.2 -> 4.3.0)
- Update to the upstream version 4.3.0:
* Revised sediff method for TE rules. This drastically reduced memory
and run time.
* Added infiniband context support to seinfo, sediff, and apol.
* Added apol configuration for location of Qt assistant.
* Fixed sediff issue where properties header would display when not
requested.
* Fixed sediff issue with type_transition file name comparison.
* Fixed permission map socket sendto information flow direction.
* Added methods to TypeAttribute class to make it a complete Python
collection.
* Genfscon now will look up classes rather than using fixed values
which were dropped from libsepol
- Dropped python3.8-compat.patch
==== system-users ====
Subpackages: system-group-hardware system-group-wheel system-user-bin system-user-daemon system-user-nobody
- Use test -x instead of -f
- Call usermod only if installed
==== sysuser-tools ====
- Fix bug introduced by simplification of check for useradd -g
- Refactor use of sed away
- Use eval set -- $LINE instead of read for parsing
- Clean up sysusers2shadow and make it use only /bin/sh
- Don't let busybox adduser create the home directory, it breaks
permissions of e.g. /sbin (home of daemon)
- Use only /bin/sh in sysusers-generate-pre and the generated code
- Drop use of tail from the generated %pre scriptlets
==== transactional-update ====
Version update (2.20.4 -> 2.21)
Subpackages: transactional-update-zypp-config
- Update to version 2.21
- Use slave mounts for /proc, /sys & /dev
==== weave ====
Version update (2.6.1 -> 2.6.2)
- Update to version 2.6.2
- Weave Net can not be used in fastdp mode and always falls back
- Restrict timeout value passed to pcap library
- Refresh vendor.tar.xz
==== wpa_supplicant ====
- With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete (bsc#1167331)
- Change wpa_supplicant.service to ensure wpa_supplicant gets started before
network. Fix WLAN config on boot with wicked. (boo#1166933)
==== xz ====
Version update (5.2.4 -> 5.2.5)
Subpackages: liblzma5
- Update to 5.2.5:
* liblzma:
- Fixed several C99/C11 conformance bugs. Now the code is clean
under gcc/clang -fsanitize=undefined. Some of these changes
might have a negative effect on performance with old GCC
versions or compilers other than GCC and Clang. The configure
option --enable-unsafe-type-punning can be used to (mostly)
restore the old behavior but it shouldn't normally be used.
- Improved API documentation of lzma_properties_decode().
- Added a very minor encoder speed optimization.
* xz:
- Fixed a crash in "xz -dcfv not_an_xz_file". All four options
were required to trigger it. The crash occurred in the
progress indicator code when xz was in passthru mode where
xz works like "cat".
- Fixed an integer overflow with 32-bit off_t. It could happen
when decompressing a file that has a long run of zero bytes
which xz would try to write as a sparse file. Since the build
system enables large file support by default, off_t is
normally 64-bit even on 32-bit systems.
- Fixes for --flush-timeout:
* Fix semi-busy-waiting.
* Avoid unneeded flushes when no new input has arrived
since the previous flush was completed.
- Added a special case for 32-bit xz: If --memlimit-compress is
used to specify a limit that exceeds 4020 MiB, the limit will
be set to 4020 MiB. The values "0" and "max" aren't affected
by this and neither is decompression. This hack can be
helpful when a 32-bit xz has access to 4 GiB address space
but the specified memlimit exceeds 4 GiB. This can happen
e.g. with some scripts.
- Capsicum sandbox is now enabled by default where available
(FreeBSD >= 10). The sandbox debug messages (xz -vv) were
removed since they seemed to be more annoying than useful.
==== yast2 ====
Version update (4.2.78 -> 4.2.80)
- Modify the way YaST detects whether systemd is running or not
(bsc#1168307)
- 4.2.80
- Reread network interfaces configuration after writing it avoiding
wrong values when reopen network configuration dialog during an
installation (bsc#1166778)
- 4.2.79
==== yomi-formula ====
Version update (0.0.1+git.1583771480.5787782 -> 0.0.1+git.1585319502.392f59c)
- Update to version 0.0.1+git.1585319502.392f59c:
* users: better quote for certificate
* users: workaround bsc#1167909 for passwords
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa
Mesa-drivers
ffmpeg-4
file-roller
gjs (1.58.5 -> 1.58.6)
gnome-control-center (3.34.4 -> 3.34.5)
gnome-desktop (3.34.4 -> 3.34.5)
gnome-shell (3.34.4+4 -> 3.34.5)
iproute2 (5.5.0 -> 5.6.0)
kernel-source (5.6.0 -> 5.6.2)
libimobiledevice (1.2.0+git20200220.3d8d13f -> 1.2.0+git.20200330)
libnetfilter_conntrack (1.0.7 -> 1.0.8)
libnftnl (1.1.5 -> 1.1.6)
mutter (3.34.4 -> 3.34.5)
pciutils (3.6.2 -> 3.6.4)
pipewire (0.3.1+48 -> 0.3.2)
re2 (20200303 -> 20200401)
=== Details ===
==== Mesa ====
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- U_EGL-Add-eglSetDamageRegionKHR-to-GLVND-dispatch-list.patch
* Fix Weston launch on tumbleweed by backporting commit bfb9c08e
==== Mesa-drivers ====
Subpackages: Mesa-dri Mesa-gallium
- U_EGL-Add-eglSetDamageRegionKHR-to-GLVND-dispatch-list.patch
* Fix Weston launch on tumbleweed by backporting commit bfb9c08e
==== ffmpeg-4 ====
Subpackages: libavcodec58 libavformat58 libavutil56 libswresample3
- Add Samba support for Factory (as this needs a fix in Samba itself)
Add --enable-libsmbclient to configure, add BR on pkgconfig(smbclient)
- License is now GPLv3+ by default (--enable-version3)
==== file-roller ====
- Add gcc-fno-common-fix.patch in order to fix boo#1160390.
==== gjs ====
Version update (1.58.5 -> 1.58.6)
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0
- Update to version 1.58.6:
+ Various backports:
- Correctly handle vfunc inout parameters.
- Fix failed redirect of output in CommandLine tests.
- Avoid filename conflict when tests run in parallel.
==== gnome-control-center ====
Version update (3.34.4 -> 3.34.5)
- Update to version 3.34.5:
+ Remove some dead code.
+ Display: Fix resolution options getting stuck in a low
resolution.
+ Network:
- Print warning if failed to save to libsecret.
- Handle security combo box being not selected correctly.
- Fix small memory leaks.
+ Sharing: Fix small memory leak.
+ User Accounts:
- Fix uninitialized variable.
- Fix small memory leak.
+ Updated translations.
==== gnome-desktop ====
Version update (3.34.4 -> 3.34.5)
Subpackages: gnome-version libgnome-desktop-3-18 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0
- Update to version 3.34.5:
+ Updated translations.
==== gnome-shell ====
Version update (3.34.4+4 -> 3.34.5)
- Update to version 3.34.5:
+ Leave overview when locking the screen.
+ Avoid IO on the main thread.
+ Fix OSK layout fallback for unsupported variants.
+ Fix high-contrast/symbolic icon mix-up.
+ Misc. bug fixes and cleanups.
+ Updated translations.
- Switch to using explicit released tag in _service.
==== iproute2 ====
Version update (5.5.0 -> 5.6.0)
- Update to release 5.6
* ip link: show permanent hardware address
* ip link: add support for STP xstats
* ip link: bond: print LACP actor/partner oper states as strings
* tc: Add support for ETS Qdisc
* ip: xfrm: add espintcp encapsulation
* tc: add support for FQ-PIE packet scheduler
==== kernel-source ====
Version update (5.6.0 -> 5.6.2)
- bpf: update jmp32 test cases to fix range bound deduction
(bnc#1012628).
- serial: sprd: Fix a dereference warning (bnc#1012628).
- vt: selection, introduce vc_is_sel (bnc#1012628).
- vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
(bnc#1012628).
- vt: switch vt_dont_switch to bool (bnc#1012628).
- vt: vt_ioctl: remove unnecessary console allocation checks
(bnc#1012628).
- vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
(bnc#1012628).
- vt: vt_ioctl: fix use-after-free in vt_in_use() (bnc#1012628).
- platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems
DMI table (bnc#1012628).
- Linux 5.6.2 (bnc#1012628).
- commit 8dfb75b
- Linux 5.6.1 (bnc#1012628).
- media: v4l2-core: fix a use-after-free bug of sd->devnode
(bnc#1012628).
- media: xirlink_cit: add missing descriptor sanity checks
(bnc#1012628).
- media: stv06xx: add missing descriptor sanity checks
(bnc#1012628).
- media: dib0700: fix rc endpoint lookup (bnc#1012628).
- media: ov519: add missing endpoint sanity checks (bnc#1012628).
- libfs: fix infoleak in simple_attr_read() (bnc#1012628).
- ahci: Add Intel Comet Lake H RAID PCI ID (bnc#1012628).
- staging: wfx: annotate nested gc_list vs tx queue locking
(bnc#1012628).
- staging: wfx: fix init/remove vs IRQ race (bnc#1012628).
- staging: wfx: add proper "compatible" string (bnc#1012628).
- staging: wlan-ng: fix use-after-free Read in
hfa384x_usbin_callback (bnc#1012628).
- staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
(bnc#1012628).
- staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table
(bnc#1012628).
- staging: kpc2000: prevent underflow in cpld_reconfigure()
(bnc#1012628).
- media: usbtv: fix control-message timeouts (bnc#1012628).
- media: flexcop-usb: fix endpoint sanity check (bnc#1012628).
- usb: musb: fix crash with highmen PIO and usbmon (bnc#1012628).
- USB: serial: io_edgeport: fix slab-out-of-bounds read in
edge_interrupt_callback (bnc#1012628).
- USB: cdc-acm: restore capability check order (bnc#1012628).
- USB: serial: option: add Wistron Neweb D19Q1 (bnc#1012628).
- USB: serial: option: add BroadMobi BM806U (bnc#1012628).
- USB: serial: option: add support for ASKEY WWHC050
(bnc#1012628).
- bpf: Undo incorrect __reg_bound_offset32 handling (bnc#1012628).
- commit 1675c56
- Refresh
patches.suse/media-go7007-Fix-URB-type-for-interrupt-handling.patch.
Update upstream status.
- commit 96043ad
- Refresh
patches.suse/mac80211-fix-authentication-with-iwlwifi-mvm.patch.
Update upstream status -- merged.
- commit 26b6c02
==== libimobiledevice ====
Version update (1.2.0+git20200220.3d8d13f -> 1.2.0+git.20200330)
- Update to version 1.2.0+git.20200330:
* Add idevicesetlocation tool
* debugserver: Fix argv encoding
* Update debug.c to consistently output to stderr
* idevicedebug: Rename name-colliding debug_info() to log_debug()
* debugserver: Fix whitespace error
* debugserver: Proxy SERVICE_E_TIMEOUT into DEBUGSERVER_E_TIMEOUT
* introduces optional `idevice_connection_disable_ssl` with ability not to send SSL shutdown message. As in debugserver this message will be considered as GDB server communication and break things
* Increase timeout for service receive methods
* idevicesyslog: Make sure CTRL+C works when waiting for passcode entry
* configure.ac: Add checks to ensure libusbmuxd is up-to-date
==== libnetfilter_conntrack ====
Version update (1.0.7 -> 1.0.8)
- Update to release 1.0.8
* conntrack: support for IPS_OFFLOAD
==== libnftnl ====
Version update (1.1.5 -> 1.1.6)
- Update to release 1.1.6
* add slave device matching
* support for NFTNL_SET_EXPR
==== mutter ====
Version update (3.34.4 -> 3.34.5)
Subpackages: libmutter-5-0 mutter-data
- Update to version 3.34.5:
+ Fix visibility of initially hidden windows.
+ Fix hardware cursor on GPU hotplug.
+ Fix pasting images from wayland.
+ Fixed crashes.
+ Updated translations.
- Switch to using explicit released tag in _service.
==== pciutils ====
Version update (3.6.2 -> 3.6.4)
Subpackages: libpci3
- Update to version 3.6.4:
* A new back-end for the GNU Hurd was contributed by Joan Lledó.
* When printing VPD item identifiers, non-ASCII characters are escaped.
- Changes for version 3.6.3
* `lspci -t' (tree mode) can be combined with `-s' to show a sub-tree.
We also fixed potential buffer overflows in the tree dumper.
* Cleaned messy code for dumping of I/O, memory, and ROM regions.
This helped fixing a bug, which caused some 64-bit regions to be
reported as virtual. All flags are now printed after the address
(previously, "[virtual]" and "[enhanced]" were before it for no good
reason).
* Added pci_find_cap_nr() to the library, which handles capabilities
which occur multiple times in a single device.
* Minor improvements in printing of PCIe capabilities.
* We now decode the Multicast and Secondary PCI Express extended
capabilities.
* The list of capability names available to setpci was updated.
* Minor bugs were fixed in FreeBSD and Solaris ports.
* We now prefer HTTPS URLs in all documentation
* The pci.ids file has a man page.
* As usually, updated pci.ids to the current snapshot of the database.
- Drop no longer relevant pciutils-3.2.0_update-dist.patch
- Do not ship update-pciids script - they are provided via hwdata
package and we dont want to override data by other packages
==== pipewire ====
Version update (0.3.1+48 -> 0.3.2)
Subpackages: libpipewire-0_3-0 pipewire-modules pipewire-spa-tools pipewire-tools
- Use the License rpm tag to specify that although most of
pipewire is licensed under MIT, the pulseaudio replacement
library is licensed under LGPL-2.1+.
- Use gcc9 to build in SLE-15 / Leap 15, since at least gcc8 is
needed now.
- Update to version 0.3.2:
+ build fixes
+ Added support for data type negotiation. This makes it
possible for a client to say that it can handle DMABuf
and MemFd and then let the server select a compatible
format.
+ Handle errors when enumerating parameters better.
+ Add support for rate, format, channels and period_bytes
to the alsa config file to restrict what alsa apps can
negotiate.
+ Fix JACK midi output.
+ Optimizations in common audio format conversions using
AVX2. Small optimizations to plugins.
+ Change the vulkan compute example to an MIT licensed
shader.
+ Remove some hardcoded defaults in the audio and video
processing and use the values from the processing
context. This also fixes the vulkan example.
+ Correct the documentation and defaults in the daemon
config file.
+ Fix alsa and v4l2 buffer recycle. A paused client could
cause the server to leak all buffers.
+ Remove some warnings that should be ignored.
+ Fix a crash in the bluez5 plugins.
+ Try to select higher quality formats first when
negotiating a format with an audio device.
+ Fix an infinite loop in udev detection in some cases.
+ Add non-interactive mode to pw-cli. You can now just
do "pw-cli ls Port" to get a listing of all ports.
pw-cli will now also connect to the default server by
default and has options to select a different server.
+ Allow the server to go up to the maximum quantum (8192
samples or ~=180ms) if a client explicitly wants this.
==== re2 ====
Version update (20200303 -> 20200401)
- Updat to version 2020-04-01:
* Update Unicode data to 13.0.0
* Include the pattern length in "DFA out of memory" errorrs
N�����r��y隊Z)z{.��.n'>�{.n�+������Ǩ��r��i�m��0��ޙ�������
���s�0�����Ǩ�
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
conntrack-tools (1.4.5 -> 1.4.6)
iproute2 (5.5.0 -> 5.6.0)
kernel-source (5.6.0 -> 5.6.2)
libnetfilter_conntrack (1.0.7 -> 1.0.8)
libnftnl (1.1.5 -> 1.1.6)
pciutils (3.6.2 -> 3.6.4)
python-distro (1.4.0 -> 1.5.0)
salt
yomi-formula (0.0.1+git.1585319502.392f59c -> 0.0.1+git.1585837779.87bbc9c)
=== Details ===
==== conntrack-tools ====
Version update (1.4.5 -> 1.4.6)
- Update to release 1.4.6
* conntrackd: fix UDP IPv6 destination address not being usable
* conntrack: Allow protocol number zero
* conntrackd: cthelper: Add new SLP helper
- Drop conntrackd-Use-strdup-in-lexer.patch,
conntrackd-use-strncpy-to-unix-path.patch,
conntrackd-cthelper-Add-new-SLP-helper.patch,
conntrackd-use-correct-max-unix-path-length.patch (merged)
- Drop require on systemd, since it can run in a namespace without.
==== iproute2 ====
Version update (5.5.0 -> 5.6.0)
- Update to release 5.6
* ip link: show permanent hardware address
* ip link: add support for STP xstats
* ip link: bond: print LACP actor/partner oper states as strings
* tc: Add support for ETS Qdisc
* ip: xfrm: add espintcp encapsulation
* tc: add support for FQ-PIE packet scheduler
==== kernel-source ====
Version update (5.6.0 -> 5.6.2)
- bpf: update jmp32 test cases to fix range bound deduction
(bnc#1012628).
- serial: sprd: Fix a dereference warning (bnc#1012628).
- vt: selection, introduce vc_is_sel (bnc#1012628).
- vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
(bnc#1012628).
- vt: switch vt_dont_switch to bool (bnc#1012628).
- vt: vt_ioctl: remove unnecessary console allocation checks
(bnc#1012628).
- vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
(bnc#1012628).
- vt: vt_ioctl: fix use-after-free in vt_in_use() (bnc#1012628).
- platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems
DMI table (bnc#1012628).
- Linux 5.6.2 (bnc#1012628).
- commit 8dfb75b
- Linux 5.6.1 (bnc#1012628).
- media: v4l2-core: fix a use-after-free bug of sd->devnode
(bnc#1012628).
- media: xirlink_cit: add missing descriptor sanity checks
(bnc#1012628).
- media: stv06xx: add missing descriptor sanity checks
(bnc#1012628).
- media: dib0700: fix rc endpoint lookup (bnc#1012628).
- media: ov519: add missing endpoint sanity checks (bnc#1012628).
- libfs: fix infoleak in simple_attr_read() (bnc#1012628).
- ahci: Add Intel Comet Lake H RAID PCI ID (bnc#1012628).
- staging: wfx: annotate nested gc_list vs tx queue locking
(bnc#1012628).
- staging: wfx: fix init/remove vs IRQ race (bnc#1012628).
- staging: wfx: add proper "compatible" string (bnc#1012628).
- staging: wlan-ng: fix use-after-free Read in
hfa384x_usbin_callback (bnc#1012628).
- staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
(bnc#1012628).
- staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table
(bnc#1012628).
- staging: kpc2000: prevent underflow in cpld_reconfigure()
(bnc#1012628).
- media: usbtv: fix control-message timeouts (bnc#1012628).
- media: flexcop-usb: fix endpoint sanity check (bnc#1012628).
- usb: musb: fix crash with highmen PIO and usbmon (bnc#1012628).
- USB: serial: io_edgeport: fix slab-out-of-bounds read in
edge_interrupt_callback (bnc#1012628).
- USB: cdc-acm: restore capability check order (bnc#1012628).
- USB: serial: option: add Wistron Neweb D19Q1 (bnc#1012628).
- USB: serial: option: add BroadMobi BM806U (bnc#1012628).
- USB: serial: option: add support for ASKEY WWHC050
(bnc#1012628).
- bpf: Undo incorrect __reg_bound_offset32 handling (bnc#1012628).
- commit 1675c56
- Refresh
patches.suse/media-go7007-Fix-URB-type-for-interrupt-handling.patch.
Update upstream status.
- commit 96043ad
- Refresh
patches.suse/mac80211-fix-authentication-with-iwlwifi-mvm.patch.
Update upstream status -- merged.
- commit 26b6c02
==== libnetfilter_conntrack ====
Version update (1.0.7 -> 1.0.8)
- Update to release 1.0.8
* conntrack: support for IPS_OFFLOAD
==== libnftnl ====
Version update (1.1.5 -> 1.1.6)
- Update to release 1.1.6
* add slave device matching
* support for NFTNL_SET_EXPR
==== pciutils ====
Version update (3.6.2 -> 3.6.4)
Subpackages: libpci3
- Update to version 3.6.4:
* A new back-end for the GNU Hurd was contributed by Joan Lledó.
* When printing VPD item identifiers, non-ASCII characters are escaped.
- Changes for version 3.6.3
* `lspci -t' (tree mode) can be combined with `-s' to show a sub-tree.
We also fixed potential buffer overflows in the tree dumper.
* Cleaned messy code for dumping of I/O, memory, and ROM regions.
This helped fixing a bug, which caused some 64-bit regions to be
reported as virtual. All flags are now printed after the address
(previously, "[virtual]" and "[enhanced]" were before it for no good
reason).
* Added pci_find_cap_nr() to the library, which handles capabilities
which occur multiple times in a single device.
* Minor improvements in printing of PCIe capabilities.
* We now decode the Multicast and Secondary PCI Express extended
capabilities.
* The list of capability names available to setpci was updated.
* Minor bugs were fixed in FreeBSD and Solaris ports.
* We now prefer HTTPS URLs in all documentation
* The pci.ids file has a man page.
* As usually, updated pci.ids to the current snapshot of the database.
- Drop no longer relevant pciutils-3.2.0_update-dist.patch
- Do not ship update-pciids script - they are provided via hwdata
package and we dont want to override data by other packages
==== python-distro ====
Version update (1.4.0 -> 1.5.0)
- Update to 1.5.0:
* Backward Compatibility:
+ Keep output as native string so we can compatible with python2 interface
* Bug Fixes:
+ Fix detection of RHEL 6 ComputeNode [#255]
+ Fix Oracle 4/5 lsb_release id and names [#250]
+ Ignore /etc/plesk-release file while parsing distribution
==== salt ====
Subpackages: python3-salt salt-master salt-minion salt-standalone-formulas-configuration
- Enable building and installation for Fedora
- Disable python2 build on Tumbleweed
We are removing the python2 interpreter from openSUSE (SLE16).
As such disable salt building for python2 there.
- Sanitize grains loaded from roster_grains.json cache during "state.pkg"
- Added:
* fix-load-cached-grain-osrelease_info.patch
- Build: Buildequire pkgconfig(systemd) instead of systemd
- Backport saltutil state module to 2019.2 codebase (bsc#1167556)
- Add new custom SUSE capability for saltutil state module
- Added:
* backport-saltutil-state-module-to-2019.2-codebase.patch
* add-new-custom-suse-capability-for-saltutil-state-mo.patch
==== yomi-formula ====
Version update (0.0.1+git.1585319502.392f59c -> 0.0.1+git.1585837779.87bbc9c)
- Update to version 0.0.1+git.1585837779.87bbc9c:
* salt-minion: transfer also the cached data
- Update to version 0.0.1+git.1585760395.c0ab5b9:
* network: reformat file.append text
* network: add systemd link for the NIC (bsc#1168076)
N�����r��y隊Z)z{.��.n'>�{.n�+������Ǩ��r��i�m��0��ޙ�������
���s�0�����Ǩ�
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (20.0.2 -> 20.0.4)
Mesa-drivers (20.0.2 -> 20.0.4)
MozillaFirefox (74.0 -> 74.0.1)
bluedevil5 (5.18.3 -> 5.18.4.1)
breeze (5.18.3 -> 5.18.4.1)
bubblewrap (0.4.0 -> 0.4.1)
ca-certificates-mozilla
cloud-init
conmon (2.0.14 -> 2.0.15)
cpio
cryptsetup (2.3.0 -> 2.3.1)
discover (5.18.3 -> 5.18.4.1)
drkonqi5 (5.18.3 -> 5.18.4.1)
elfutils (0.178 -> 0.179)
kactivitymanagerd (5.18.3 -> 5.18.4.1)
kde-cli-tools5 (5.18.3 -> 5.18.4.1)
kde-user-manager (5.18.3 -> 5.18.4.1)
kdump
kexec-tools
kgamma5 (5.18.3 -> 5.18.4.1)
khotkeys5 (5.18.3 -> 5.18.4.1)
kinfocenter5 (5.18.3 -> 5.18.4.1)
kmenuedit5 (5.18.3 -> 5.18.4.1)
krb5
kscreen5 (5.18.3 -> 5.18.4.1)
kscreenlocker (5.18.3 -> 5.18.4.1)
ksysguard5 (5.18.3 -> 5.18.4.1)
kwayland-integration (5.18.3 -> 5.18.4.1)
kwin5 (5.18.3 -> 5.18.4.1)
kwrited5 (5.18.3 -> 5.18.4.1)
libkdecoration2 (5.18.3 -> 5.18.4.1)
libkscreen2 (5.18.3 -> 5.18.4.1)
libksysguard5 (5.18.3 -> 5.18.4.1)
libqt5-qtlocation
libqt5-qtwebengine
libsigc++2 (2.10.2 -> 2.10.3)
libwebp (1.0.3 -> 1.1.0)
milou5 (5.18.3 -> 5.18.4.1)
mozilla-nss (3.50 -> 3.51)
mpfr
nano (4.9 -> 4.9.1)
ncurses
open-iscsi
openSUSE-build-key
plasma-nm5 (5.18.3 -> 5.18.4.1)
plasma5-addons (5.18.3 -> 5.18.4.1)
plasma5-desktop (5.18.3 -> 5.18.4.1)
plasma5-integration (5.18.3 -> 5.18.4.1)
plasma5-openSUSE
plasma5-pa (5.18.3 -> 5.18.4.1)
plasma5-workspace (5.18.3 -> 5.18.4.1)
podman
polkit-kde-agent-5 (5.18.3 -> 5.18.4.1)
poppler (0.84.0 -> 0.86.1)
poppler-qt5 (0.84.0 -> 0.86.1)
powerdevil5 (5.18.3 -> 5.18.4.1)
pulseaudio
setools (4.2.2 -> 4.3.0)
systemsettings5 (5.18.3 -> 5.18.4.1)
tiff
wpa_supplicant
xdg-desktop-portal-kde (5.18.3 -> 5.18.4.1)
xorg-x11-server (1.20.7+0 -> 1.20.8+0)
yast2 (4.2.78 -> 4.2.80)
=== Details ===
==== Mesa ====
Version update (20.0.2 -> 20.0.4)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- update to Mesa 20.0.4
* emergency release, which reverts a serious SPIR-V regression
in the 20.0.3 release.
- supersedes U_Revert-spirv-Implement-OpCopyObject-and-OpCopyLogica.patch
- U_Revert-spirv-Implement-OpCopyObject-and-OpCopyLogica.patch
* revert severe spirv regression; emergency release will be
available soon ...
- update to Mesa 20.0.3
* bugfix release: fixes all over the tree; mostly AMD (radv,
aco), NIR and Intel (isl, anv)
==== Mesa-drivers ====
Version update (20.0.2 -> 20.0.4)
Subpackages: Mesa-dri Mesa-gallium
- update to Mesa 20.0.4
* emergency release, which reverts a serious SPIR-V regression
in the 20.0.3 release.
- supersedes U_Revert-spirv-Implement-OpCopyObject-and-OpCopyLogica.patch
- U_Revert-spirv-Implement-OpCopyObject-and-OpCopyLogica.patch
* revert severe spirv regression; emergency release will be
available soon ...
- update to Mesa 20.0.3
* bugfix release: fixes all over the tree; mostly AMD (radv,
aco), NIR and Intel (isl, anv)
==== MozillaFirefox ====
Version update (74.0 -> 74.0.1)
- Mozilla Firefox 74.0.1
MFSA 2020-11 (boo#1168630)
* CVE-2020-6819 (bmo#1620818)
Use-after-free while running the nsDocShell destructor
* CVE-2020-6820 (bmo#1626728)
Use-after-free when handling a ReadableStream
==== bluedevil5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* Remove bold formatting of device name
==== breeze ====
Version update (5.18.3 -> 5.18.4.1)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-wallpapers libbreezecommon5-5
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* Fix build with Qt 5.15
* Fix Defaults not being set properly in Breeze window decoration settings for 'Draw a circle around close button'
==== bubblewrap ====
Version update (0.4.0 -> 0.4.1)
- Update to version 0.4.1:
* retcode: fix return code with syncfd and no event_fd
* Ensure we're always clearing the cap bounding set
* tests: Update output patterns for libcap >= 2.29
* Don't rely on geteuid() to know when to switch back from setuid root
* Don't support --userns2 in setuid mode
* fixes CVE-2020-5291
* fixes bsc#1168291
==== ca-certificates-mozilla ====
- also run update-ca-certificates in %posttrans
==== cloud-init ====
- Update cloud-init-write-routes.patch
+ In cases where the config contains 2 or more default gateway
specifications for an interface only write the first default route,
log warning message about skipped routes
+ Avoid writing invalid route specification if neither the network
nor destination is specified in the route configuration
- Update cloud-init-write-routes.patch
+ Still need to consider the "network" configuration uption
for the v1 config implementation. Fixes regression
introduced with update from Wed Feb 12 19:30:42
- Update cloud-init-write-routes.patch (bsc#1165296)
+ Add the default gateway to the ifroute config file when specified
as part of the subnet configuration
+ Fix typo to properly extrakt provided netmask data (bsc#1163178)
==== conmon ====
Version update (2.0.14 -> 2.0.15)
- Enable support for journald logging (bsc#1162432)
- Update to v2.0.15
- store status while waiting for pid
==== cpio ====
- starting with GCC 10, the default of '-fcommon' option will
change to '-fno-common'. Because cpio build fails with
'fno-common', add '-fcommon' option to optflags as a temporary
workaround for this problem till it's properly fixed [bsc#1160870]
==== cryptsetup ====
Version update (2.3.0 -> 2.3.1)
Subpackages: libcryptsetup12
- Split translations to -lang package
- New version to 2.3.1
* Support VeraCrypt 128 bytes passwords.
VeraCrypt now allows passwords of maximal length 128 bytes
(compared to legacy TrueCrypt where it was limited by 64 bytes).
* Strip extra newline from BitLocker recovery keys
There might be a trailing newline added by the text editor when
the recovery passphrase was passed using the --key-file option.
* Detect separate libiconv library.
It should fix compilation issues on distributions with iconv
implemented in a separate library.
* Various fixes and workarounds to build on old Linux distributions.
* Split lines with hexadecimal digest printing for large key-sizes.
* Do not wipe the device with no integrity profile.
With --integrity none we performed useless full device wipe.
* Workaround for dm-integrity kernel table bug.
Some kernels show an invalid dm-integrity mapping table
if superblock contains the "recalculate" bit. This causes
integritysetup to not recognize the dm-integrity device.
Integritysetup now specifies kernel options such a way that
even on unpatched kernels mapping table is correct.
* Print error message if LUKS1 keyslot cannot be processed.
If the crypto backend is missing support for hash algorithms
used in PBKDF2, the error message was not visible.
* Properly align LUKS2 keyslots area on conversion.
If the LUKS1 payload offset (data offset) is not aligned
to 4 KiB boundary, new LUKS2 keyslots area in now aligned properly.
* Validate LUKS2 earlier on conversion to not corrupt the device
if binary keyslots areas metadata are not correct.
==== discover ====
Version update (5.18.3 -> 5.18.4.1)
Subpackages: discover-backend-flatpak
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* fix toplevels test
* fwupd: improve error message
* fwupd: improve cancellable usage
* flatpak: Don't insist on performing tasks after cancellation (kde#419062)
* odrs: Remove seemingly unused cache files
* flatpak: fix crash (kde#419107)
* cmake: Include messages about availability of Flatpak and Fwupd
==== drkonqi5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* Display PID & signal numbers unlocalized
* remove pointless and arbitrary 4 line frame limit
==== elfutils ====
Version update (0.178 -> 0.179)
Subpackages: libasm1 libdw1 libelf1
- Update to version 0.179:
debuginfod-client: When DEBUGINFOD_PROGRESS is set and the program doesn't
install its own debuginfod_progressfn_t show download
progress on stderr.
DEBUGINFOD_TIMEOUT is now defined as seconds to get at
least 100K, defaults to 90 seconds.
Default to $XDG_CACHE_HOME/debuginfod_client.
New functions debuginfod_set_user_data,
debuginfod_get_user_data, debuginfod_get_url and
debuginfod_add_http_header.
Support for file:// URLs.
debuginfod: Uses libarchive directly for reading rpm archives.
Support for indexing .deb/.ddeb archives through dpkg-deb
or bsdtar.
Generic archive support through -Z EXT[=CMD]. Which can be
used for example for arch-linux pacman files by using
- Z '.tar.zst=zstdcat'.
Better logging using User-Agent and X-Forwarded-For headers.
More prometheus metrics.
Support for eliding dots or extraneous slashes in path names.
debuginfod-find: Accept /path/names in place of buildid hex.
libelf: Handle PN_XNUM in elf_getphdrnum before shdr 0 is cached
Ensure zlib resource cleanup on failure.
libdwfl: dwfl_linux_kernel_find_elf and dwfl_linux_kernel_report_offline
now find and handle a compressed vmlinuz image.
readelf, elflint: Handle PT_GNU_PROPERTY.
translations: Updated Ukrainian translation.
==== kactivitymanagerd ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== kde-cli-tools5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== kde-user-manager ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== kdump ====
- kdump-make-sure-that-the-udev-runtime-directory-exists.patch:
Make sure that the udev runtime directory exists (bsc#1164713).
==== kexec-tools ====
- kexec-tools-Remove-duplicated-variable-declarations.patch:
Remove duplicated variable declarations (boo#1160399).
- kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch: s390:
Reset kernel command line on syscall fallback (bsc#1167868).
==== kgamma5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== khotkeys5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== kinfocenter5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* only add devices to the smb mount model that are network shares
* skip over supposed network shares that aren't
* Be more accurate in reporting the x86 CPU features solid detects
==== kmenuedit5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== krb5 ====
- Fix segfault in k5_primary_domain; (bsc#1167620);
- Added patches:
* 0009-Fix-null-dereference-qualifying-short-hostnames.patch
==== kscreen5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== kscreenlocker ====
Version update (5.18.3 -> 5.18.4.1)
Subpackages: libKScreenLocker5
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== ksysguard5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== kwayland-integration ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== kwin5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* [kcmkwin/kwindesktop] Fix inability to create more than one row on the "Virtual Desktops" settings page (kde#419141)
* [wayland] Recursively destroy WindowPixmap objects
* [scenes/opengl] Print a debug message when viewport limits aren't met
==== kwrited5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== libkdecoration2 ====
Version update (5.18.3 -> 5.18.4.1)
Subpackages: libkdecorations2-5 libkdecorations2private7
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== libkscreen2 ====
Version update (5.18.3 -> 5.18.4.1)
Subpackages: libKF5Screen7 libkscreen2-plugin
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== libksysguard5 ====
Version update (5.18.3 -> 5.18.4.1)
Subpackages: libksysguard5-helper
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* Fix build with Qt 5.15
==== libqt5-qtlocation ====
- Add patch to fix the build with GCC10 (boo#1158510):
* 0001-Fix-build-with-GCC10.patch
- Use -ffat-lto-objects (boo#1158510)
- Drop obsolete conditions
- Reorder the spec file.
==== libqt5-qtwebengine ====
- Add patch to fix build with GCC 10 (boo#1158516):
* some-more-includes-gcc10.patch
==== libsigc++2 ====
Version update (2.10.2 -> 2.10.3)
- Update to version 2.10.3:
+ Add Meson build, alongside the existing Autotools build.
+ Improve MSVC builds on Windows.
+ meson.build: Check if .git is a directory or file.
+ docs/reference/meson.build: Check if perl is found.
+ README: Describe building with Meson and Autotools.
+ Tests: Make test_track_obj.cc compile with clang++.
==== libwebp ====
Version update (1.0.3 -> 1.1.0)
Subpackages: libwebp7 libwebpdemux2 libwebpmux3
- Update to version 1.1.0:
* API changes:
- libwebp:
WebPMalloc
- extras:
WebPUnmultiplyARGB
* alpha decode fix
* toolchain updates and bug fixes
==== milou5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== mozilla-nss ====
Version update (3.50 -> 3.51)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- Update previous patch nss-kremlin-ppc64le.patch
slightly modified to support also ppc64 (BE) versus initial
https://github.com/FStarLang/kremlin/issues/166
- Add patch nss-kremlin-ppc64le.patch to fix ppc and s390x builds
- update to NSS 3.51
* Updated DTLS 1.3 implementation to Draft-34. (bmo#1608892)
* Correct swapped PKCS11 values of CKM_AES_CMAC and
CKM_AES_CMAC_GENERAL (bmo#1611209)
* Complete integration of Wycheproof ECDH test cases (bmo#1612259)
* Check if PPC __has_include(<sys/auxv.h>) (bmo#1614183)
* Fix a compilation error for ?getFIPSEnv? "defined but not used"
(bmo#1614786)
* Send DTLS version numbers in DTLS 1.3 supported_versions extension
to avoid an incompatibility. (bmo#1615208)
* SECU_ReadDERFromFile calls strstr on a string that isn't guaranteed
to be null-terminated (bmo#1538980)
* Correct a warning for comparison of integers of different signs:
'int' and 'unsigned long' in security/nss/lib/freebl/ecl/ecp_25519.c:88
(bmo#1561337)
* Add test for mp_int clamping (bmo#1609751)
* Don't attempt to read the fips_enabled flag on the machine unless
NSS was built with FIPS enabled (bmo#1582169)
* Fix a null pointer dereference in BLAKE2B_Update (bmo#1431940)
* Fix compiler warning in secsign.c (bmo#1617387)
* Fix a OpenBSD/arm64 compilation error: unused variable 'getauxval'
(bmo#1618400)
* Fix a crash on unaligned CMACContext.aes.keySchedule when using
AES-NI intrinsics (bmo#1610687)
==== mpfr ====
- Add cummulative patch mpfr-4.0.2-p6.patch fixing various bugs.
==== nano ====
Version update (4.9 -> 4.9.1)
- GNU nano 4.9.1
* fix cursor getting misplaced when undoing line cuts
* fix filtering of the whole buffer to a new buffer
==== ncurses ====
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Add ncurses patch 20200321
+ improve configure-checks to reduce warnings about unused variables.
+ improve description of error-returns in waddch and waddnstr manual
pages (prompted by patch by Benno Schulenberg).
+ add test/move_field.c to demonstrate move_field(), and a stub for
a corresponding demo of dup_field().
- Add ncurses patch 20200314
+ add history note to curs_scanw.3x for <stdarg.h> and <varargs.h>
+ add history note to curs_printw.3x for <stdarg.h> and <varargs.h>
+ add portability note to ncurses.3x regarding <stdarg.h>
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Update with two upstream commits:
* Fix issue where "iscsi-iname -p" core dumps. (found upstream)
* Fix iscsi.service so it handles restarts better (bsc#1163499)
* Add Wants=remote-fs-pre.target for sequencing. (bsc#1158536)
updating:
* open-iscsi-SUSE-latest.diff.bz2
==== openSUSE-build-key ====
- mark the opensuse-container-key and the suse-container-key
for openSUSE:Containers and SUSE:Containers space.
(same as the build keys for SLE15 and openSUSE respectively.)
- Replace the old security(a)suse.de email comm key by the new, move
the old one to the oldkey. (bsc#1166334)
==== plasma-nm5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* Openconnect: make sure the UI fits into the password dialog (kde#403480)
==== plasma5-addons ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== plasma5-desktop ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* Enable wrapping of error messages which use KMessageWidget
* KCM/touchpad: Disables the middleEmulation when not supported
* KCM/Mouse: fix the middleEmulation checkbox status
* [Colors KCM] Also save colors when active scheme was edited
* [Cursor Theme KCM] Use standardized pointer and help cursor for preview
* [Icons KCM] Floor delegate height
* Make panel edit mode tooltip not unexpectedly disappear under certain circumstances (kde#413736)
==== plasma5-integration ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE sddm-theme-openSUSE
- Update to 5.18.4.1
==== plasma5-pa ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== plasma5-workspace ====
Version update (5.18.3 -> 5.18.4.1)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* [runners/recentdocuments] disable executables or .desktop files (kde#419310)
* [applets/digital-clock] Fix inappropriately high QtQuick version
* [applets/systemtray] Clear item from shown/hidden list when disabling entry (kde#419197)
* [applets/digital-clock] Fix date sizing in vertical panel (kde#417852)
* [VirtualDesktopInfo] Connect to rowsChanged singal (kde#408783)
* Fix systemtray configuration
==== podman ====
Subpackages: podman-cni-config
- Add "systemd" BUILDFLAGS to build with support for journald
logging (bsc#1162432)
==== polkit-kde-agent-5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== poppler ====
Version update (0.84.0 -> 0.86.1)
- Add pkgconfig(poppler-data) BuildRequires: New versions of
poppler-data actually have a .pc file, and we check for it during
build, so lets add this optional dependency.
- Enable building of gtk-docs again.
- Add missing devel package requires (bsc#1153146).
- Update to version 0.86.1:
+ core:
- Fix regression in Browse Link handling.
- Internal code improvements.
- Bump poppler_sover following upstream changes.
- Update to version 0.86.0:
+ core:
- Fix link content exfiltration attack.
- Splash: Implement gouraudTriangleShadedFill for some non
parametrized shadings.
- Fix case unsensitive search for Old Hungarian, Warang Citi,
Medefaidrin and Adlam.
- Internal code improvements.
+ glib:
- Automatic handle of page's cropbox on annots.
- Fix memory leak if poppler_document_new_from_file fails.
- Minor speed optimization on poppler_page_get_annot_mapping.
+ utils:
- pdfdetach: add 'savefile' option.
- pdftoppm/pdftocairo: Fix more odd/even mismatch.
+ qt5: Fix loading from iodevice.
- Changes from version 0.85.0:
+ core:
- Fix case unsensitive search for Deseret and Osage.
- Fix crash in unicodeToAscii7.
- CairoOutputDev: make initialisation thread-safe.
- Fix crash on broken files.
- Internal code improvements.
+ qt5:
- Fix FormField::name encoding.
- Accept UTF-16 uiNames for form fields.
- Fix search for "complex" characters.
- Allow to load document from QIODevice.
+ utils:
- pdftoppm/pdftocairo: Fix -e/-o printing the wrong pages.
- pdftohtml: Fix issue with the font size sometimes being huge.
+ glib: make the frontend initialization thread safe.
- Bump poppler_sover following upstream changes.
==== poppler-qt5 ====
Version update (0.84.0 -> 0.86.1)
- Add pkgconfig(poppler-data) BuildRequires: New versions of
poppler-data actually have a .pc file, and we check for it during
build, so lets add this optional dependency.
- Enable building of gtk-docs again.
- Add missing devel package requires (bsc#1153146).
- Update to version 0.86.1:
+ core:
- Fix regression in Browse Link handling.
- Internal code improvements.
- Bump poppler_sover following upstream changes.
- Update to version 0.86.0:
+ core:
- Fix link content exfiltration attack.
- Splash: Implement gouraudTriangleShadedFill for some non
parametrized shadings.
- Fix case unsensitive search for Old Hungarian, Warang Citi,
Medefaidrin and Adlam.
- Internal code improvements.
+ glib:
- Automatic handle of page's cropbox on annots.
- Fix memory leak if poppler_document_new_from_file fails.
- Minor speed optimization on poppler_page_get_annot_mapping.
+ utils:
- pdfdetach: add 'savefile' option.
- pdftoppm/pdftocairo: Fix more odd/even mismatch.
+ qt5: Fix loading from iodevice.
- Changes from version 0.85.0:
+ core:
- Fix case unsensitive search for Deseret and Osage.
- Fix crash in unicodeToAscii7.
- CairoOutputDev: make initialisation thread-safe.
- Fix crash on broken files.
- Internal code improvements.
+ qt5:
- Fix FormField::name encoding.
- Accept UTF-16 uiNames for form fields.
- Fix search for "complex" characters.
- Allow to load document from QIODevice.
+ utils:
- pdftoppm/pdftocairo: Fix -e/-o printing the wrong pages.
- pdftohtml: Fix issue with the font size sometimes being huge.
+ glib: make the frontend initialization thread safe.
- Bump poppler_sover following upstream changes.
==== powerdevil5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils
- Control systemd user socket activation in setup-pulseaudio script
too (boo#1168393)
==== setools ====
Version update (4.2.2 -> 4.3.0)
- Update to the upstream version 4.3.0:
* Revised sediff method for TE rules. This drastically reduced memory
and run time.
* Added infiniband context support to seinfo, sediff, and apol.
* Added apol configuration for location of Qt assistant.
* Fixed sediff issue where properties header would display when not
requested.
* Fixed sediff issue with type_transition file name comparison.
* Fixed permission map socket sendto information flow direction.
* Added methods to TypeAttribute class to make it a complete Python
collection.
* Genfscon now will look up classes rather than using fixed values
which were dropped from libsepol
- Dropped python3.8-compat.patch
==== systemsettings5 ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- No code changes since 5.18.3
==== tiff ====
- Drop webp support as it would introduce build cycle
- Enable zstd and webp support
==== wpa_supplicant ====
- With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete (bsc#1167331)
- Change wpa_supplicant.service to ensure wpa_supplicant gets started before
network. Fix WLAN config on boot with wicked. (boo#1166933)
==== xdg-desktop-portal-kde ====
Version update (5.18.3 -> 5.18.4.1)
- Update to 5.18.4.1:
* Version fixed
- Update to 5.18.4
* New bugfix release
* For more details please see:
* https://www.kde.org/announcements/plasma-5.18.4.php
- Changes since 5.18.3:
* FileChooser: make all opened files automatically writable
* Screensharing: code cleanup
* Avoid copying buffer twice (kde#419209)
* Implement Keyboard Keycode support as suggested in the spec
==== xorg-x11-server ====
Version update (1.20.7+0 -> 1.20.8+0)
Subpackages: xorg-x11-server-Xvfb xorg-x11-server-wayland
- Update to version 1.20.8+0:
* Revert "dri2: Don't make reference to noClientException"
* dix: Check for NULL spriteInfo in GetPairedDevice
* os: Ignore dying client in ResetCurrentRequest
* modesetting: remove unnecessary error message, fix zaphod leases
* Fix building with `-fno-common`
* xwayland: clear pixmaps after creation in rootless mode
* glamor: Fix a compiler warning since the recent OOM fixes.
* Restrict 1x1 pixmap filling optimization to GXcopy
* Add xf86OSInputThreadInit to stub os-support as well
* Fix old-style definition warning for xf86OSInputThreadInit()
* xwayland/glamor-gbm: Handle DRM_FORMAT_MOD_INVALID gracefully
* configure: Define GLAMOR_HAS_EGL_QUERY_DRIVER when available
* modesetting: Disable atomic support by default
* modesetting: Explicitly #include "mi.h"
* xfree86/modes: Bail from xf86RotateRedisplay if pScreen->root is NULL
* xwayland: Split up xwl_screen_post_damage into two phases
* xwayland: Call glamor_block_handler from xwl_screen_post_damage
* xwayland: Add xwl_window_create_frame_callback helper
* xwayland: Use single frame callback for Present flips and normal updates
* xwayland: Use frame callbacks for Present vblank events
* xwayland: Delete all frame_callback_list nodes in xwl_unrealize_window
* glamor: Propagate FBO allocation failure for picture to texture upload
* glamor: Error out on out-of-memory when allocating PBO for FBO access
* glamor: Propagate glamor_prepare_access failures in copy helpers
* glamor: Fallback to system memory for RW PBO buffer allocation
- supersedes u_fno-common.patch
==== yast2 ====
Version update (4.2.78 -> 4.2.80)
- Modify the way YaST detects whether systemd is running or not
(bsc#1168307)
- 4.2.80
- Reread network interfaces configuration after writing it avoiding
wrong values when reopen network configuration dialog during an
installation (bsc#1166778)
- 4.2.79
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
ca-certificates-mozilla
ceph (15.1.0.1521+gcdf35413a0 -> 15.2.0.108+g8cf4f02b08)
cloud-init
conmon (2.0.14 -> 2.0.15)
cpio
cri-tools (1.17.0 -> 1.18.0)
cryptsetup (2.3.0 -> 2.3.1)
elfutils (0.178 -> 0.179)
haproxy (2.1.3+git0.5c020bbdd -> 2.1.4+git0.3cfc2f1d9)
k9s (0.15.2 -> 0.18.1)
kdump
kexec-tools
krb5
kubernetes
mozilla-nss (3.50 -> 3.51)
nano (4.9 -> 4.9.1)
ncurses
open-iscsi
openSUSE-build-key
podman
rook (1.2.6+git0.g99024013 -> 1.2.7+git0.g1acfd182)
setools (4.2.2 -> 4.3.0)
wpa_supplicant
yast2 (4.2.78 -> 4.2.80)
=== Details ===
==== ca-certificates-mozilla ====
- also run update-ca-certificates in %posttrans
==== ceph ====
Version update (15.1.0.1521+gcdf35413a0 -> 15.2.0.108+g8cf4f02b08)
Subpackages: ceph-common libcephfs2 librados2 libradosstriper1 librbd1 librgw2 python3-ceph-argparse python3-ceph-common python3-cephfs python3-rados python3-rbd python3-rgw
- Update to 15.2.0-108-g8cf4f02b08:
+ rebase on tip of upstream "octopus" branch, SHA1 9267cc03e1b1612109dd57cc6ce74c34ed1f1d00
* cephadm: Fix truncated output of "ceph mgr dump"
- Update to 15.2.0-29-g274f7bc2e7:
+ rebase on tip of upstream "octopus" branch, SHA1 a8062613c81ad08815edcdf06e668fcc77270a03
* upstream 15.2.0 (first Octopus stable) release
https://ceph.io/releases/v15-2-0-octopus-released/
- Update to 15.1.1-220-g0f87374dc1:
+ rebase on tip of upstream "octopus" branch, SHA1 243cbd6224921f7f5c2463705c75cb9eafd0db5c
* upstream 15.1.1 (Octopus release candidate) release
https://github.com/ceph/ceph/releases/tag/v15.1.1
+ cephadm: read everything when calling "ceph mgr dump"
- Update to 15.1.0-2160-g310e512e18:
+ rebase on tip of upstream "octopus" branch, SHA1 465f3855623e30f3b4694f3090adbe27c8cd49c3
- Update to 15.1.0-1766-g3d31471523:
+ rebase on tip of upstream master, SHA1 25b8ecc216b02e848f9719ced8c84670de656e78
==== cloud-init ====
- Update cloud-init-write-routes.patch
+ In cases where the config contains 2 or more default gateway
specifications for an interface only write the first default route,
log warning message about skipped routes
+ Avoid writing invalid route specification if neither the network
nor destination is specified in the route configuration
- Update cloud-init-write-routes.patch
+ Still need to consider the "network" configuration uption
for the v1 config implementation. Fixes regression
introduced with update from Wed Feb 12 19:30:42
- Update cloud-init-write-routes.patch (bsc#1165296)
+ Add the default gateway to the ifroute config file when specified
as part of the subnet configuration
+ Fix typo to properly extrakt provided netmask data (bsc#1163178)
==== conmon ====
Version update (2.0.14 -> 2.0.15)
- Enable support for journald logging (bsc#1162432)
- Update to v2.0.15
- store status while waiting for pid
==== cpio ====
- starting with GCC 10, the default of '-fcommon' option will
change to '-fno-common'. Because cpio build fails with
'fno-common', add '-fcommon' option to optflags as a temporary
workaround for this problem till it's properly fixed [bsc#1160870]
==== cri-tools ====
Version update (1.17.0 -> 1.18.0)
- Update to v1.18.0:
* Main Changes
* Update Kubernetes to v1.18.0
* Switch to urfave/cli/v2
* CRI CLI (crictl)
* Use ContextDialer to fix build
* Add go-template option for inspect commands
* Fix invalid log_path in docs
* CRI validation testing (critest)
* Make apparmor failure test more flexible
* Start container before fetching metrics
* Cleanup container create test to reduce duplication
* Add container stats test
==== cryptsetup ====
Version update (2.3.0 -> 2.3.1)
Subpackages: libcryptsetup12
- Split translations to -lang package
- New version to 2.3.1
* Support VeraCrypt 128 bytes passwords.
VeraCrypt now allows passwords of maximal length 128 bytes
(compared to legacy TrueCrypt where it was limited by 64 bytes).
* Strip extra newline from BitLocker recovery keys
There might be a trailing newline added by the text editor when
the recovery passphrase was passed using the --key-file option.
* Detect separate libiconv library.
It should fix compilation issues on distributions with iconv
implemented in a separate library.
* Various fixes and workarounds to build on old Linux distributions.
* Split lines with hexadecimal digest printing for large key-sizes.
* Do not wipe the device with no integrity profile.
With --integrity none we performed useless full device wipe.
* Workaround for dm-integrity kernel table bug.
Some kernels show an invalid dm-integrity mapping table
if superblock contains the "recalculate" bit. This causes
integritysetup to not recognize the dm-integrity device.
Integritysetup now specifies kernel options such a way that
even on unpatched kernels mapping table is correct.
* Print error message if LUKS1 keyslot cannot be processed.
If the crypto backend is missing support for hash algorithms
used in PBKDF2, the error message was not visible.
* Properly align LUKS2 keyslots area on conversion.
If the LUKS1 payload offset (data offset) is not aligned
to 4 KiB boundary, new LUKS2 keyslots area in now aligned properly.
* Validate LUKS2 earlier on conversion to not corrupt the device
if binary keyslots areas metadata are not correct.
==== elfutils ====
Version update (0.178 -> 0.179)
Subpackages: libasm1 libdw1 libelf1
- Update to version 0.179:
debuginfod-client: When DEBUGINFOD_PROGRESS is set and the program doesn't
install its own debuginfod_progressfn_t show download
progress on stderr.
DEBUGINFOD_TIMEOUT is now defined as seconds to get at
least 100K, defaults to 90 seconds.
Default to $XDG_CACHE_HOME/debuginfod_client.
New functions debuginfod_set_user_data,
debuginfod_get_user_data, debuginfod_get_url and
debuginfod_add_http_header.
Support for file:// URLs.
debuginfod: Uses libarchive directly for reading rpm archives.
Support for indexing .deb/.ddeb archives through dpkg-deb
or bsdtar.
Generic archive support through -Z EXT[=CMD]. Which can be
used for example for arch-linux pacman files by using
- Z '.tar.zst=zstdcat'.
Better logging using User-Agent and X-Forwarded-For headers.
More prometheus metrics.
Support for eliding dots or extraneous slashes in path names.
debuginfod-find: Accept /path/names in place of buildid hex.
libelf: Handle PN_XNUM in elf_getphdrnum before shdr 0 is cached
Ensure zlib resource cleanup on failure.
libdwfl: dwfl_linux_kernel_find_elf and dwfl_linux_kernel_report_offline
now find and handle a compressed vmlinuz image.
readelf, elflint: Handle PT_GNU_PROPERTY.
translations: Updated Ukrainian translation.
==== haproxy ====
Version update (2.1.3+git0.5c020bbdd -> 2.1.4+git0.3cfc2f1d9)
- Update to version 2.1.4+git0.3cfc2f1d9: (boo#1168023) CVE-2020-11100
- SCRIPTS: make announce-release executable again
- BUG/MINOR: namespace: avoid closing fd when socket failed in
my_socketat
- BUG/MEDIUM: muxes: Use the right argument when calling the
destroy method.
- BUG/MINOR: mux-fcgi: Forbid special characters when matching
PATH_INFO param
- MINOR: mux-fcgi: Make the capture of the path-info optional in
pathinfo regex
- SCRIPTS: announce-release: use mutt -H instead of -i to include
the draft
- MINOR: http-htx: Add a function to retrieve the headers size of
an HTX message
- MINOR: filters: Forward data only if the last filter forwards
something
- BUG/MINOR: filters: Count HTTP headers as filtered data but
don't forward them
- BUG/MINOR: http-htx: Don't return error if authority is updated
without changes
- BUG/MINOR: http-ana: Matching on monitor-uri should be
case-sensitive
- MINOR: http-ana: Match on the path if the monitor-uri starts by
a /
- BUG/MAJOR: http-ana: Always abort the request when a tarpit is
triggered
- MINOR: ist: add an iststop() function
- BUG/MINOR: http: http-request replace-path duplicates the query
string
- BUG/MEDIUM: shctx: make sure to keep all blocks aligned
- MINOR: compiler: move CPU capabilities definition from config.h
and complete them
- BUG/MEDIUM: ebtree: don't set attribute packed without
unaligned access support
- BUILD: fix recent build failure on unaligned archs
- CLEANUP: cfgparse: Fix type of second calloc() parameter
- BUG/MINOR: sample: fix the json converter's endian-sensitivity
- BUG/MEDIUM: ssl: fix several bad pointer aliases in a few
sample fetch functions
- BUG/MINOR: connection: make sure to correctly tag local PROXY
connections
- MINOR: compiler: add new alignment macros
- BUILD: ebtree: improve architecture-specific alignment
- BUG/MINOR: h2: reject again empty :path pseudo-headers
- BUG/MINOR: sample: Make sure to return stable IDs in the
unique-id fetch
- BUG/MINOR: dns: ignore trailing dot
- BUG/MINOR: http-htx: Do case-insensive comparisons on Host
header name
- MINOR: contrib/prometheus-exporter: Add heathcheck status/code
in server metrics
- MINOR: contrib/prometheus-exporter: Add the last heathcheck
duration metric
- BUG/MEDIUM: random: initialize the random pool a bit better
- MINOR: tools: add 64-bit rotate operators
- BUG/MEDIUM: random: implement a thread-safe and process-safe
PRNG
- MINOR: backend: use a single call to ha_random32() for the
random LB algo
- BUG/MINOR: checks/threads: use ha_random() and not rand()
- BUG/MAJOR: list: fix invalid element address calculation
- MINOR: debug: report the task handler's pointer relative to
main
- BUG/MEDIUM: debug: make the debug_handler check for the thread
in threads_to_dump
- MINOR: haproxy: export main to ease access from debugger
- BUILD: tools: remove obsolete and conflicting trace() from
standard.c
- BUG/MINOR: wdt: do not return an error when the watchdog
couldn't be enabled
- DOC: fix incorrect indentation of http_auth_*
- OPTIM: startup: fast unique_id allocation for acl.
- BUG/MINOR: pattern: Do not pass len = 0 to calloc()
- DOC: configuration.txt: fix various typos
- DOC: assorted typo fixes in the documentation and Makefile
- BUG/MINOR: init: make the automatic maxconn consider the max of
soft/hard limits
- BUG/MAJOR: proxy_protocol: Properly validate TLV lengths
- REGTEST: make the PROXY TLV validation depend on version 2.2
- BUG/MINOR: filters: Use filter offset to decude the amount of
forwarded data
- BUG/MINOR: filters: Forward everything if no data filters are
called
- MINOR: htx: Add a function to return a block at a specific
offset
- BUG/MEDIUM: cache/filters: Fix loop on HTX blocks caching the
response payload
- BUG/MEDIUM: compression/filters: Fix loop on HTX blocks
compressing the payload
- BUG/MINOR: http-ana: Reset request analysers on a response side
error
- BUG/MINOR: lua: Ignore the reserve to know if a channel is full
or not
- BUG/MINOR: http-rules: Preserve FLT_END analyzers on reject
action
- BUG/MINOR: http-rules: Fix a typo in the reject action function
- BUG/MINOR: rules: Preserve FLT_END analyzers on silent-drop
action
- BUG/MINOR: rules: Increment be_counters if backend is assigned
for a silent-drop
- DOC: fix typo about no-tls-tickets
- DOC: improve description of no-tls-tickets
- DOC: assorted typo fixes in the documentation
- DOC: ssl: clarify security implications of TLS tickets
- BUILD: wdt: only test for SI_TKILL when compiled with thread
support
- BUG/MEDIUM: mt_lists: Make sure we set the deleted element to
NULL;
- MINOR: mt_lists: Appease gcc.
- BUG/MEDIUM: random: align the state on 2*64 bits for ARM64
- BUG/MEDIUM: pools: Always update free_list in pool_gc().
- BUG/MINOR: haproxy: always initialize sleeping_thread_mask
- BUG/MINOR: listener/mq: do not dispatch connections to remote
threads when stopping
- BUG/MINOR: haproxy/threads: try to make all threads leave
together
- DOC: proxy_protocol: Reserve TLV type 0x05 as
PP2_TYPE_UNIQUE_ID
- DOC: correct typo in alert message about rspirep
- BUILD: on ARM, must be linked to libatomic.
- BUILD: makefile: fix regex syntax in ARM platform detection
- BUILD: makefile: fix expression again to detect ARM platform
- BUG/MEDIUM: peers: resync ended with RESYNC_PARTIAL in wrong
cases.
- DOC: assorted typo fixes in the documentation
- MINOR: wdt: Move the definitions of WDTSIG and DEBUGSIG into
types/signal.h.
- BUG/MEDIUM: wdt: Don't ignore WDTSIG and DEBUGSIG in
__signal_process_queue().
- MINOR: memory: Change the flush_lock to a spinlock, and don't
get it in alloc.
- BUG/MINOR: connections: Make sure we free the connection on
failure.
- REGTESTS: use "command -v" instead of "which"
- REGTEST: increase timeouts on the seamless-reload test
- BUG/MINOR: haproxy/threads: close a possible race in soft-stop
detection
- BUG/MINOR: peers: init bind_proc to 1 if it wasn't initialized
- BUG/MINOR: peers: avoid an infinite loop with peers_fe is NULL
- BUG/MINOR: peers: Use after free of "peers" section.
- MINOR: listener: add so_name sample fetch
- BUILD: ssl: only pass unsigned chars to isspace()
- BUG/MINOR: stats: Fix color of draining servers on stats page
- DOC: internals: Fix spelling errors in filters.txt
- MINOR: http-rules: Add a flag on redirect rules to know the
rule direction
- BUG/MINOR: http_ana: make sure redirect flags don't have
overlapping bits
- MINOR: http-rules: Handle the rule direction when a redirect is
evaluated
- BUG/MINOR: http-ana: Reset request analysers on error when
waiting for response
- BUG/CRITICAL: hpack: never index a header into the headroom
after wrapping
==== k9s ====
Version update (0.15.2 -> 0.18.1)
- Update to version 0.18.1
- Many bug fixes
- Many new features (auto suggestions, revisited logs, k9 plugins)
- see https://github.com/derailed/k9s/releases/
==== kdump ====
- kdump-make-sure-that-the-udev-runtime-directory-exists.patch:
Make sure that the udev runtime directory exists (bsc#1164713).
==== kexec-tools ====
- kexec-tools-Remove-duplicated-variable-declarations.patch:
Remove duplicated variable declarations (boo#1160399).
- kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch: s390:
Reset kernel command line on syscall fallback (bsc#1167868).
==== krb5 ====
- Fix segfault in k5_primary_domain; (bsc#1167620);
- Added patches:
* 0009-Fix-null-dereference-qualifying-short-hostnames.patch
==== kubernetes ====
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet-common kubernetes-kubelet1.17 kubernetes-kubelet1.18
- Rename /usr/lib/sysctl.d/50-kubeadm.conf to 90-kubeadm.conf [boo#1163328]
- Dropping all old CaaSP legacy configuration
==== mozilla-nss ====
Version update (3.50 -> 3.51)
- Update previous patch nss-kremlin-ppc64le.patch
slightly modified to support also ppc64 (BE) versus initial
https://github.com/FStarLang/kremlin/issues/166
- Add patch nss-kremlin-ppc64le.patch to fix ppc and s390x builds
- update to NSS 3.51
* Updated DTLS 1.3 implementation to Draft-34. (bmo#1608892)
* Correct swapped PKCS11 values of CKM_AES_CMAC and
CKM_AES_CMAC_GENERAL (bmo#1611209)
* Complete integration of Wycheproof ECDH test cases (bmo#1612259)
* Check if PPC __has_include(<sys/auxv.h>) (bmo#1614183)
* Fix a compilation error for ?getFIPSEnv? "defined but not used"
(bmo#1614786)
* Send DTLS version numbers in DTLS 1.3 supported_versions extension
to avoid an incompatibility. (bmo#1615208)
* SECU_ReadDERFromFile calls strstr on a string that isn't guaranteed
to be null-terminated (bmo#1538980)
* Correct a warning for comparison of integers of different signs:
'int' and 'unsigned long' in security/nss/lib/freebl/ecl/ecp_25519.c:88
(bmo#1561337)
* Add test for mp_int clamping (bmo#1609751)
* Don't attempt to read the fips_enabled flag on the machine unless
NSS was built with FIPS enabled (bmo#1582169)
* Fix a null pointer dereference in BLAKE2B_Update (bmo#1431940)
* Fix compiler warning in secsign.c (bmo#1617387)
* Fix a OpenBSD/arm64 compilation error: unused variable 'getauxval'
(bmo#1618400)
* Fix a crash on unaligned CMACContext.aes.keySchedule when using
AES-NI intrinsics (bmo#1610687)
==== nano ====
Version update (4.9 -> 4.9.1)
- GNU nano 4.9.1
* fix cursor getting misplaced when undoing line cuts
* fix filtering of the whole buffer to a new buffer
==== ncurses ====
Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Add ncurses patch 20200321
+ improve configure-checks to reduce warnings about unused variables.
+ improve description of error-returns in waddch and waddnstr manual
pages (prompted by patch by Benno Schulenberg).
+ add test/move_field.c to demonstrate move_field(), and a stub for
a corresponding demo of dup_field().
- Add ncurses patch 20200314
+ add history note to curs_scanw.3x for <stdarg.h> and <varargs.h>
+ add history note to curs_printw.3x for <stdarg.h> and <varargs.h>
+ add portability note to ncurses.3x regarding <stdarg.h>
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Update with two upstream commits:
* Fix issue where "iscsi-iname -p" core dumps. (found upstream)
* Fix iscsi.service so it handles restarts better (bsc#1163499)
* Add Wants=remote-fs-pre.target for sequencing. (bsc#1158536)
updating:
* open-iscsi-SUSE-latest.diff.bz2
==== openSUSE-build-key ====
- mark the opensuse-container-key and the suse-container-key
for openSUSE:Containers and SUSE:Containers space.
(same as the build keys for SLE15 and openSUSE respectively.)
- Replace the old security(a)suse.de email comm key by the new, move
the old one to the oldkey. (bsc#1166334)
==== podman ====
Subpackages: podman-cni-config
- Add "systemd" BUILDFLAGS to build with support for journald
logging (bsc#1162432)
==== rook ====
Version update (1.2.6+git0.g99024013 -> 1.2.7+git0.g1acfd182)
- Update to v1.2.7 (bsc#1168160):
* Apply the expected lower PG count for rgw metadata pools (#5091)
* Reject devices smaller than 5GiB for OSDs (#5089)
* Add extra check for filesystem to skip boot volumes for OSD configuration (#5022)
* Avoid duplication of mon pod anti-affinity (#4998)
* Update service monitor definition during upgrade (#5078)
* Resizer container fix due to misinterpretation of the cephcsi version (#5073-1)
* Set ResourceVersion for Prometheus rules (#4528)
* Upgrade doc clarification for RBAC related to the helm chart (#5054)
==== setools ====
Version update (4.2.2 -> 4.3.0)
- Update to the upstream version 4.3.0:
* Revised sediff method for TE rules. This drastically reduced memory
and run time.
* Added infiniband context support to seinfo, sediff, and apol.
* Added apol configuration for location of Qt assistant.
* Fixed sediff issue where properties header would display when not
requested.
* Fixed sediff issue with type_transition file name comparison.
* Fixed permission map socket sendto information flow direction.
* Added methods to TypeAttribute class to make it a complete Python
collection.
* Genfscon now will look up classes rather than using fixed values
which were dropped from libsepol
- Dropped python3.8-compat.patch
==== wpa_supplicant ====
- With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete (bsc#1167331)
- Change wpa_supplicant.service to ensure wpa_supplicant gets started before
network. Fix WLAN config on boot with wicked. (boo#1166933)
==== yast2 ====
Version update (4.2.78 -> 4.2.80)
- Modify the way YaST detects whether systemd is running or not
(bsc#1168307)
- 4.2.80
- Reread network interfaces configuration after writing it avoiding
wrong values when reopen network configuration dialog during an
installation (bsc#1166778)
- 4.2.79
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Hi all,
after I recently setup a kubic instance on my APU without any issue, I encounter
some errors when using the 20200401 snaphost, see below.
If it is intended to have kubicd disabled by default, then this should be added
to the Readme (both https://en.opensuse.org/Kubic:kubeadm,
https://en.opensuse.org/Kubic:KubicD_and_kubicctl and
https://github.com/thkukuk/kubic-control)
Or is this a undesired fallout?
Kind Regards,
Johannes
> kubic-master01:~ # kubicctl certificates initialize
> Created /etc/kubicd/pki/Kubic-Control-CA.key
> Created /etc/kubicd/pki/Kubic-Control-CA.crt
> Created /etc/kubicd/pki/Kubic-Control-CA.crl
> Created /etc/kubicd/pki/KubicD.key
> Created /etc/kubicd/pki/KubicD.csr
> Created /etc/kubicd/pki/KubicD.crt from /etc/kubicd/pki/KubicD.csr signed by /etc/kubicd/pki/Kubic-Control-CA.key
> Created /etc/kubicd/pki/admin.key
> Created /etc/kubicd/pki/admin.csr
> Created /etc/kubicd/pki/admin.crt from /etc/kubicd/pki/admin.csr signed by /etc/kubicd/pki/Kubic-Control-CA.key
> All certificates and the CA are created and can be found in '/etc/kubicd/pki'
> kubic-master01:~ # kubicctl init
> Initializing kubernetes master can take several minutes, please be patient.
> Could not initialize: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: Error while dialing dial tcp [::1]:7148: connect: connection refused"
> kubic-master01:~ # systemctl status kubicd
> ● kubicd.service - Kubic Daemon to setup Kubernetes
> Loaded: loaded (/usr/lib/systemd/system/kubicd.service; disabled; vendor preset: disabled)
> Active: inactive (dead)
> kubic-master01:~ # systemctl start kubicd
> kubic-master01:~ # kubicctl init
> Initializing kubernetes master can take several minutes, please be patient.
> Setting up single-master kubernetes node with weave
> [...]
> kubic-master01:~ # cat /etc/os-release
> NAME="openSUSE MicroOS"
> # VERSION="20200401"
> ID="opensuse-microos"
> ID_LIKE="suse opensuse opensuse-tumbleweed"
> VERSION_ID="20200401"
> PRETTY_NAME="openSUSE MicroOS"
> ANSI_COLOR="0;32"
> CPE_NAME="cpe:/o:opensuse:microos:20200401"
> BUG_REPORT_URL="https://bugs.opensuse.org"
> HOME_URL="https://www.opensuse.org/"
> LOGO="distributor-logo"
> kubic-master01:~ #
--
Johannes Kastl
Linux Consultant & Trainer
Tel.: +49 (0) 151 2372 5802
Mail: kastl(a)b1-systems.de
B1 Systems GmbH
Osterfeldstraße 7 / 85088 Vohburg
http://www.b1-systems.de
GF: Ralph Dehner
Unternehmenssitz: Vohburg / AG: Ingolstadt,HRB 3537
2
2
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
openssl (1.1.1d -> 1.1.1f)
openssl-1_1 (1.1.1d -> 1.1.1f)
=== Details ===
==== openssl ====
Version update (1.1.1d -> 1.1.1f)
- Update to 1.1.1f release
- Update to 1.1.1e release
==== openssl-1_1 ====
Version update (1.1.1d -> 1.1.1f)
Subpackages: libopenssl1_1
- Update to 1.1.1f
* Revert the unexpected EOF reporting via SSL_ERROR_SSL
- refresh openssl-1.1.0-no-html.patch
- Update to 1.1.1e
* Properly detect EOF while reading in libssl. Previously if we hit an EOF
while reading in libssl then we would report an error back to the
application (SSL_ERROR_SYSCALL) but errno would be 0. We now add
an error to the stack (which means we instead return SSL_ERROR_SSL) and
therefore give a hint as to what went wrong.
* Check that ed25519 and ed448 are allowed by the security level. Previously
signature algorithms not using an MD were not being checked that they were
allowed by the security level.
* Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername()
was not quite right. The behaviour was not consistent between resumption
and normal handshakes, and also not quite consistent with historical
behaviour. The behaviour in various scenarios has been clarified and
it has been updated to make it match historical behaviour as closely as
possible.
* Corrected the documentation of the return values from the EVP_DigestSign*
set of functions. The documentation mentioned negative values for some
errors, but this was never the case, so the mention of negative values
was removed.
* Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
The presence of this system service is determined at run-time.
* Added newline escaping functionality to a filename when using openssl dgst.
This output format is to replicate the output format found in the '*sum'
checksum programs. This aims to preserve backward compatibility.
* Print all values for a PKCS#12 attribute with 'openssl pkcs12', not just
the first value.
- Update bunch of patches as the internal crypto headers got reorganized
- drop openssl-1_1-CVE-2019-1551.patch (upstream)
- openssl dgst: default to SHA256 only when called without a digest,
not when it couldn't be found (bsc#1166189)
* add openssl-unknown_dgst.patch
- Limit the DRBG selftests to not deplete entropy (bsc#1165274)
* update openssl-fips_selftest_upstream_drbg.patch
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
openssl (1.1.1d -> 1.1.1f)
openssl-1_1 (1.1.1d -> 1.1.1f)
=== Details ===
==== openssl ====
Version update (1.1.1d -> 1.1.1f)
- Update to 1.1.1f release
- Update to 1.1.1e release
==== openssl-1_1 ====
Version update (1.1.1d -> 1.1.1f)
Subpackages: libopenssl1_1
- Update to 1.1.1f
* Revert the unexpected EOF reporting via SSL_ERROR_SSL
- refresh openssl-1.1.0-no-html.patch
- Update to 1.1.1e
* Properly detect EOF while reading in libssl. Previously if we hit an EOF
while reading in libssl then we would report an error back to the
application (SSL_ERROR_SYSCALL) but errno would be 0. We now add
an error to the stack (which means we instead return SSL_ERROR_SSL) and
therefore give a hint as to what went wrong.
* Check that ed25519 and ed448 are allowed by the security level. Previously
signature algorithms not using an MD were not being checked that they were
allowed by the security level.
* Fixed SSL_get_servername() behaviour. The behaviour of SSL_get_servername()
was not quite right. The behaviour was not consistent between resumption
and normal handshakes, and also not quite consistent with historical
behaviour. The behaviour in various scenarios has been clarified and
it has been updated to make it match historical behaviour as closely as
possible.
* Corrected the documentation of the return values from the EVP_DigestSign*
set of functions. The documentation mentioned negative values for some
errors, but this was never the case, so the mention of negative values
was removed.
* Added a new method to gather entropy on VMS, based on SYS$GET_ENTROPY.
The presence of this system service is determined at run-time.
* Added newline escaping functionality to a filename when using openssl dgst.
This output format is to replicate the output format found in the '*sum'
checksum programs. This aims to preserve backward compatibility.
* Print all values for a PKCS#12 attribute with 'openssl pkcs12', not just
the first value.
- Update bunch of patches as the internal crypto headers got reorganized
- drop openssl-1_1-CVE-2019-1551.patch (upstream)
- openssl dgst: default to SHA256 only when called without a digest,
not when it couldn't be found (bsc#1166189)
* add openssl-unknown_dgst.patch
- Limit the DRBG selftests to not deplete entropy (bsc#1165274)
* update openssl-fips_selftest_upstream_drbg.patch
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
aaa_base (84.87+git20200312.411a96b -> 84.87+git20200224.7105b32)
kernel-source (5.5.13 -> 5.6.0)
shim-leap
=== Details ===
==== aaa_base ====
Version update (84.87+git20200312.411a96b -> 84.87+git20200224.7105b32)
- Update to version 84.87+git20200224.7105b32:
* Add usrfiles for protocols and rpc, too
- Update to version 84.87+git20200224.bb11f02:
* change feedback url from http://www.suse.de/feedback to
https://github.com/openSUSE/aaa_base/issues
* added "-h"/"--help" to "old" command (from Bernhard Lang)
- Update to version 84.87+git20200207.27e2c61:
* change rp_filter to 2 to follow the current default (bsc#1160735)
- Update to version 84.87+git20200206.ed897a1:
* get_kernel_version: fix for current kernel on s390x (from azouhr)
- Update to version 84.87+git20200206.8d74b0b:
* Fix services entry in /etc/nsswitch.conf [bsc#1162916]
- Make sure glibc is recent enough else nsswitch.conf update
will fail
- Adjust Requires/Requires(pre)/Requires(post)
- Update to version 84.87+git20200128.8a17290:
* Move chkconfig to insserv-compat, as most functionality isn't supported anymore since we have different solutions with systemd.
* Remove /usr/bin/mkinfodir, not used anywhere anymore
- Update to version 84.87+git20200116.59482ba:
* drop dev.cdrom.autoclose = 0 from sysctl config (bsc#1160970)
* Call binaries in /usr only, /bin is legacy
- Update to version 84.87+git20200108.0da43d3:
* generalize testing for JVMs when creating the java path
to support sapjvm and others (boo#1157794)
- Update to version 84.87+git20191206.1cb88e3:
* Add support for lesskey.bin in /usr/etc
* Do last change also for tcsh
* Not all XTerm based emulators do have an terminfo entry
- Update to version 84.87+git20191120.98f1524:
* merged PR 65
* dash fixes
* handle /usr/etc/login.defs for wsl
- Update to version 84.87+git20191017.bf0a315:
* Use short TERM name rxvt for rxvt-unicode and rxvt-unicode-256-color
- Update to version 84.87+git20191017.14003c1:
* Use official key binding functions in inputrc
that is replace up-history with previous-history, down-history with
next-history and backward-delete-word with backward-kill-word
(bsc#1084934). Add some missed key escape sequences for urxvt-unicode
terminal as well (boo#1007715).
- Update to version 84.87+git20191016.80d1420:
* backup-sysconfig: fall back top cpio if tar is not available
(bsc#1089299)
* backup-rpmdb: check if rpm database is okay before backup to
avoid overwriting good backups with corrupt ones (bsc#1079861)
* service: check if there is a second argument before using it
(bsc#1051143)
- Update to version 84.87+git20191014.52dc403:
* also add color alias for ip command, jira#sle-9880, bsc#1153943
- Update to version 84.87+git20191010.b20083a:
* check if variables can be set before modifying them
to avoid warnings on login with a restricted shell
(bsc#1138869)
- Update to version 84.87+git20191009.4c2bd8e:
* Add s390x compressed kernel support (bsc#1151023)
* Fix LC_NAME and LC_ADDRESS in sh.ssh
* fix string test to arithmetic test in /etc/profile.d/wsl.sh
- Update to version 84.87+git20190822.82a17f1:
* add sysctl.d/51-network.conf to tighten network security a bit
see also (boo#1146866) (jira#SLE-9132)
- Drop /bin/login requirement
- Update to version 84.87+git20190718.ce933cb:
* Make systemd detection cgroup oblivious (bsc#1140647)
- stop using insecure protocols in _service file
- Update to version 84.87+git20190418.d83e9d6:
* convert_sysctl isn't needed anymore
- Update to version 84.87+git20190418.f488c70:
* Remove sysconfig/sysctl to sysctl.conf merge, there is no active
distribution anymore from which we support an update with this.
- Update to version 84.87+git20190418.155e7f0:
* Remove sysconfig/cron to tmpfiles, we don't support upgrade from
such old distributions to Factory anymore.
* /etc/sysconfig/boot and /etc/sysconfig/shutdown don't exist anymore,
no need to remove single variables from it.
* Remove obsolete code for /etc/psdevtab and YaST
- Remove over 12 year old compat provides
- Remove BuildRequires for net-tools, the code was removed and this
package does not contain the wanted tool anymore
- Replace net-tools with successors in Recommends
- Update to version 84.87+git20190418.a543e8e:
* Remove rc.splash and rc.status, now part of insserv-compat [bsc#1132738]
- Update to version 84.87+git20190404.8684de3:
* Add two Scheme/LISP based shells to /etc/shells
* /etc/profile does not work in AppArmor-confined containers (bsc#1096191)
- Update to version 84.87+git20190307.00d332a:
* update logic for JRE_HOME env variable (bsc#1128246)
- Update to version 84.87+git20190109.b66cf03:
* Restore old position of ssh/sudo source of profile
for bug bsc#1118364 but hopefully do not reintroduce
bug boo#1088524
- Update to version 84.87+git20181210.841bf8f:
* Set HISTTIMEFORMAT and HISTCONTROL only if unset (boo#1112653)
- Update to version 84.87+git20181113.08d4125:
* Sync x-genesis-rom extensions with freedesktop DB
* test for /applications before adding data dir
(bsc#1095969)
* Clean up the no_proxy value: not all clients ignore spaces
(bsc#1089796)
* Add option --version to /sbin/service
- Update to version 84.87+git20181107.f39a8d1:
* Readline: Do not miss common mappings for vi
* Readline: Use overwrite-mode on Insert key
* Avoid `ls' command in alljava shell scriptlets
* bashrc: Change =~ test to globs. Fixes mkshrc.
* Update README (#55)
- Update to version 84.87+git20180409.04c9dae:
* In bash.bashrc move ssh/sudo source of profile to avoid removing
the `is' variable before last use (boo#1088524).
* Avoid the shell code checker stumble over `function' keys word
in ls.bash (git#54).
- Use %license (boo#1082318)
- Update to version 84.87+git20180208.8eeab90:
* Don't call fillup for removed sysconfig.news
* Adjust path for script converting sysctl config
* For ksh use builtin keyword 'function' to make sure that the
keyword 'typeset' really set the variable IFS to be local within
the function _ls.
- Update to version 84.87+git20180205.2d2832f:
* Move /lib/aaa_base/convert_sysctl to /usr/lib/base-scripts/convert_sysctl
to cleanup filesystem.
* Don't create /etc/init.d/{boot.local,after.local,halt.local} in
aaa_base.pre section.
* Remove dead code from pre/post install sections.
- Add /var/adm/backup subdirectories to aaa_base-extras, they are
only needed by this package.
- Update to version 84.87+git20180204.875cba8:
* Move sysconfig.backup into extra subpackage, where all the
scripts using it are, too.
* Create systemd timer for the cron.daily scripts for backup-rpmdb,
backup-sysconfig and check-battery. Move scripts to
/usr/lib/base-scripts.
* Remove suse.de-cron-local. If somebody really still has a
/root/cron.daily.local file, he can move it to /etc/cron.daily.
* Don't modify data in root's home directory
* Don't create userdel.local, this isn't in use since many years
- Update to version 84.87+git20180130.ae1f262:
* Really remove /usr/sbin/Check, obsolete since 8 years
* Remove ChangeSymlinks, 90% are obsolete, the rest is dangerous
* Remove 14 year old outdated documentation and dummy scripts for
Java
- Update to version 84.87+git20180130.36ea161:
* Remove obsolete/outdated manual pages (route.conf.5,init.d.7,
quick_halt.8)
==== kernel-source ====
Version update (5.5.13 -> 5.6.0)
- Refresh
patches.suse/media-go7007-Fix-URB-type-for-interrupt-handling.patch.
Update upstream status.
- commit 46fab61
- mac80211: fix authentication with iwlwifi/mvm
(https://lkml.kernel.org/r/20200329.212136.273575061630425724.davem@davemlof…)
- commit 5032681
- Revert "sign also s390x kernel images (bsc#1163524)"
This reverts commit b38b61155f0a2c3ebca06d4bb0c2e11a19a87f1f.
The pesign-obs-integration changes needed for s390x image signing are
still missing in Factory so that this change breaks s390x builds.
- commit 9544af9
- Update to 5.6 final
- refresh configs
- commit da616f7
==== shim-leap ====
- Use the full path of efibootmgr to avoid errors when invoking
shim-install from packagekitd (bsc#1168104)
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
aaa_base (84.87+git20200312.411a96b -> 84.87+git20200224.7105b32)
kernel-source (5.5.13 -> 5.6.0)
shim-leap
=== Details ===
==== aaa_base ====
Version update (84.87+git20200312.411a96b -> 84.87+git20200224.7105b32)
- Update to version 84.87+git20200224.7105b32:
* Add usrfiles for protocols and rpc, too
- Update to version 84.87+git20200224.bb11f02:
* change feedback url from http://www.suse.de/feedback to
https://github.com/openSUSE/aaa_base/issues
* added "-h"/"--help" to "old" command (from Bernhard Lang)
- Update to version 84.87+git20200207.27e2c61:
* change rp_filter to 2 to follow the current default (bsc#1160735)
- Update to version 84.87+git20200206.ed897a1:
* get_kernel_version: fix for current kernel on s390x (from azouhr)
- Update to version 84.87+git20200206.8d74b0b:
* Fix services entry in /etc/nsswitch.conf [bsc#1162916]
- Make sure glibc is recent enough else nsswitch.conf update
will fail
- Adjust Requires/Requires(pre)/Requires(post)
- Update to version 84.87+git20200128.8a17290:
* Move chkconfig to insserv-compat, as most functionality isn't supported anymore since we have different solutions with systemd.
* Remove /usr/bin/mkinfodir, not used anywhere anymore
- Update to version 84.87+git20200116.59482ba:
* drop dev.cdrom.autoclose = 0 from sysctl config (bsc#1160970)
* Call binaries in /usr only, /bin is legacy
- Update to version 84.87+git20200108.0da43d3:
* generalize testing for JVMs when creating the java path
to support sapjvm and others (boo#1157794)
- Update to version 84.87+git20191206.1cb88e3:
* Add support for lesskey.bin in /usr/etc
* Do last change also for tcsh
* Not all XTerm based emulators do have an terminfo entry
- Update to version 84.87+git20191120.98f1524:
* merged PR 65
* dash fixes
* handle /usr/etc/login.defs for wsl
- Update to version 84.87+git20191017.bf0a315:
* Use short TERM name rxvt for rxvt-unicode and rxvt-unicode-256-color
- Update to version 84.87+git20191017.14003c1:
* Use official key binding functions in inputrc
that is replace up-history with previous-history, down-history with
next-history and backward-delete-word with backward-kill-word
(bsc#1084934). Add some missed key escape sequences for urxvt-unicode
terminal as well (boo#1007715).
- Update to version 84.87+git20191016.80d1420:
* backup-sysconfig: fall back top cpio if tar is not available
(bsc#1089299)
* backup-rpmdb: check if rpm database is okay before backup to
avoid overwriting good backups with corrupt ones (bsc#1079861)
* service: check if there is a second argument before using it
(bsc#1051143)
- Update to version 84.87+git20191014.52dc403:
* also add color alias for ip command, jira#sle-9880, bsc#1153943
- Update to version 84.87+git20191010.b20083a:
* check if variables can be set before modifying them
to avoid warnings on login with a restricted shell
(bsc#1138869)
- Update to version 84.87+git20191009.4c2bd8e:
* Add s390x compressed kernel support (bsc#1151023)
* Fix LC_NAME and LC_ADDRESS in sh.ssh
* fix string test to arithmetic test in /etc/profile.d/wsl.sh
- Update to version 84.87+git20190822.82a17f1:
* add sysctl.d/51-network.conf to tighten network security a bit
see also (boo#1146866) (jira#SLE-9132)
- Drop /bin/login requirement
- Update to version 84.87+git20190718.ce933cb:
* Make systemd detection cgroup oblivious (bsc#1140647)
- stop using insecure protocols in _service file
- Update to version 84.87+git20190418.d83e9d6:
* convert_sysctl isn't needed anymore
- Update to version 84.87+git20190418.f488c70:
* Remove sysconfig/sysctl to sysctl.conf merge, there is no active
distribution anymore from which we support an update with this.
- Update to version 84.87+git20190418.155e7f0:
* Remove sysconfig/cron to tmpfiles, we don't support upgrade from
such old distributions to Factory anymore.
* /etc/sysconfig/boot and /etc/sysconfig/shutdown don't exist anymore,
no need to remove single variables from it.
* Remove obsolete code for /etc/psdevtab and YaST
- Remove over 12 year old compat provides
- Remove BuildRequires for net-tools, the code was removed and this
package does not contain the wanted tool anymore
- Replace net-tools with successors in Recommends
- Update to version 84.87+git20190418.a543e8e:
* Remove rc.splash and rc.status, now part of insserv-compat [bsc#1132738]
- Update to version 84.87+git20190404.8684de3:
* Add two Scheme/LISP based shells to /etc/shells
* /etc/profile does not work in AppArmor-confined containers (bsc#1096191)
- Update to version 84.87+git20190307.00d332a:
* update logic for JRE_HOME env variable (bsc#1128246)
- Update to version 84.87+git20190109.b66cf03:
* Restore old position of ssh/sudo source of profile
for bug bsc#1118364 but hopefully do not reintroduce
bug boo#1088524
- Update to version 84.87+git20181210.841bf8f:
* Set HISTTIMEFORMAT and HISTCONTROL only if unset (boo#1112653)
- Update to version 84.87+git20181113.08d4125:
* Sync x-genesis-rom extensions with freedesktop DB
* test for /applications before adding data dir
(bsc#1095969)
* Clean up the no_proxy value: not all clients ignore spaces
(bsc#1089796)
* Add option --version to /sbin/service
- Update to version 84.87+git20181107.f39a8d1:
* Readline: Do not miss common mappings for vi
* Readline: Use overwrite-mode on Insert key
* Avoid `ls' command in alljava shell scriptlets
* bashrc: Change =~ test to globs. Fixes mkshrc.
* Update README (#55)
- Update to version 84.87+git20180409.04c9dae:
* In bash.bashrc move ssh/sudo source of profile to avoid removing
the `is' variable before last use (boo#1088524).
* Avoid the shell code checker stumble over `function' keys word
in ls.bash (git#54).
- Use %license (boo#1082318)
- Update to version 84.87+git20180208.8eeab90:
* Don't call fillup for removed sysconfig.news
* Adjust path for script converting sysctl config
* For ksh use builtin keyword 'function' to make sure that the
keyword 'typeset' really set the variable IFS to be local within
the function _ls.
- Update to version 84.87+git20180205.2d2832f:
* Move /lib/aaa_base/convert_sysctl to /usr/lib/base-scripts/convert_sysctl
to cleanup filesystem.
* Don't create /etc/init.d/{boot.local,after.local,halt.local} in
aaa_base.pre section.
* Remove dead code from pre/post install sections.
- Add /var/adm/backup subdirectories to aaa_base-extras, they are
only needed by this package.
- Update to version 84.87+git20180204.875cba8:
* Move sysconfig.backup into extra subpackage, where all the
scripts using it are, too.
* Create systemd timer for the cron.daily scripts for backup-rpmdb,
backup-sysconfig and check-battery. Move scripts to
/usr/lib/base-scripts.
* Remove suse.de-cron-local. If somebody really still has a
/root/cron.daily.local file, he can move it to /etc/cron.daily.
* Don't modify data in root's home directory
* Don't create userdel.local, this isn't in use since many years
- Update to version 84.87+git20180130.ae1f262:
* Really remove /usr/sbin/Check, obsolete since 8 years
* Remove ChangeSymlinks, 90% are obsolete, the rest is dangerous
* Remove 14 year old outdated documentation and dummy scripts for
Java
- Update to version 84.87+git20180130.36ea161:
* Remove obsolete/outdated manual pages (route.conf.5,init.d.7,
quick_halt.8)
==== kernel-source ====
Version update (5.5.13 -> 5.6.0)
- Refresh
patches.suse/media-go7007-Fix-URB-type-for-interrupt-handling.patch.
Update upstream status.
- commit 46fab61
- mac80211: fix authentication with iwlwifi/mvm
(https://lkml.kernel.org/r/20200329.212136.273575061630425724.davem@davemlof…)
- commit 5032681
- Revert "sign also s390x kernel images (bsc#1163524)"
This reverts commit b38b61155f0a2c3ebca06d4bb0c2e11a19a87f1f.
The pesign-obs-integration changes needed for s390x image signing are
still missing in Factory so that this change breaks s390x builds.
- commit 9544af9
- Update to 5.6 final
- refresh configs
- commit da616f7
==== shim-leap ====
- Use the full path of efibootmgr to avoid errors when invoking
shim-install from packagekitd (bsc#1168104)
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner(a)opensuse.org
1
0