openSUSE Kubic
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
May 2021
- 8 participants
- 52 discussions
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
coreutils
iproute2 (5.11 -> 5.12)
kernel-source (5.11.11 -> 5.12.0)
libical (3.0.9 -> 3.0.10)
libical-glib (3.0.9 -> 3.0.10)
libinput (1.17.1 -> 1.17.2)
libzypp (17.25.9 -> 17.25.10)
open-iscsi
python38 (3.8.8 -> 3.8.9)
python38-core (3.8.8 -> 3.8.9)
samba (4.14.2+git.159.2a8872214bf -> 4.14.4+git.162.18fd73a39a0)
shim
snapper
zypper (1.14.43 -> 1.14.44)
=== Details ===
==== coreutils ====
- Use new packageand format
- coreutils-tests-fix-FP-in-ls-stat-free-color.patch: Add upstream patch
to avoid FP in testsuite.
- coreutils.spec:
- Reference the above patch.
- Change keyring URL to new GNU coreutils Group Release Keyring.
- coreutils.keyring: Update with the Group Release Keyring.
==== iproute2 ====
Version update (5.11 -> 5.12)
- Update to release 5.12
* devlink: Use library provided string processing APIs
* utils: Introduce helper routines for generic socket recv
* q_cake: Fix incorrect printing of signed values in class statistics
* json_print: Add print_tv()
* nexthop: Add support for nexthop buckets
* nexthop: Add support for resilient nexthop groups
* ip: xfrm: add support for tfcpad
* tc: e_bpf: fix memory leak in parse_bpf()
* lib: bpf_legacy: treat 0 as a valid file descriptor
* ip: drop 2-char command assumption
* bridge: vlan: dump port only if there are any vlans
==== kernel-source ====
Version update (5.11.11 -> 5.12.0)
- rpm/constraints.in: remove aarch64 disk size exception
obs://Kernel:stable/kernel-default/ARM/aarch64 currrently fails:
installing package kernel-default-livepatch-devel-5.12.0-3.1.g6208a83.aarch64 needs 3MB more space on the / filesystem
The stats say:
Maximal used disk space: 31799 Mbyte
By default, we require 35G. For aarch64 we had an exception to lower
this limit to 30G there. Drop this exception as it is obviously no
longer valid.
- commit ee00b50
- series.conf: cleanup
- fix Patch-mainline tag and move to "almost mainline" section:
patches.suse/crypto-ccp-Annotate-SEV-Firmware-file-names.patch
- commit 3a48ed8
- crypto: ccp: Annotate SEV Firmware file names (bsc#1185282).
- commit 66154b6
- Update to 5.12 final
- refresh configs (headers only)
- commit 9683115
- rpm/kernel-binary.spec.in: Require new enough pahole.
pahole 1.21 is required for building line-next BTF
- commit 8df1aaa
- rpm/macros.kernel-source: fix KMP failure in %install (bsc#1185244)
- commit 52805ed
- rpm/kernel-obs-build.spec.in: Include essiv with dm-crypt (boo#1183063).
Previously essiv was part of dm-crypt but now it is separate.
Include the module in kernel-obs-build when available.
Fixes: 7cf5b9e26d87 ("rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup")
- commit fe15b78
- Revert "rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514)"
This turned out to be a bad idea: the kernel-$flavor-devel package
must be usable without kernel-$flavor, e.g. at the build of a KMP.
And this change brought superfluous installation of kernel-preempt
when a system had kernel-syms (bsc#1185113).
- commit d771304
- rpm/check-for-config-changes: add AS_HAS_* to ignores
arch/arm64/Kconfig defines a lot of these. So far our current compilers
seem to support them all. But it can quickly change with SLE later.
- commit a4d8194
- Linux 5.11.16 (bsc#1012628).
- bpf: Move sanitize_val_alu out of op switch (bsc#1012628).
- bpf: Improve verifier error messages for users (bsc#1012628).
- bpf: Rework ptr_limit into alu_limit and add common error path
(bsc#1012628).
- ARM: 9071/1: uprobes: Don't hook on thumb instructions
(bsc#1012628).
- bpf: Move off_reg into sanitize_ptr_alu (bsc#1012628).
- bpf: Ensure off_reg has no mixed signed bounds for all types
(bsc#1012628).
- r8169: don't advertise pause in jumbo mode (bsc#1012628).
- r8169: tweak max read request size for newer chips also in
jumbo mtu mode (bsc#1012628).
- kasan: remove redundant config option (bsc#1012628).
- kasan: fix hwasan build for gcc (bsc#1012628).
- KVM: VMX: Don't use vcpu->run->internal.ndata as an array index
(bsc#1012628).
- KVM: VMX: Convert vcpu_vmx.exit_reason to a union (bsc#1012628).
- bpf: Use correct permission flag for mixed signed bounds
arithmetic (bsc#1012628).
- arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz
osc reference (bsc#1012628).
- arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
(bsc#1012628).
- ARM: OMAP2+: Fix uninitialized sr_inst (bsc#1012628).
- ARM: footbridge: fix PCI interrupt mapping (bsc#1012628).
- ARM: 9069/1: NOMMU: Fix conversion for_each_membock() to
for_each_mem_range() (bsc#1012628).
- ARM: 9063/1: mm: reduce maximum number of CPUs if
DEBUG_KMAP_LOCAL is enabled (bsc#1012628).
- ARM: OMAP2+: Fix warning for omap_init_time_of() (bsc#1012628).
- gro: ensure frag0 meets IP header alignment (bsc#1012628).
- ch_ktls: do not send snd_una update to TCB in middle
(bsc#1012628).
- ch_ktls: tcb close causes tls connection failure (bsc#1012628).
- ch_ktls: fix device connection close (bsc#1012628).
- ch_ktls: Fix kernel panic (bsc#1012628).
- ibmvnic: remove duplicate napi_schedule call in open function
(bsc#1012628).
- ibmvnic: remove duplicate napi_schedule call in do_reset
function (bsc#1012628).
- ibmvnic: avoid calling napi_disable() twice (bsc#1012628).
- ia64: tools: remove inclusion of ia64-specific version of
errno.h header (bsc#1012628).
- ia64: remove duplicate entries in generic_defconfig
(bsc#1012628).
- ethtool: pause: make sure we init driver stats (bsc#1012628).
- i40e: fix the panic when running bpf in xdpdrv mode
(bsc#1012628).
- ibmvnic: correctly use dev_consume/free_skb_irq (bsc#1012628).
- net: Make tcp_allowed_congestion_control readonly in non-init
netns (bsc#1012628).
- mm: ptdump: fix build failure (bsc#1012628).
- net: ip6_tunnel: Unregister catch-all devices (bsc#1012628).
- net: sit: Unregister catch-all devices (bsc#1012628).
- net: phy: marvell: fix detection of PHY on Topaz switches
(bsc#1012628).
- net: davicom: Fix regulator not turned off on failed probe
(bsc#1012628).
- net/mlx5e: Fix setting of RS FEC mode (bsc#1012628).
- netfilter: nftables: clone set element expression template
(bsc#1012628).
- netfilter: nft_limit: avoid possible divide error in
nft_limit_init (bsc#1012628).
- net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
(bsc#1012628).
- net: macb: fix the restore of cmp registers (bsc#1012628).
- drm/i915/display/vlv_dsi: Do not skip panel_pwr_cycle_delay
when disabling the panel (bsc#1012628).
- libbpf: Fix potential NULL pointer dereference (bsc#1012628).
- netfilter: arp_tables: add pre_exit hook for table unregister
(bsc#1012628).
- netfilter: bridge: add pre_exit hooks for ebtable unregistration
(bsc#1012628).
- libnvdimm/region: Fix nvdimm_has_flush() to handle
ND_REGION_ASYNC (bsc#1012628).
- ice: Fix potential infinite loop when using u8 loop counter
(bsc#1012628).
- netfilter: conntrack: do not print icmpv6 as unknown via /proc
(bsc#1012628).
- netfilter: flowtable: fix NAT IPv6 offload mangling
(bsc#1012628).
- ixgbe: fix unbalanced device enable/disable in suspend/resume
(bsc#1012628).
- ixgbe: Fix NULL pointer dereference in ethtool loopback test
(bsc#1012628).
- drm/vmwgfx: Make sure we unpin no longer needed buffers
(bsc#1012628).
- scsi: libsas: Reset num_scatter if libata marks qc as NODATA
(bsc#1012628).
- riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
(bsc#1012628).
- vfio/pci: Add missing range check in vfio_pci_mmap
(bsc#1012628).
- arm64: alternatives: Move length validation in
alternative_{insn, endif} (bsc#1012628).
- arm64: mte: Ensure TIF_MTE_ASYNC_FAULT is set atomically
(bsc#1012628).
- Update config files.
- arm64: fix inline asm in load_unaligned_zeropad() (bsc#1012628).
- drm/i915: Don't zero out the Y plane's watermarks (bsc#1012628).
- readdir: make sure to verify directory entry for legacy
interfaces too (bsc#1012628).
- dm verity fec: fix misaligned RS roots IO (bsc#1012628).
- HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC
type of devices (bsc#1012628).
- Input: i8042 - fix Pegatron C15B ID entry (bsc#1012628).
- Input: s6sy761 - fix coordinate read bit shift (bsc#1012628).
- net/sctp: fix race condition in sctp_destroy_sock (bsc#1012628).
- lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
(bsc#1012628).
- virt_wifi: Return micros for BSS TSF values (bsc#1012628).
- mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
(bsc#1012628).
- drm/amd/display: Add missing mask for DCN3 (bsc#1012628).
- pcnet32: Use pci_resource_len to validate PCI resource
(bsc#1012628).
- net: ieee802154: forbid monitor for add llsec seclevel
(bsc#1012628).
- net: ieee802154: stop dump llsec seclevels for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec devkey
(bsc#1012628).
- net: ieee802154: forbid monitor for add llsec devkey
(bsc#1012628).
- net: ieee802154: stop dump llsec devkeys for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec dev (bsc#1012628).
- net: ieee802154: forbid monitor for add llsec dev (bsc#1012628).
- net: ieee802154: stop dump llsec devs for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec key (bsc#1012628).
- net: ieee802154: forbid monitor for add llsec key (bsc#1012628).
- net: ieee802154: stop dump llsec keys for monitors
(bsc#1012628).
- iwlwifi: add support for Qu with AX201 device (bsc#1012628).
- scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST
state (bsc#1012628).
- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (bsc#1012628).
- drm/msm: Fix a5xx/a6xx timestamps (bsc#1012628).
- ARM: omap1: fix building with clang IAS (bsc#1012628).
- ARM: keystone: fix integer overflow warning (bsc#1012628).
- powerpc/signal32: Fix Oops on sigreturn with unmapped VDSO
(bsc#1012628).
- neighbour: Disregard DEAD dst in neigh_update (bsc#1012628).
- bpf: Take module reference for trampoline in module
(bsc#1012628).
- gpu/xen: Fix a use after free in xen_drm_drv_init (bsc#1012628).
- net: axienet: allow setups without MDIO (bsc#1012628).
- ASoC: max98373: Added 30ms turn on/off time delay (bsc#1012628).
- ASoC: max98373: Changed amp shutdown register as volatile
(bsc#1012628).
- xfrm: BEET mode doesn't support fragments for inner packets
(bsc#1012628).
- iwlwifi: Fix softirq/hardirq disabling in
iwl_pcie_enqueue_hcmd() (bsc#1012628).
- arc: kernel: Return -EFAULT if copy_to_user() fails
(bsc#1012628).
- lockdep: Add a missing initialization hint to the "INFO:
Trying to register non-static key" message (bsc#1012628).
- remoteproc: pru: Fix loading of GNU Binutils ELF (bsc#1012628).
- ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
(bsc#1012628).
- ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
(bsc#1012628).
- ACPI: x86: Call acpi_boot_table_init() after
acpi_table_upgrade() (bsc#1012628).
- dmaengine: idxd: fix wq cleanup of WQCFG registers
(bsc#1012628).
- dmaengine: idxd: clear MSIX permission entry on shutdown
(bsc#1012628).
- dmaengine: plx_dma: add a missing put_device() on error path
(bsc#1012628).
- dmaengine: Fix a double free in dma_async_device_register
(bsc#1012628).
- dmaengine: dw: Make it dependent to HAS_IOMEM (bsc#1012628).
- dmaengine: idxd: fix wq size store permission state
(bsc#1012628).
- dmaengine: idxd: fix opcap sysfs attribute output (bsc#1012628).
- dmaengine: idxd: fix delta_rec and crc size field for completion
record (bsc#1012628).
- dmaengine: idxd: Fix clobbering of SWERR overflow bit on
writeback (bsc#1012628).
- gpio: sysfs: Obey valid_mask (bsc#1012628).
- Input: nspire-keypad - enable interrupts only when opened
(bsc#1012628).
- mtd: rawnand: mtk: Fix WAITRDY break condition and timeout
(bsc#1012628).
- AMD_SFH: Add DMI quirk table for BIOS-es which don't set the
activestatus bits (bsc#1012628).
- AMD_SFH: Add sensor_mask module parameter (bsc#1012628).
- AMD_SFH: Removed unused activecontrolstatus member from the
amd_mp2_dev struct (bsc#1012628).
- commit d57ad55
- Update to 5.12-rc8
- refresh configs
- commit a71cb9a
- Linux 5.11.15 (bsc#1012628).
- net: sfp: cope with SFPs that set both LOS normal and LOS
inverted (bsc#1012628).
- perf map: Tighten snprintf() string precision to pass gcc
check on some 32-bit arches (bsc#1012628).
- netfilter: x_tables: fix compat match/target pad out-of-bound
write (bsc#1012628).
- block: don't ignore REQ_NOWAIT for direct IO (bsc#1012628).
- riscv,entry: fix misaligned base for excp_vect_table
(bsc#1012628).
- io_uring: don't mark S_ISBLK async work as unbounded
(bsc#1012628).
- null_blk: fix command timeout completion handling (bsc#1012628).
- idr test suite: Create anchor before launching throbber
(bsc#1012628).
- idr test suite: Take RCU read lock in idr_find_test_1
(bsc#1012628).
- radix tree test suite: Register the main thread with the RCU
library (bsc#1012628).
- block: only update parent bi_status when bio fail (bsc#1012628).
- radix tree test suite: Fix compilation (bsc#1012628).
- XArray: Fix splitting to non-zero orders (bsc#1012628).
- gpu: host1x: Use different lock classes for each client
(bsc#1012628).
- drm/tegra: dc: Don't set PLL clock to 0Hz (bsc#1012628).
- tools/kvm_stat: Add restart delay (bsc#1012628).
- ftrace: Check if pages were allocated before calling
free_pages() (bsc#1012628).
- gfs2: report "already frozen/thawed" errors (bsc#1012628).
- drm/imx: imx-ldb: fix out of bounds array access warning
(bsc#1012628).
- KVM: arm64: Disable guest access to trace filter controls
(bsc#1012628).
- KVM: arm64: Hide system instruction access to Trace registers
(bsc#1012628).
- gfs2: Flag a withdraw if init_threads() fails (bsc#1012628).
- interconnect: core: fix error return code of icc_link_destroy()
(bsc#1012628).
- commit 64fb5bf
- Linux 5.11.14 (bsc#1012628).
- xfrm/compat: Cleanup WARN()s that can be user-triggered
(bsc#1012628).
- ALSA: aloop: Fix initialization of controls (bsc#1012628).
- ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
(bsc#1012628).
- ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
(bsc#1012628).
- file: fix close_range() for unshare+cloexec (bsc#1012628).
- ASoC: intel: atom: Stop advertising non working S24LE support
(bsc#1012628).
- nfc: fix refcount leak in llcp_sock_bind() (bsc#1012628).
- nfc: fix refcount leak in llcp_sock_connect() (bsc#1012628).
- nfc: fix memory leak in llcp_sock_connect() (bsc#1012628).
- nfc: Avoid endless loops caused by repeated llcp_sock_connect()
(bsc#1012628).
- selinux: make nslot handling in avtab more robust (bsc#1012628).
- selinux: fix cond_list corruption when changing booleans
(bsc#1012628).
- selinux: fix race between old and new sidtab (bsc#1012628).
- xen/evtchn: Change irq_info lock to raw_spinlock_t
(bsc#1012628).
- net: ipv6: check for validity before dereferencing
cfg->fc_nlinfo.nlh (bsc#1012628).
- net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII
clock (bsc#1012628).
- net: dsa: lantiq_gswip: Don't use PHY auto polling
(bsc#1012628).
- net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG
bits (bsc#1012628).
- ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m
(bsc#1012628).
- drm/radeon: Fix size overflow (bsc#1012628).
- drm/amdgpu: Fix size overflow (bsc#1012628).
- drm/amdgpu/smu7: fix CAC setting on TOPAZ (bsc#1012628).
- rfkill: revert back to old userspace API by default
(bsc#1012628).
- cifs: escape spaces in share names (bsc#1012628).
- cifs: On cifs_reconnect, resolve the hostname again
(bsc#1012628).
- IB/hfi1: Fix probe time panic when AIP is enabled with a buggy
BIOS (bsc#1012628).
- LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
(bsc#1012628).
- gcov: re-fix clang-11+ support (bsc#1012628).
- ia64: fix user_stack_pointer() for ptrace() (bsc#1012628).
- nds32: flush_dcache_page: use page_mapping_file to avoid races
with swapoff (bsc#1012628).
- ocfs2: fix deadlock between setattr and dio_end_io_write
(bsc#1012628).
- fs: direct-io: fix missing sdio->boundary (bsc#1012628).
- ethtool: fix incorrect datatype in set_eee ops (bsc#1012628).
- of: property: fw_devlink: do not link ".*,nr-gpios"
(bsc#1012628).
- parisc: parisc-agp requires SBA IOMMU driver (bsc#1012628).
- parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
(bsc#1012628).
- ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt
pin (bsc#1012628).
- batman-adv: initialize "struct
batadv_tvlv_tt_vlan_data"->reserved field (bsc#1012628).
- ice: Continue probe on link/PHY errors (bsc#1012628).
- ice: Increase control queue timeout (bsc#1012628).
- ice: prevent ice_open and ice_stop during reset (bsc#1012628).
- ice: fix memory allocation call (bsc#1012628).
- ice: remove DCBNL_DEVRESET bit from PF state (bsc#1012628).
- ice: Fix for dereference of NULL pointer (bsc#1012628).
- ice: Use port number instead of PF ID for WoL (bsc#1012628).
- ice: Cleanup fltr list in case of allocation issues
(bsc#1012628).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices
(bsc#1012628).
- ice: fix memory leak of aRFS after resuming from suspend
(bsc#1012628).
- net: hso: fix null-ptr-deref during tty device unregistration
(bsc#1012628).
- libbpf: Fix bail out from 'ringbuf_process_ring()' on error
(bsc#1012628).
- bpf: Enforce that struct_ops programs be GPL-only (bsc#1012628).
- bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET (bsc#1012628).
- ethernet/netronome/nfp: Fix a use after free in
nfp_bpf_ctrl_msg_rx (bsc#1012628).
- libbpf: Ensure umem pointer is non-NULL before dereferencing
(bsc#1012628).
- libbpf: Restore umem state after socket create failure
(bsc#1012628).
- libbpf: Only create rx and tx XDP rings when necessary
(bsc#1012628).
- bpf: Refcount task stack in bpf_get_task_stack (bsc#1012628).
- bpf, sockmap: Fix sk->prot unhash op reset (bsc#1012628).
- bpf, sockmap: Fix incorrect fwd_alloc accounting (bsc#1012628).
- net: ensure mac header is set in virtio_net_hdr_to_skb()
(bsc#1012628).
- i40e: Fix sparse warning: missing error code 'err'
(bsc#1012628).
- i40e: Fix sparse error: 'vsi->netdev' could be null
(bsc#1012628).
- i40e: Fix sparse error: uninitialized symbol 'ring'
(bsc#1012628).
- i40e: Fix sparse errors in i40e_txrx.c (bsc#1012628).
- vdpa/mlx5: Fix suspend/resume index restoration (bsc#1012628).
- net: sched: sch_teql: fix null-pointer dereference
(bsc#1012628).
- net: sched: fix action overwrite reference counting
(bsc#1012628).
- nl80211: fix beacon head validation (bsc#1012628).
- nl80211: fix potential leak of ACL params (bsc#1012628).
- cfg80211: check S1G beacon compat element length (bsc#1012628).
- mac80211: fix time-is-after bug in mlme (bsc#1012628).
- mac80211: fix TXQ AC confusion (bsc#1012628).
- net: hsr: Reset MAC header for Tx path (bsc#1012628).
- net-ipv6: bugfix - raw & sctp - switch to
ipv6_can_nonlocal_bind() (bsc#1012628).
- net: let skb_orphan_partial wake-up waiters (bsc#1012628).
- thunderbolt: Fix a leak in tb_retimer_add() (bsc#1012628).
- thunderbolt: Fix off by one in tb_port_find_retimer()
(bsc#1012628).
- usbip: add sysfs_lock to synchronize sysfs code paths
(bsc#1012628).
- usbip: stub-dev synchronize sysfs code paths (bsc#1012628).
- usbip: vudc synchronize sysfs code paths (bsc#1012628).
- usbip: synchronize event handler with sysfs code paths
(bsc#1012628).
- driver core: Fix locking bug in
deferred_probe_timeout_work_func() (bsc#1012628).
- scsi: pm80xx: Fix chip initialization failure (bsc#1012628).
- scsi: target: iscsi: Fix zero tag inside a trace event
(bsc#1012628).
- percpu: make pcpu_nr_empty_pop_pages per chunk type
(bsc#1012628).
- i2c: turn recovery error on init to debug (bsc#1012628).
- powerpc/vdso: Make sure vdso_wrapper.o is rebuilt everytime
vdso.so is rebuilt (bsc#1012628).
- powerpc/ptrace: Don't return error when getting/setting FP
regs without CONFIG_PPC_FPU_REGS (bsc#1012628).
- KVM: x86/mmu: change TDP MMU yield function returns to match
cond_resched (bsc#1012628).
- KVM: x86/mmu: Merge flush and non-flush
tdp_mmu_iter_cond_resched (bsc#1012628).
- KVM: x86/mmu: Rename goal_gfn to next_last_level_gfn
(bsc#1012628).
- KVM: x86/mmu: Ensure forward progress when yielding in TDP
MMU iter (bsc#1012628).
- KVM: x86/mmu: Yield in TDU MMU iter even if no SPTES changed
(bsc#1012628).
- KVM: x86/mmu: Ensure TLBs are flushed when yielding during
GFN range zap (bsc#1012628).
- KVM: x86/mmu: Ensure TLBs are flushed for TDP MMU during NX
zapping (bsc#1012628).
- KVM: x86/mmu: Don't allow TDP MMU to yield when recovering NX
pages (bsc#1012628).
- KVM: x86/mmu: preserve pending TLB flush across calls to
kvm_tdp_mmu_zap_sp (bsc#1012628).
- net: sched: fix err handler in tcf_action_init() (bsc#1012628).
- ice: Refactor DCB related variables out of the ice_port_info
struct (bsc#1012628).
- ice: Recognize 860 as iSCSI port in CEE mode (bsc#1012628).
- xfrm: interface: fix ipv4 pmtu check to honor ip header df
(bsc#1012628).
- xfrm: Use actual socket sk instead of skb socket for
xfrm_output_resume (bsc#1012628).
- remoteproc: qcom: pil_info: avoid 64-bit division (bsc#1012628).
- regulator: bd9571mwv: Fix AVS and DVFS voltage range
(bsc#1012628).
- ARM: OMAP4: Fix PMIC voltage domains for bionic (bsc#1012628).
- ARM: OMAP4: PM: update ROM return address for OSWR and OFF
(bsc#1012628).
- remoteproc: pru: Fix firmware loading crashes on K3 SoCs
(bsc#1012628).
- net: xfrm: Localize sequence counter per network namespace
(bsc#1012628).
- esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
(bsc#1012628).
- ASoC: SOF: Intel: HDA: fix core status verification
(bsc#1012628).
- ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for
some chips (bsc#1012628).
- xfrm: Fix NULL pointer dereference on policy lookup
(bsc#1012628).
- virtchnl: Fix layout of RSS structures (bsc#1012628).
- i40e: Added Asym_Pause to supported link modes (bsc#1012628).
- i40e: Fix kernel oops when i40e driver removes VF's
(bsc#1012628).
- hostfs: fix memory handling in follow_link() (bsc#1012628).
- amd-xgbe: Update DMA coherency values (bsc#1012628).
- vxlan: do not modify the shared tunnel info when PMTU triggers
an ICMP reply (bsc#1012628).
- geneve: do not modify the shared tunnel info when PMTU triggers
an ICMP reply (bsc#1012628).
- sch_red: fix off-by-one checks in red_check_params()
(bsc#1012628).
- drivers/net/wan/hdlc_fr: Fix a double free in pvc_xmit
(bsc#1012628).
- arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
(bsc#1012628).
- xfrm: Provide private skb extensions for segmented and hw
offloaded ESP packets (bsc#1012628).
- can: bcm/raw: fix msg_namelen values depending on
CAN_REQUIRED_SIZE (bsc#1012628).
- can: isotp: fix msg_namelen values depending on
CAN_REQUIRED_SIZE (bsc#1012628).
- can: uapi: can.h: mark union inside struct can_frame packed
(bsc#1012628).
- mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
(bsc#1012628).
- ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
(bsc#1012628).
- gianfar: Handle error code at MAC address change (bsc#1012628).
- net: dsa: Fix type was not set for devlink port (bsc#1012628).
- clk: qcom: camcc: Update the clock ops for the SC7180
(bsc#1012628).
- cxgb4: avoid collecting SGE_QBASE regs during traffic
(bsc#1012628).
- net:tipc: Fix a double free in tipc_sk_mcast_rcv (bsc#1012628).
- ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
(bsc#1012628).
- net/ncsi: Avoid channel_monitor hrtimer deadlock (bsc#1012628).
- net: qrtr: Fix memory leak on qrtr_tx_wait failure
(bsc#1012628).
- nfp: flower: ignore duplicate merge hints from FW (bsc#1012628).
- net: phy: broadcom: Only advertise EEE for supported modes
(bsc#1012628).
- I2C: JZ4780: Fix bug for Ingenic X1000 (bsc#1012628).
- ASoC: sunxi: sun4i-codec: fill ASoC card owner (bsc#1012628).
- net/mlx5e: Fix mapping of ct_label zero (bsc#1012628).
- net/mlx5: Delete auxiliary bus driver eth-rep first
(bsc#1012628).
- net/mlx5e: Fix ethtool indication of connector type
(bsc#1012628).
- net/mlx5: Don't request more than supported EQs (bsc#1012628).
- net/mlx5e: Guarantee room for XSK wakeup NOP on async ICOSQ
(bsc#1012628).
- net/rds: Fix a use after free in rds_message_map_pages
(bsc#1012628).
- xdp: fix xdp_return_frame() kernel BUG throw for page_pool
memory model (bsc#1012628).
- soc/fsl: qbman: fix conflicting alignment attributes
(bsc#1012628).
- i40e: fix receiving of single packets in xsk zero-copy mode
(bsc#1012628).
- i40e: Fix display statistics for veb_tc (bsc#1012628).
- RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs
clt session files (bsc#1012628).
- drm/msm: Set drvdata to NULL when msm_drm_init() fails
(bsc#1012628).
- net: udp: Add support for getsockopt(..., ..., UDP_GRO, ...,
...); (bsc#1012628).
- mptcp: forbit mcast-related sockopt on MPTCP sockets
(bsc#1012628).
- mptcp: revert "mptcp: provide subflow aware release function"
(bsc#1012628).
- scsi: ufs: core: Fix task management request completion timeout
(bsc#1012628).
- scsi: ufs: core: Fix wrong Task Tag used in task management
request UPIUs (bsc#1012628).
- drm/msm/disp/dpu1: program 3d_merge only if block is attached
(bsc#1012628).
- Revert "arm64: dts: marvell: armada-cp110: Switch to per-port
SATA interrupts" (bsc#1012628).
- ARM: dts: turris-omnia: fix hardware buffer management
(bsc#1012628).
- net: cls_api: Fix uninitialised struct field
bo->unlocked_driver_cb (bsc#1012628).
- net: macb: restore cmp registers on resume path (bsc#1012628).
- clk: fix invalid usage of list cursor in register (bsc#1012628).
- clk: fix invalid usage of list cursor in unregister
(bsc#1012628).
- workqueue: Move the position of debug_work_activate() in
__queue_work() (bsc#1012628).
- s390/cpcmd: fix inline assembly register clobbering
(bsc#1012628).
- perf inject: Fix repipe usage (bsc#1012628).
- openvswitch: fix send of uninitialized stack memory in ct
limit reply (bsc#1012628).
- i2c: designware: Adjust bus_freq_hz when refuse high speed
mode set (bsc#1012628).
- iwlwifi: fix 11ax disabled bit in the regulatory capability
flags (bsc#1012628).
- can: mcp251x: fix support for half duplex SPI host controllers
(bsc#1012628).
- platform/x86: intel-hid: Fix spurious wakeups caused by
tablet-mode events during suspend (bsc#1012628).
- tipc: increment the tmp aead refcnt before attaching it
(bsc#1012628).
- net: hns3: clear VF down state bit before request link status
(bsc#1012628).
- net/mlx5: Fix HW spec violation configuring uplink
(bsc#1012628).
- net/mlx5: Fix placement of log_max_flow_counter (bsc#1012628).
- net/mlx5: Fix PPLM register mapping (bsc#1012628).
- net/mlx5: Fix PBMC register mapping (bsc#1012628).
- RDMA/cxgb4: check for ipv6 address properly while destroying
listener (bsc#1012628).
- perf report: Fix wrong LBR block sorting (bsc#1012628).
- RDMA/qedr: Fix kernel panic when trying to access recv_cq
(bsc#1012628).
- drm/vc4: crtc: Reduce PV fifo threshold on hvs4 (bsc#1012628).
- i40e: Fix parameters in aq_get_phy_register() (bsc#1012628).
- RDMA/addr: Be strict with gid size (bsc#1012628).
- vdpa/mlx5: should exclude header length and fcs from mtu
(bsc#1012628).
- vdpa/mlx5: Fix wrong use of bit numbers (bsc#1012628).
- RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1012628).
- clk: socfpga: fix iomem pointer cast on 64-bit (bsc#1012628).
- lockdep: Address clang -Wformat warning printing for %hd
(bsc#1012628).
- dt-bindings: net: ethernet-controller: fix typo in NVMEM
(bsc#1012628).
- net: sched: bump refcount for new action in ACT replace mode
(bsc#1012628).
- x86/traps: Correct exc_general_protection() and math_error()
return paths (bsc#1012628).
- gpiolib: Read "gpio-line-names" from a firmware node
(bsc#1012628).
- cfg80211: remove WARN_ON() in cfg80211_sme_connect
(bsc#1012628).
- net: tun: set tun->dev->addr_len during TUNSETLINK processing
(bsc#1012628).
- drivers: net: fix memory leak in atusb_probe (bsc#1012628).
- drivers: net: fix memory leak in peak_usb_create_dev
(bsc#1012628).
- net: mac802154: Fix general protection fault (bsc#1012628).
- net: ieee802154: nl-mac: fix check on panid (bsc#1012628).
- net: ieee802154: fix nl802154 del llsec key (bsc#1012628).
- net: ieee802154: fix nl802154 del llsec dev (bsc#1012628).
- net: ieee802154: fix nl802154 add llsec key (bsc#1012628).
- net: ieee802154: fix nl802154 del llsec devkey (bsc#1012628).
- net: ieee802154: forbid monitor for set llsec params
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec seclevel
(bsc#1012628).
- net: ieee802154: stop dump llsec params for monitors
(bsc#1012628).
- Revert "net: sched: bump refcount for new action in ACT replace
mode" (bsc#1012628).
- commit f68b7e1
- rpm/check-for-config-changes: remove stale comment
It is stale since 8ab393bf905a committed in 2005 :).
- commit c9f9f5a
- rpm/mkspec: Use tilde instead of dot for version string with rc (bsc#1184650)
- commit f37613f
- rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514)
The devel package requires the kernel binary package itself for building
modules externally.
- commit 794be7b
- Update to 5.12-rc7
- commit bd61ada
- drm/msm: a6xx: fix version check for the A650 SQE microcode
(git-fixes).
- commit b15020c
- Linux 5.11.13 (bsc#1012628).
- init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM
(bsc#1012628).
- Update config files.
- bpf, x86: Validate computation of branch displacements for
x86-32 (bsc#1012628).
- bpf, x86: Validate computation of branch displacements for
x86-64 (bsc#1012628).
- tools/resolve_btfids: Add /libbpf to .gitignore (bsc#1012628).
- kbuild: Do not clean resolve_btfids if the output does not exist
(bsc#1012628).
- kbuild: Add resolve_btfids clean to root clean target
(bsc#1012628).
- tools/resolve_btfids: Set srctree variable unconditionally
(bsc#1012628).
- tools/resolve_btfids: Check objects before removing
(bsc#1012628).
- tools/resolve_btfids: Build libbpf and libsubcmd in separate
directories (bsc#1012628).
- math: Export mul_u64_u64_div_u64 (bsc#1012628).
- io_uring: fix timeout cancel return code (bsc#1012628).
- cifs: Silently ignore unknown oplock break handle (bsc#1012628).
- cifs: revalidate mapping when we open files for SMB1 POSIX
(bsc#1012628).
- ia64: fix format strings for err_inject (bsc#1012628).
- ia64: mca: allocate early mca with GFP_ATOMIC (bsc#1012628).
- selftests/vm: fix out-of-tree build (bsc#1012628).
- arm64: kernel: disable CNP on Carmel (bsc#1012628).
- Update config files.
- scsi: target: pscsi: Clean up after failure in pscsi_map_sg()
(bsc#1012628).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation
(bsc#1012628).
- platform/x86: intel_pmc_core: Ignore GBE LTR on Tiger Lake
platforms (bsc#1012628).
- platform/x86: intel_pmt_class: Initial resource to 0
(bsc#1012628).
- block: clear GD_NEED_PART_SCAN later in bdev_disk_changed
(bsc#1012628).
- x86/build: Turn off -fcf-protection for realmode targets
(bsc#1012628).
- drm/msm/disp/dpu1: icc path needs to be set before dpu runtime
resume (bsc#1012628).
- kselftest/arm64: sve: Do not use non-canonical FFR register
value (bsc#1012628).
- platform/x86: thinkpad_acpi: Allow the FnLock LED to change
state (bsc#1012628).
- net: ipa: fix init header command validation (bsc#1012628).
- netfilter: nftables: skip hook overlap logic if flowtable is
stale (bsc#1012628).
- netfilter: conntrack: Fix gre tunneling over ipv6 (bsc#1012628).
- drm/msm: Ratelimit invalid-fence message (bsc#1012628).
- drm/msm/adreno: a5xx_power: Don't apply A540 lm_setup to other
GPUs (bsc#1012628).
- drm/msm/dsi_pll_7nm: Fix variable usage for pll_lockdet_rate
(bsc#1012628).
- mac80211: choose first enabled channel for monitor
(bsc#1012628).
- mac80211: Check crypto_aead_encrypt for errors (bsc#1012628).
- can: kvaser_usb: Add support for USBcan Pro 4xHS (bsc#1012628).
- net: arcnet: com20020 fix error handling (bsc#1012628).
- mISDN: fix crash in fritzpci (bsc#1012628).
- kunit: tool: Fix a python tuple typing error (bsc#1012628).
- net: pxa168_eth: Fix a potential data race in pxa168_eth_remove
(bsc#1012628).
- net/mlx5e: Enforce minimum value check for ICOSQ size
(bsc#1012628).
- bpf, x86: Use kvmalloc_array instead kmalloc_array in
bpf_jit_comp (bsc#1012628).
- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
(bsc#1012628).
- drm/msm: a6xx: Make sure the SQE microcode is safe
(bsc#1012628).
- bus: ti-sysc: Fix warning on unbind if reset is not deasserted
(bsc#1012628).
- ARM: dts: am33xx: add aliases for mmc interfaces (bsc#1012628).
- commit 0ea11a6
- rpm/check-for-config-changes: Also ignore AS_VERSION added in 5.12.
- commit bd64cb2
- post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388).
- commit 18f65df
- Update
patches.kernel.org/5.11.9-100-perf-x86-intel-Fix-a-crash-caused-by-zero-PEB…
(bsc#1012628 CVE-2021-28971 bsc#1184196).
Add a CVE reference.
- commit 1b6b086
- Linux 5.11.12 (bsc#1012628).
- arm64: mm: correct the inside linear map range during hotplug
check (bsc#1012628).
- virtiofs: Fail dax mount if device does not support it
(bsc#1012628).
- ext4: shrink race window in ext4_should_retry_alloc()
(bsc#1012628).
- ext4: fix bh ref count on error paths (bsc#1012628).
- fs: nfsd: fix kconfig dependency warning for NFSD_V4
(bsc#1012628).
- rpc: fix NULL dereference on kmalloc failure (bsc#1012628).
- iomap: Fix negative assignment to unsigned sis->pages in
iomap_swapfile_activate (bsc#1012628).
- ASoC: rt1015: fix i2c communication error (bsc#1012628).
- ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by
a factor of 10 (bsc#1012628).
- ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by
a factor of 10 (bsc#1012628).
- ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default
value on probe (bsc#1012628).
- ASoC: es8316: Simplify adc_pga_gain_tlv table (bsc#1012628).
- ASoC: soc-core: Prevent warning if no DMI table is present
(bsc#1012628).
- ASoC: cs42l42: Fix Bitclock polarity inversion (bsc#1012628).
- ASoC: cs42l42: Fix channel width support (bsc#1012628).
- ASoC: cs42l42: Fix mixer volume control (bsc#1012628).
- ASoC: cs42l42: Always wait at least 3ms after reset
(bsc#1012628).
- NFSD: fix error handling in NFSv4.0 callbacks (bsc#1012628).
- ASoC: mediatek: mt8192: fix tdm out data is valid on rising edge
(bsc#1012628).
- kernel: freezer should treat PF_IO_WORKER like PF_KTHREAD for
freezing (bsc#1012628).
- vhost: Fix vhost_vq_reset() (bsc#1012628).
- io_uring: fix ->flags races by linked timeouts (bsc#1012628).
- io_uring: halt SQO submission on ctx exit (bsc#1012628).
- scsi: st: Fix a use after free in st_open() (bsc#1012628).
- scsi: qla2xxx: Fix broken #endif placement (bsc#1012628).
- staging: comedi: cb_pcidas: fix request_irq() warn
(bsc#1012628).
- staging: comedi: cb_pcidas64: fix request_irq() warn
(bsc#1012628).
- ASoC: rt5659: Update MCLK rate in set_sysclk() (bsc#1012628).
- ASoC: rt711: add snd_soc_component remove callback
(bsc#1012628).
- thermal/core: Add NULL pointer check before using cooling
device stats (bsc#1012628).
- locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling
(bsc#1012628).
- locking/ww_mutex: Fix acquire/release imbalance in
ww_acquire_init()/ww_acquire_fini() (bsc#1012628).
- nvmet-tcp: fix kmap leak when data digest in use (bsc#1012628).
- io_uring: imply MSG_NOSIGNAL for send[msg]()/recv[msg]() calls
(bsc#1012628).
- Revert "PM: ACPI: reboot: Use S5 for reboot" (bsc#1012628).
- nouveau: Skip unvailable ttm page entries (bsc#1012628).
- static_call: Align static_call_is_init() patching condition
(bsc#1012628).
- ext4: do not iput inode under running transaction in
ext4_rename() (bsc#1012628).
- io_uring: call req_set_fail_links() on short
send[msg]()/recv[msg]() with MSG_WAITALL (bsc#1012628).
- net: mvpp2: fix interrupt mask/unmask skip condition
(bsc#1012628).
- mptcp: deliver ssk errors to msk (bsc#1012628).
- mptcp: fix poll after shutdown (bsc#1012628).
- mptcp: init mptcp request socket earlier (bsc#1012628).
- mptcp: add a missing retransmission timer scheduling
(bsc#1012628).
- flow_dissector: fix TTL and TOS dissection on IPv4 fragments
(bsc#1012628).
- mptcp: fix DATA_FIN processing for orphaned sockets
(bsc#1012628).
- mptcp: provide subflow aware release function (bsc#1012628).
- can: dev: move driver related infrastructure into separate
subdir (bsc#1012628).
- net: introduce CAN specific pointer in the struct net_device
(bsc#1012628).
- mptcp: fix race in release_cb (bsc#1012628).
- net: bonding: fix error return code of bond_neigh_init()
(bsc#1012628).
- mptcp: fix bit MPTCP_PUSH_PENDING tests (bsc#1012628).
- can: tcan4x5x: fix max register value (bsc#1012628).
- brcmfmac: clear EAP/association status bits on linkdown events
(bsc#1012628).
- ath11k: add ieee80211_unregister_hw to avoid kernel crash
caused by NULL pointer (bsc#1012628).
- rtw88: coex: 8821c: correct antenna switch function
(bsc#1012628).
- netdevsim: dev: Initialize FIB module after debugfs
(bsc#1012628).
- iwlwifi: pcie: don't disable interrupts for reg_lock
(bsc#1012628).
- ath10k: hold RCU lock when calling
ieee80211_find_sta_by_ifaddr() (bsc#1012628).
- net: ethernet: aquantia: Handle error cleanup of start on open
(bsc#1012628).
- appletalk: Fix skb allocation size in loopback case
(bsc#1012628).
- net: ipa: remove two unused register definitions (bsc#1012628).
- net: ipa: use a separate pointer for adjusted GSI memory
(bsc#1012628).
- net: ipa: fix register write command validation (bsc#1012628).
- net: wan/lmc: unregister device when no matching device is found
(bsc#1012628).
- net: 9p: advance iov on empty read (bsc#1012628).
- bpf: Remove MTU check in __bpf_skb_max_len (bsc#1012628).
- ACPI: tables: x86: Reserve memory occupied by ACPI tables
(bsc#1012628).
- ACPI: processor: Fix CPU0 wakeup in acpi_idle_play_dead()
(bsc#1012628).
- ACPI: scan: Fix _STA getting called on devices with unmet
dependencies (bsc#1012628).
- ALSA: usb-audio: Apply sample rate quirk to Logitech Connect
(bsc#1012628).
- ALSA: hda: Re-add dropped snd_poewr_change_state() calls
(bsc#1012628).
- ALSA: hda: Add missing sanity checks in PM prepare/complete
callbacks (bsc#1012628).
- ALSA: hda/realtek: fix a determine_headset_type issue for a
Dell AIO (bsc#1012628).
- ALSA: hda/realtek: call alc_update_headset_mode() in
hp_automute_hook (bsc#1012628).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 640 G8
(bsc#1012628).
- xtensa: fix uaccess-related livelock in do_page_fault
(bsc#1012628).
- xtensa: move coprocessor_flush to the .text section
(bsc#1012628).
- KVM: SVM: load control fields from VMCB12 before checking them
(bsc#1012628).
- KVM: SVM: ensure that EFER.SVME is set when running nested
guest or on nested vmexit (bsc#1012628).
- PM: runtime: Fix race getting/putting suppliers at probe
(bsc#1012628).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers()
(bsc#1012628).
- tracing: Fix stack trace event size (bsc#1012628).
- s390/vdso: copy tod_steering_delta value to vdso_data page
(bsc#1012628).
- s390/vdso: fix tod_steering_delta type (bsc#1012628).
- drm/ttm: make ttm_bo_unpin more defensive (bsc#1012628).
- mm: fix race by making init_zero_pfn() early_initcall
(bsc#1012628).
- drm/amdkfd: dqm fence memory corruption (bsc#1012628).
- drm/amd/pm: no need to force MCLK to highest when no display
connected (bsc#1012628).
- drm/amdgpu/vangogh: don't check for dpm in is_dpm_running when
in suspend (bsc#1012628).
- drm/amdgpu: fix offset calculation in
amdgpu_vm_bo_clear_mappings() (bsc#1012628).
- drm/amdgpu: Set a suitable dev_info.gart_page_size
(bsc#1012628).
- drm/amdgpu: check alignment on CPU page for bo map
(bsc#1012628).
- reiserfs: update reiserfs_xattrs_initialized() condition
(bsc#1012628).
- drm/imx: fix memory leak when fails to init (bsc#1012628).
- drm/tegra: dc: Restore coupling of display controllers
(bsc#1012628).
- drm/tegra: sor: Grab runtime PM reference across reset
(bsc#1012628).
- vfio/nvlink: Add missing SPAPR_TCE_IOMMU depends (bsc#1012628).
- pinctrl: microchip-sgpio: Fix wrong register offset for IRQ
trigger (bsc#1012628).
- pinctrl: rockchip: fix restore error in resume (bsc#1012628).
- pinctrl: qcom: sc7280: Fix SDC_QDSD_PINGROUP and UFS_RESET
offsets (bsc#1012628).
- pinctrl: qcom: sc7280: Fix SDC1_RCLK configurations
(bsc#1012628).
- pinctrl: qcom: lpass lpi: use default pullup/strength values
(bsc#1012628).
- pinctrl: qcom: fix unintentional string concatenation
(bsc#1012628).
- extcon: Add stubs for extcon_register_notifier_all() functions
(bsc#1012628).
- extcon: Fix error handling in extcon_dev_register (bsc#1012628).
- firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL
to 0 (bsc#1012628).
- powerpc/pseries/mobility: use struct for shared state
(bsc#1012628).
- powerpc/pseries/mobility: handle premature return from H_JOIN
(bsc#1012628).
- usb: dwc3: pci: Enable dis_uX_susphy_quirk for Intel Merrifield
(bsc#1012628).
- video: hyperv_fb: Fix a double free in hvfb_probe (bsc#1012628).
- powerpc/mm/book3s64: Use the correct storage key value when
calling H_PROTECT (bsc#1012628).
- usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control()
(bsc#1012628).
- USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
(bsc#1012628).
- usb: musb: Fix suspend with devices connected for a64
(bsc#1012628).
- usb: xhci-mtk: fix broken streams issue on 0.96 xHCI
(bsc#1012628).
- cdc-acm: fix BREAK rx code path adding necessary calls
(bsc#1012628).
- USB: cdc-acm: untangle a circular dependency between callback
and softint (bsc#1012628).
- USB: cdc-acm: downgrade message to debug (bsc#1012628).
- USB: cdc-acm: fix double free on probe failure (bsc#1012628).
- USB: cdc-acm: fix use-after-free after probe failure
(bsc#1012628).
- usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference
(bsc#1012628).
- usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board
(bsc#1012628).
- usb: dwc2: Prevent core suspend when port connection flag is 0
(bsc#1012628).
- usb: dwc3: qcom: skip interconnect init for ACPI probe
(bsc#1012628).
- usb: dwc3: gadget: Clear DEP flags after stop transfers in ep
disable (bsc#1012628).
- soc: qcom-geni-se: Cleanup the code to remove proxy votes
(bsc#1012628).
- staging: rtl8192e: Fix incorrect source in memcpy()
(bsc#1012628).
- staging: rtl8192e: Change state information from u16 to u8
(bsc#1012628).
- driver core: clear deferred probe reason on probe retry
(bsc#1012628).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
(bsc#1012628).
- riscv: evaluate put_user() arg before enabling user access
(bsc#1012628).
- io_uring: do ctx sqd ejection in a clear context (bsc#1012628).
- Revert "kernel: freezer should treat PF_IO_WORKER like
PF_KTHREAD for freezing" (bsc#1012628).
- Revert "net: bonding: fix error return code of
bond_neigh_init()" (bsc#1012628).
- commit 92a542e
- config.conf: reenable armv6/armv7 configs
(all modules, otherwise same settings like arm64)
- commit d115d63
- arm64: add debug config with KASAN enabled (bsc#1183716)
- commit b68cba9
- firewire: nosy: Fix a use-after-free bug in nosy_ioctl()
(CVE-2021-3483 bsc#1184393).
- commit c90d8a9
- drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
- commit 6dbaa20
- arm64: enable and update config for 5.12
- commit 0a5586c
- Update to 5.12-rc6
- commit b5f88e6
==== libical ====
Version update (3.0.9 -> 3.0.10)
- update to 3.0.10:
* Fix generating wrong recurrence rules
* Fix a bug computing transitions in tzfiles
* Fix reading TZif files to use TZ string in the footer as the last
(non-terminating) transitions
* Fix reading TZif files to use more RRULEs and/or RDATEs whevever possible
* Built-in timezones updated to tzdata2021a
==== libical-glib ====
Version update (3.0.9 -> 3.0.10)
- update to 3.0.10:
* Fix generating wrong recurrence rules
* Fix a bug computing transitions in tzfiles
* Fix reading TZif files to use TZ string in the footer as the last
(non-terminating) transitions
* Fix reading TZif files to use more RRULEs and/or RDATEs whevever possible
* Built-in timezones updated to tzdata2021a
==== libinput ====
Version update (1.17.1 -> 1.17.2)
- Update to release 1.17.2
* Fix sensitivity for Dell Latitude 7490 pointing-stick
* Add palm size quirk for the Gigabyte Aero 15
==== libzypp ====
Version update (17.25.9 -> 17.25.10)
- Properly handle permission denied when providing optional files
(bsc#1185239)
- Fix sevice detection with cgroupv2 (bsc#1184997)
- version 17.25.10 (22)
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Local (SUSE) change: update iscsi.service so that it tries to
logon to any "onboot" and firmware targets, in case a target
was offline when booted but back up when the service is started.
(bsc#1153806)
- Merged with latest from upstream, which contains these fixes:
* Add "no wait" option to iscsiadm firmware login
* Check for ISCSI_ERR_ISCSID_NOTCONN in iscsistart
* Log proper error message when AUTH failure occurs
==== python38 ====
Version update (3.8.8 -> 3.8.9)
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== python38-core ====
Version update (3.8.8 -> 3.8.9)
Subpackages: libpython3_8-1_0 python38-base
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== samba ====
Version update (4.14.2+git.159.2a8872214bf -> 4.14.4+git.162.18fd73a39a0)
Subpackages: libdcerpc-binding0 libdcerpc0 libndr-krb5pac0 libndr-nbt0 libndr-standard0 libndr1 libnetapi0 libsamba-credentials1 libsamba-errors0 libsamba-hostconfig0 libsamba-passdb0 libsamba-util0 libsamdb0 libsmbclient0 libsmbconf0 libsmbldap2 libtevent-util0 libwbclient0 samba-client samba-libs samba-libs-python3
- Update to 4.14.4
* CVE-2021-20254: Fix buffer overrun in sids_to_unixids();
(bso#14571); (bsc#1184677).
- Update to 4.14.3
* s3:modules:vfs_virusfilter: Recent New_VFS changes break
vfs_virusfilter_openat; (bso#14671).
* build: Notice if flex is missing at configure time; (bso#14586).
* Fix smbd panic when two clients open same file; (bso#14672).
* Fix memory leak in the RPC server; (bso#14675).
* s3: smbd: fix deferred renames; (bso#14679).
* s3-iremotewinspool: Set the per-request memory context;
(bso#14675)
* Fix memory leak in the RPC server; (bso#14675).
* third_party: Update socket_wrapper to version 1.3.2;
(bso#11899).
* third_party: Update socket_wrapper to version 1.3.3;
(bso#14640).
* samba-gpupdate: Test that sysvol paths download in
case-insensitive way; (bso#14665).
* smbd: Ensure errno is preserved across fsp destructor;
(bso#14662).
* idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
conflict; (bso#14663).
* build: Only add -Wl,--as-needed when supported; (bso#14288).
==== shim ====
- Split the keys in vendor-dbx.bin to vendor-dbx-sles and
vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce
the size of MokListXRT (bsc#1185261)
+ Also update generate-vendor-dbx.sh in dbx-cert.tar.xz
==== snapper ====
Subpackages: libsnapper5
- added systemd sandboxing for services
==== zypper ====
Version update (1.14.43 -> 1.14.44)
Subpackages: zypper-needs-restarting
- Rephrase needs-rebooting help and messages.
Try to point out that the need to reboot was not necessarily
triggered by the current transaction.
- man page: Recommend the needs-rebooting command to test whether
a system reboot is suggested.
- patch: Let a patch's reboot-needed flag overrule included packages
(bsc#1183268)
- Quickfix setting "openSUSE_Tumbleweed" as default platform for
"MicroOS" (bsc#1153687)
This fixes the guessed platform for "obs://<project>/" URLs.
- Protect against strict/relaxed user umask via sudo (bsc#1183589)
- zypper-log: protect against thread name indicators in a log.
- xml summary: add solvables repository alias (bsc#1182372)
- version 1.14.44
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
autofs (5.1.6 -> 5.1.7)
coreutils
haproxy (2.3.9+git1.afb63bc04 -> 2.3.10+git0.4764f0e4e)
iproute2 (5.11 -> 5.12)
kernel-source (5.11.11 -> 5.12.0)
libzypp (17.25.9 -> 17.25.10)
open-iscsi
python38 (3.8.8 -> 3.8.9)
python38-core (3.8.8 -> 3.8.9)
shim
snapper
yomi-formula (0.0.1+git.1604593202.a2c22bf -> 0.0.1+git.1619170188.fa52819)
zypper (1.14.43 -> 1.14.44)
=== Details ===
==== autofs ====
Version update (5.1.6 -> 5.1.7)
- Upgrade to 5.1.7
- make bind mounts propagation slave by default.
- update ldap READMEs and schema definitions.
- fix program map multi-mount lookup after mount fail.
- fix browse dir not re-created on symlink expire.
- fix a regression with map instance lookup.
- correct fsf address.
- samples: fix Makefile targets' directory dependencies
- remove intr hosts map mount option.
- fix trailing dollar sun entry expansion.
- initialize struct addrinfo for getaddrinfo() calls.
- fix quoted string length calc in expandsunent().
- fix autofs mount options construction.
- mount_nfs.c fix local rdma share not mounting.
- configure.in: Remove unneeded second call to PKG_PROG_PKG_CONFIG.
- configure.in: Do not append parentheses to PKG_PROG_PKG_CONFIG.
- Use PKG_CHECK_MODULES to detect the libxml2 library.
- fix ldap sasl reconnect problem.
- samples/ldap.schema fix.
- fix configure force shutdown check.
- fix crash in sun_mount().
- fix lookup_nss_read_master() nsswicth check return.
- fix typo in open_sss_lib().
- fix sss_master_map_wait timing.
- add sss ECONREFUSED return handling.
- use mapname in sss context for setautomntent().
- add support for new sss autofs proto version call.
- fix retries check in setautomntent_wait().
- refactor sss setautomntent().
- improve sss setautomntent() error handling.
- refactor sss getautomntent().
- improve sss getautomntent() error handling.
- sss introduce calculate_retry_count() function.
- move readall into struct master.
- sss introduce a flag to indicate map being read.
- update sss timeout documentation.
- refactor sss getautomntbyname().
- improve sss getautomntbyname() error handling.
- use a valid timeout in lookup_prune_one_cache().
- dont prune offset map entries.
- simplify sss source stale check.
- include linux/nfs.h directly in rpc_subs.h.
- fix typo in daemon/automount.c.
- fix direct mount unlink_mount_tree() path.
- fix unlink mounts umount order.
- fix incorrect logical compare in unlink_mount_tree().
- use bit flag for force unlink mounts.
- improve force unlink option description.
- remove command fifo on autofs mount fail.
- add force unlink mounts and exit option.
- cleanup stale logpri fifo pipes on unlink and exit.
- fix incorrect systemctl command syntax in autofs(8).
- update list.h.
- add hashtable implementation.
- change mountpoint to mp in struct ext_mount.
- make external mounts independent of amd_entry.
- make external mounts use simpler hashtable.
- add a hash index to mnt_list.
- use mnt_list for submounts.
- use mnt_list for amdmounts.
- make umount_autofs() static.
- remove force parameter from umount_all().
- fix remount expire.
- fix stale offset directories disable mount.
- use struct mnt_list to track mounted mounts.
- use struct mnt_list mounted list for expire.
- remove unused function tree_get_mnt_list().
- only add expre alarm for active mounts.
- move submount check into conditional_alarm_add().
- move lib/master.c to daemon/master.c.
- use master_list_empty() for list empty check.
- add helper to construct mount point path.
- check defaults_read_config() return.
- move AUTOFS_LIB to end of build rule lines.
- make autofs.a a shared library.
- make lookup_file.c nss map read status return handling consistent.
- fix empty mounts list return from unlink_mount_tree().
- Refreshed autofs-5.1.1-dbus-udisks-monitor.patch
- Replaced automount-fix-master-wait.patch with upstream patch
autofs-5.1.7-Fix-option-for-master_read_wait.patch
==== coreutils ====
- Use new packageand format
- coreutils-tests-fix-FP-in-ls-stat-free-color.patch: Add upstream patch
to avoid FP in testsuite.
- coreutils.spec:
- Reference the above patch.
- Change keyring URL to new GNU coreutils Group Release Keyring.
- coreutils.keyring: Update with the Group Release Keyring.
==== haproxy ====
Version update (2.3.9+git1.afb63bc04 -> 2.3.10+git0.4764f0e4e)
- Update to version 2.3.10+git0.4764f0e4e:
* [RELEASE] Released version 2.3.10
* BUG/MEDIUM: peers: re-work refcnt on table to protect against flush
* BUG/MEDIUM: peers: re-work connection to new process during reload.
* BUG/MINOR: peers: remove useless table check if initial resync is finished
* BUG/MEDIUM: mux-h2: Properly handle shutdowns when received with data
* BUG/MINOR: mworker: don't use oldpids[] anymore for reload
* BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases
* BUG/MEDIUM: config: fix cpu-map notation with both process and threads
* BUG/MEDIUM: mux-h2: Fix dfl calculation when merging CONTINUATION frames
* BUG/MAJOR: mux-h2: Properly detect too large frames when decoding headers
* BUG/MINOR: server: free srv.lb_nodes in free_server
* BUG/MINOR: mux-h1: Release idle server H1 connection if data are received
* BUG/MINOR: logs: Report the true number of retries if there was no connection
* BUG/MINOR: http_htx: Remove BUG_ON() from http_get_stline() function
* BUG/MINOR: http-fetch: Make method smp safe if headers were already forwarded
* BUG/MINOR: ssl-samples: Fix ssl_bc_* samples when called from a health-check
* MINOR: connection: Make bc_http_major compatible with tcp-checks
* BUG/MINOR: connection: Fix fc_http_major and bc_http_major for TCP connections
* MINOR: logs: Add support of checks as session origin to format lf strings
* BUG/MINOR: checks: Set missing id to the dummy checks frontend
* BUG/MEDIUM: threads: Ignore current thread to end its harmless period
* DOC: ssl: Certificate hot update only works on fronted certificates
* BUG/MEDIUM: sample: Fix adjusting size in field converter
* MINOR: No longer rely on deprecated sample fetches for predefined ACLs
* DOC: clarify that compression works for HTTP/2
* BUG/MINOR: tools: fix parsing "us" unit for timers
* CONTRIB: halog: fix issue with array of type char
* REGTESTS: ssl: mark set_ssl_cert_bundle.vtc as broken
* DOC: Explicitly state only IPv4 are supported by forwardfor/originalto options
* REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
* BUG/MINOR: ssl: Add missing free on SSL_CTX in ckch_inst_free
* BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields
* BUG/MINOR: ssl: Prevent removal of crt-list line if the instance is a default one
* BUG/MINOR: ssl: Fix update of default certificate
* BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS
* BUG/MINOR: tcp: fix silent-drop workaround for IPv6
==== iproute2 ====
Version update (5.11 -> 5.12)
- Update to release 5.12
* devlink: Use library provided string processing APIs
* utils: Introduce helper routines for generic socket recv
* q_cake: Fix incorrect printing of signed values in class statistics
* json_print: Add print_tv()
* nexthop: Add support for nexthop buckets
* nexthop: Add support for resilient nexthop groups
* ip: xfrm: add support for tfcpad
* tc: e_bpf: fix memory leak in parse_bpf()
* lib: bpf_legacy: treat 0 as a valid file descriptor
* ip: drop 2-char command assumption
* bridge: vlan: dump port only if there are any vlans
==== kernel-source ====
Version update (5.11.11 -> 5.12.0)
- rpm/constraints.in: remove aarch64 disk size exception
obs://Kernel:stable/kernel-default/ARM/aarch64 currrently fails:
installing package kernel-default-livepatch-devel-5.12.0-3.1.g6208a83.aarch64 needs 3MB more space on the / filesystem
The stats say:
Maximal used disk space: 31799 Mbyte
By default, we require 35G. For aarch64 we had an exception to lower
this limit to 30G there. Drop this exception as it is obviously no
longer valid.
- commit ee00b50
- series.conf: cleanup
- fix Patch-mainline tag and move to "almost mainline" section:
patches.suse/crypto-ccp-Annotate-SEV-Firmware-file-names.patch
- commit 3a48ed8
- crypto: ccp: Annotate SEV Firmware file names (bsc#1185282).
- commit 66154b6
- Update to 5.12 final
- refresh configs (headers only)
- commit 9683115
- rpm/kernel-binary.spec.in: Require new enough pahole.
pahole 1.21 is required for building line-next BTF
- commit 8df1aaa
- rpm/macros.kernel-source: fix KMP failure in %install (bsc#1185244)
- commit 52805ed
- rpm/kernel-obs-build.spec.in: Include essiv with dm-crypt (boo#1183063).
Previously essiv was part of dm-crypt but now it is separate.
Include the module in kernel-obs-build when available.
Fixes: 7cf5b9e26d87 ("rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup")
- commit fe15b78
- Revert "rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514)"
This turned out to be a bad idea: the kernel-$flavor-devel package
must be usable without kernel-$flavor, e.g. at the build of a KMP.
And this change brought superfluous installation of kernel-preempt
when a system had kernel-syms (bsc#1185113).
- commit d771304
- rpm/check-for-config-changes: add AS_HAS_* to ignores
arch/arm64/Kconfig defines a lot of these. So far our current compilers
seem to support them all. But it can quickly change with SLE later.
- commit a4d8194
- Linux 5.11.16 (bsc#1012628).
- bpf: Move sanitize_val_alu out of op switch (bsc#1012628).
- bpf: Improve verifier error messages for users (bsc#1012628).
- bpf: Rework ptr_limit into alu_limit and add common error path
(bsc#1012628).
- ARM: 9071/1: uprobes: Don't hook on thumb instructions
(bsc#1012628).
- bpf: Move off_reg into sanitize_ptr_alu (bsc#1012628).
- bpf: Ensure off_reg has no mixed signed bounds for all types
(bsc#1012628).
- r8169: don't advertise pause in jumbo mode (bsc#1012628).
- r8169: tweak max read request size for newer chips also in
jumbo mtu mode (bsc#1012628).
- kasan: remove redundant config option (bsc#1012628).
- kasan: fix hwasan build for gcc (bsc#1012628).
- KVM: VMX: Don't use vcpu->run->internal.ndata as an array index
(bsc#1012628).
- KVM: VMX: Convert vcpu_vmx.exit_reason to a union (bsc#1012628).
- bpf: Use correct permission flag for mixed signed bounds
arithmetic (bsc#1012628).
- arm64: dts: allwinner: h6: beelink-gs1: Remove ext. 32 kHz
osc reference (bsc#1012628).
- arm64: dts: allwinner: Fix SD card CD GPIO for SOPine systems
(bsc#1012628).
- ARM: OMAP2+: Fix uninitialized sr_inst (bsc#1012628).
- ARM: footbridge: fix PCI interrupt mapping (bsc#1012628).
- ARM: 9069/1: NOMMU: Fix conversion for_each_membock() to
for_each_mem_range() (bsc#1012628).
- ARM: 9063/1: mm: reduce maximum number of CPUs if
DEBUG_KMAP_LOCAL is enabled (bsc#1012628).
- ARM: OMAP2+: Fix warning for omap_init_time_of() (bsc#1012628).
- gro: ensure frag0 meets IP header alignment (bsc#1012628).
- ch_ktls: do not send snd_una update to TCB in middle
(bsc#1012628).
- ch_ktls: tcb close causes tls connection failure (bsc#1012628).
- ch_ktls: fix device connection close (bsc#1012628).
- ch_ktls: Fix kernel panic (bsc#1012628).
- ibmvnic: remove duplicate napi_schedule call in open function
(bsc#1012628).
- ibmvnic: remove duplicate napi_schedule call in do_reset
function (bsc#1012628).
- ibmvnic: avoid calling napi_disable() twice (bsc#1012628).
- ia64: tools: remove inclusion of ia64-specific version of
errno.h header (bsc#1012628).
- ia64: remove duplicate entries in generic_defconfig
(bsc#1012628).
- ethtool: pause: make sure we init driver stats (bsc#1012628).
- i40e: fix the panic when running bpf in xdpdrv mode
(bsc#1012628).
- ibmvnic: correctly use dev_consume/free_skb_irq (bsc#1012628).
- net: Make tcp_allowed_congestion_control readonly in non-init
netns (bsc#1012628).
- mm: ptdump: fix build failure (bsc#1012628).
- net: ip6_tunnel: Unregister catch-all devices (bsc#1012628).
- net: sit: Unregister catch-all devices (bsc#1012628).
- net: phy: marvell: fix detection of PHY on Topaz switches
(bsc#1012628).
- net: davicom: Fix regulator not turned off on failed probe
(bsc#1012628).
- net/mlx5e: Fix setting of RS FEC mode (bsc#1012628).
- netfilter: nftables: clone set element expression template
(bsc#1012628).
- netfilter: nft_limit: avoid possible divide error in
nft_limit_init (bsc#1012628).
- net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
(bsc#1012628).
- net: macb: fix the restore of cmp registers (bsc#1012628).
- drm/i915/display/vlv_dsi: Do not skip panel_pwr_cycle_delay
when disabling the panel (bsc#1012628).
- libbpf: Fix potential NULL pointer dereference (bsc#1012628).
- netfilter: arp_tables: add pre_exit hook for table unregister
(bsc#1012628).
- netfilter: bridge: add pre_exit hooks for ebtable unregistration
(bsc#1012628).
- libnvdimm/region: Fix nvdimm_has_flush() to handle
ND_REGION_ASYNC (bsc#1012628).
- ice: Fix potential infinite loop when using u8 loop counter
(bsc#1012628).
- netfilter: conntrack: do not print icmpv6 as unknown via /proc
(bsc#1012628).
- netfilter: flowtable: fix NAT IPv6 offload mangling
(bsc#1012628).
- ixgbe: fix unbalanced device enable/disable in suspend/resume
(bsc#1012628).
- ixgbe: Fix NULL pointer dereference in ethtool loopback test
(bsc#1012628).
- drm/vmwgfx: Make sure we unpin no longer needed buffers
(bsc#1012628).
- scsi: libsas: Reset num_scatter if libata marks qc as NODATA
(bsc#1012628).
- riscv: Fix spelling mistake "SPARSEMEM" to "SPARSMEM"
(bsc#1012628).
- vfio/pci: Add missing range check in vfio_pci_mmap
(bsc#1012628).
- arm64: alternatives: Move length validation in
alternative_{insn, endif} (bsc#1012628).
- arm64: mte: Ensure TIF_MTE_ASYNC_FAULT is set atomically
(bsc#1012628).
- Update config files.
- arm64: fix inline asm in load_unaligned_zeropad() (bsc#1012628).
- drm/i915: Don't zero out the Y plane's watermarks (bsc#1012628).
- readdir: make sure to verify directory entry for legacy
interfaces too (bsc#1012628).
- dm verity fec: fix misaligned RS roots IO (bsc#1012628).
- HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC
type of devices (bsc#1012628).
- Input: i8042 - fix Pegatron C15B ID entry (bsc#1012628).
- Input: s6sy761 - fix coordinate read bit shift (bsc#1012628).
- net/sctp: fix race condition in sctp_destroy_sock (bsc#1012628).
- lib: fix kconfig dependency on ARCH_WANT_FRAME_POINTERS
(bsc#1012628).
- virt_wifi: Return micros for BSS TSF values (bsc#1012628).
- mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
(bsc#1012628).
- drm/amd/display: Add missing mask for DCN3 (bsc#1012628).
- pcnet32: Use pci_resource_len to validate PCI resource
(bsc#1012628).
- net: ieee802154: forbid monitor for add llsec seclevel
(bsc#1012628).
- net: ieee802154: stop dump llsec seclevels for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec devkey
(bsc#1012628).
- net: ieee802154: forbid monitor for add llsec devkey
(bsc#1012628).
- net: ieee802154: stop dump llsec devkeys for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec dev (bsc#1012628).
- net: ieee802154: forbid monitor for add llsec dev (bsc#1012628).
- net: ieee802154: stop dump llsec devs for monitors
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec key (bsc#1012628).
- net: ieee802154: forbid monitor for add llsec key (bsc#1012628).
- net: ieee802154: stop dump llsec keys for monitors
(bsc#1012628).
- iwlwifi: add support for Qu with AX201 device (bsc#1012628).
- scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST
state (bsc#1012628).
- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (bsc#1012628).
- drm/msm: Fix a5xx/a6xx timestamps (bsc#1012628).
- ARM: omap1: fix building with clang IAS (bsc#1012628).
- ARM: keystone: fix integer overflow warning (bsc#1012628).
- powerpc/signal32: Fix Oops on sigreturn with unmapped VDSO
(bsc#1012628).
- neighbour: Disregard DEAD dst in neigh_update (bsc#1012628).
- bpf: Take module reference for trampoline in module
(bsc#1012628).
- gpu/xen: Fix a use after free in xen_drm_drv_init (bsc#1012628).
- net: axienet: allow setups without MDIO (bsc#1012628).
- ASoC: max98373: Added 30ms turn on/off time delay (bsc#1012628).
- ASoC: max98373: Changed amp shutdown register as volatile
(bsc#1012628).
- xfrm: BEET mode doesn't support fragments for inner packets
(bsc#1012628).
- iwlwifi: Fix softirq/hardirq disabling in
iwl_pcie_enqueue_hcmd() (bsc#1012628).
- arc: kernel: Return -EFAULT if copy_to_user() fails
(bsc#1012628).
- lockdep: Add a missing initialization hint to the "INFO:
Trying to register non-static key" message (bsc#1012628).
- remoteproc: pru: Fix loading of GNU Binutils ELF (bsc#1012628).
- ARM: dts: Fix moving mmc devices with aliases for omap4 & 5
(bsc#1012628).
- ARM: dts: Drop duplicate sha2md5_fck to fix clk_disable race
(bsc#1012628).
- ACPI: x86: Call acpi_boot_table_init() after
acpi_table_upgrade() (bsc#1012628).
- dmaengine: idxd: fix wq cleanup of WQCFG registers
(bsc#1012628).
- dmaengine: idxd: clear MSIX permission entry on shutdown
(bsc#1012628).
- dmaengine: plx_dma: add a missing put_device() on error path
(bsc#1012628).
- dmaengine: Fix a double free in dma_async_device_register
(bsc#1012628).
- dmaengine: dw: Make it dependent to HAS_IOMEM (bsc#1012628).
- dmaengine: idxd: fix wq size store permission state
(bsc#1012628).
- dmaengine: idxd: fix opcap sysfs attribute output (bsc#1012628).
- dmaengine: idxd: fix delta_rec and crc size field for completion
record (bsc#1012628).
- dmaengine: idxd: Fix clobbering of SWERR overflow bit on
writeback (bsc#1012628).
- gpio: sysfs: Obey valid_mask (bsc#1012628).
- Input: nspire-keypad - enable interrupts only when opened
(bsc#1012628).
- mtd: rawnand: mtk: Fix WAITRDY break condition and timeout
(bsc#1012628).
- AMD_SFH: Add DMI quirk table for BIOS-es which don't set the
activestatus bits (bsc#1012628).
- AMD_SFH: Add sensor_mask module parameter (bsc#1012628).
- AMD_SFH: Removed unused activecontrolstatus member from the
amd_mp2_dev struct (bsc#1012628).
- commit d57ad55
- Update to 5.12-rc8
- refresh configs
- commit a71cb9a
- Linux 5.11.15 (bsc#1012628).
- net: sfp: cope with SFPs that set both LOS normal and LOS
inverted (bsc#1012628).
- perf map: Tighten snprintf() string precision to pass gcc
check on some 32-bit arches (bsc#1012628).
- netfilter: x_tables: fix compat match/target pad out-of-bound
write (bsc#1012628).
- block: don't ignore REQ_NOWAIT for direct IO (bsc#1012628).
- riscv,entry: fix misaligned base for excp_vect_table
(bsc#1012628).
- io_uring: don't mark S_ISBLK async work as unbounded
(bsc#1012628).
- null_blk: fix command timeout completion handling (bsc#1012628).
- idr test suite: Create anchor before launching throbber
(bsc#1012628).
- idr test suite: Take RCU read lock in idr_find_test_1
(bsc#1012628).
- radix tree test suite: Register the main thread with the RCU
library (bsc#1012628).
- block: only update parent bi_status when bio fail (bsc#1012628).
- radix tree test suite: Fix compilation (bsc#1012628).
- XArray: Fix splitting to non-zero orders (bsc#1012628).
- gpu: host1x: Use different lock classes for each client
(bsc#1012628).
- drm/tegra: dc: Don't set PLL clock to 0Hz (bsc#1012628).
- tools/kvm_stat: Add restart delay (bsc#1012628).
- ftrace: Check if pages were allocated before calling
free_pages() (bsc#1012628).
- gfs2: report "already frozen/thawed" errors (bsc#1012628).
- drm/imx: imx-ldb: fix out of bounds array access warning
(bsc#1012628).
- KVM: arm64: Disable guest access to trace filter controls
(bsc#1012628).
- KVM: arm64: Hide system instruction access to Trace registers
(bsc#1012628).
- gfs2: Flag a withdraw if init_threads() fails (bsc#1012628).
- interconnect: core: fix error return code of icc_link_destroy()
(bsc#1012628).
- commit 64fb5bf
- Linux 5.11.14 (bsc#1012628).
- xfrm/compat: Cleanup WARN()s that can be user-triggered
(bsc#1012628).
- ALSA: aloop: Fix initialization of controls (bsc#1012628).
- ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1
(bsc#1012628).
- ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
(bsc#1012628).
- file: fix close_range() for unshare+cloexec (bsc#1012628).
- ASoC: intel: atom: Stop advertising non working S24LE support
(bsc#1012628).
- nfc: fix refcount leak in llcp_sock_bind() (bsc#1012628).
- nfc: fix refcount leak in llcp_sock_connect() (bsc#1012628).
- nfc: fix memory leak in llcp_sock_connect() (bsc#1012628).
- nfc: Avoid endless loops caused by repeated llcp_sock_connect()
(bsc#1012628).
- selinux: make nslot handling in avtab more robust (bsc#1012628).
- selinux: fix cond_list corruption when changing booleans
(bsc#1012628).
- selinux: fix race between old and new sidtab (bsc#1012628).
- xen/evtchn: Change irq_info lock to raw_spinlock_t
(bsc#1012628).
- net: ipv6: check for validity before dereferencing
cfg->fc_nlinfo.nlh (bsc#1012628).
- net: dsa: lantiq_gswip: Let GSWIP automatically set the xMII
clock (bsc#1012628).
- net: dsa: lantiq_gswip: Don't use PHY auto polling
(bsc#1012628).
- net: dsa: lantiq_gswip: Configure all remaining GSWIP_MII_CFG
bits (bsc#1012628).
- ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m
(bsc#1012628).
- drm/radeon: Fix size overflow (bsc#1012628).
- drm/amdgpu: Fix size overflow (bsc#1012628).
- drm/amdgpu/smu7: fix CAC setting on TOPAZ (bsc#1012628).
- rfkill: revert back to old userspace API by default
(bsc#1012628).
- cifs: escape spaces in share names (bsc#1012628).
- cifs: On cifs_reconnect, resolve the hostname again
(bsc#1012628).
- IB/hfi1: Fix probe time panic when AIP is enabled with a buggy
BIOS (bsc#1012628).
- LOOKUP_MOUNTPOINT: we are cleaning "jumped" flag too late
(bsc#1012628).
- gcov: re-fix clang-11+ support (bsc#1012628).
- ia64: fix user_stack_pointer() for ptrace() (bsc#1012628).
- nds32: flush_dcache_page: use page_mapping_file to avoid races
with swapoff (bsc#1012628).
- ocfs2: fix deadlock between setattr and dio_end_io_write
(bsc#1012628).
- fs: direct-io: fix missing sdio->boundary (bsc#1012628).
- ethtool: fix incorrect datatype in set_eee ops (bsc#1012628).
- of: property: fw_devlink: do not link ".*,nr-gpios"
(bsc#1012628).
- parisc: parisc-agp requires SBA IOMMU driver (bsc#1012628).
- parisc: avoid a warning on u8 cast for cmpxchg on u8 pointers
(bsc#1012628).
- ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt
pin (bsc#1012628).
- batman-adv: initialize "struct
batadv_tvlv_tt_vlan_data"->reserved field (bsc#1012628).
- ice: Continue probe on link/PHY errors (bsc#1012628).
- ice: Increase control queue timeout (bsc#1012628).
- ice: prevent ice_open and ice_stop during reset (bsc#1012628).
- ice: fix memory allocation call (bsc#1012628).
- ice: remove DCBNL_DEVRESET bit from PF state (bsc#1012628).
- ice: Fix for dereference of NULL pointer (bsc#1012628).
- ice: Use port number instead of PF ID for WoL (bsc#1012628).
- ice: Cleanup fltr list in case of allocation issues
(bsc#1012628).
- iwlwifi: pcie: properly set LTR workarounds on 22000 devices
(bsc#1012628).
- ice: fix memory leak of aRFS after resuming from suspend
(bsc#1012628).
- net: hso: fix null-ptr-deref during tty device unregistration
(bsc#1012628).
- libbpf: Fix bail out from 'ringbuf_process_ring()' on error
(bsc#1012628).
- bpf: Enforce that struct_ops programs be GPL-only (bsc#1012628).
- bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET (bsc#1012628).
- ethernet/netronome/nfp: Fix a use after free in
nfp_bpf_ctrl_msg_rx (bsc#1012628).
- libbpf: Ensure umem pointer is non-NULL before dereferencing
(bsc#1012628).
- libbpf: Restore umem state after socket create failure
(bsc#1012628).
- libbpf: Only create rx and tx XDP rings when necessary
(bsc#1012628).
- bpf: Refcount task stack in bpf_get_task_stack (bsc#1012628).
- bpf, sockmap: Fix sk->prot unhash op reset (bsc#1012628).
- bpf, sockmap: Fix incorrect fwd_alloc accounting (bsc#1012628).
- net: ensure mac header is set in virtio_net_hdr_to_skb()
(bsc#1012628).
- i40e: Fix sparse warning: missing error code 'err'
(bsc#1012628).
- i40e: Fix sparse error: 'vsi->netdev' could be null
(bsc#1012628).
- i40e: Fix sparse error: uninitialized symbol 'ring'
(bsc#1012628).
- i40e: Fix sparse errors in i40e_txrx.c (bsc#1012628).
- vdpa/mlx5: Fix suspend/resume index restoration (bsc#1012628).
- net: sched: sch_teql: fix null-pointer dereference
(bsc#1012628).
- net: sched: fix action overwrite reference counting
(bsc#1012628).
- nl80211: fix beacon head validation (bsc#1012628).
- nl80211: fix potential leak of ACL params (bsc#1012628).
- cfg80211: check S1G beacon compat element length (bsc#1012628).
- mac80211: fix time-is-after bug in mlme (bsc#1012628).
- mac80211: fix TXQ AC confusion (bsc#1012628).
- net: hsr: Reset MAC header for Tx path (bsc#1012628).
- net-ipv6: bugfix - raw & sctp - switch to
ipv6_can_nonlocal_bind() (bsc#1012628).
- net: let skb_orphan_partial wake-up waiters (bsc#1012628).
- thunderbolt: Fix a leak in tb_retimer_add() (bsc#1012628).
- thunderbolt: Fix off by one in tb_port_find_retimer()
(bsc#1012628).
- usbip: add sysfs_lock to synchronize sysfs code paths
(bsc#1012628).
- usbip: stub-dev synchronize sysfs code paths (bsc#1012628).
- usbip: vudc synchronize sysfs code paths (bsc#1012628).
- usbip: synchronize event handler with sysfs code paths
(bsc#1012628).
- driver core: Fix locking bug in
deferred_probe_timeout_work_func() (bsc#1012628).
- scsi: pm80xx: Fix chip initialization failure (bsc#1012628).
- scsi: target: iscsi: Fix zero tag inside a trace event
(bsc#1012628).
- percpu: make pcpu_nr_empty_pop_pages per chunk type
(bsc#1012628).
- i2c: turn recovery error on init to debug (bsc#1012628).
- powerpc/vdso: Make sure vdso_wrapper.o is rebuilt everytime
vdso.so is rebuilt (bsc#1012628).
- powerpc/ptrace: Don't return error when getting/setting FP
regs without CONFIG_PPC_FPU_REGS (bsc#1012628).
- KVM: x86/mmu: change TDP MMU yield function returns to match
cond_resched (bsc#1012628).
- KVM: x86/mmu: Merge flush and non-flush
tdp_mmu_iter_cond_resched (bsc#1012628).
- KVM: x86/mmu: Rename goal_gfn to next_last_level_gfn
(bsc#1012628).
- KVM: x86/mmu: Ensure forward progress when yielding in TDP
MMU iter (bsc#1012628).
- KVM: x86/mmu: Yield in TDU MMU iter even if no SPTES changed
(bsc#1012628).
- KVM: x86/mmu: Ensure TLBs are flushed when yielding during
GFN range zap (bsc#1012628).
- KVM: x86/mmu: Ensure TLBs are flushed for TDP MMU during NX
zapping (bsc#1012628).
- KVM: x86/mmu: Don't allow TDP MMU to yield when recovering NX
pages (bsc#1012628).
- KVM: x86/mmu: preserve pending TLB flush across calls to
kvm_tdp_mmu_zap_sp (bsc#1012628).
- net: sched: fix err handler in tcf_action_init() (bsc#1012628).
- ice: Refactor DCB related variables out of the ice_port_info
struct (bsc#1012628).
- ice: Recognize 860 as iSCSI port in CEE mode (bsc#1012628).
- xfrm: interface: fix ipv4 pmtu check to honor ip header df
(bsc#1012628).
- xfrm: Use actual socket sk instead of skb socket for
xfrm_output_resume (bsc#1012628).
- remoteproc: qcom: pil_info: avoid 64-bit division (bsc#1012628).
- regulator: bd9571mwv: Fix AVS and DVFS voltage range
(bsc#1012628).
- ARM: OMAP4: Fix PMIC voltage domains for bionic (bsc#1012628).
- ARM: OMAP4: PM: update ROM return address for OSWR and OFF
(bsc#1012628).
- remoteproc: pru: Fix firmware loading crashes on K3 SoCs
(bsc#1012628).
- net: xfrm: Localize sequence counter per network namespace
(bsc#1012628).
- esp: delete NETIF_F_SCTP_CRC bit from features for esp offload
(bsc#1012628).
- ASoC: SOF: Intel: HDA: fix core status verification
(bsc#1012628).
- ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for
some chips (bsc#1012628).
- xfrm: Fix NULL pointer dereference on policy lookup
(bsc#1012628).
- virtchnl: Fix layout of RSS structures (bsc#1012628).
- i40e: Added Asym_Pause to supported link modes (bsc#1012628).
- i40e: Fix kernel oops when i40e driver removes VF's
(bsc#1012628).
- hostfs: fix memory handling in follow_link() (bsc#1012628).
- amd-xgbe: Update DMA coherency values (bsc#1012628).
- vxlan: do not modify the shared tunnel info when PMTU triggers
an ICMP reply (bsc#1012628).
- geneve: do not modify the shared tunnel info when PMTU triggers
an ICMP reply (bsc#1012628).
- sch_red: fix off-by-one checks in red_check_params()
(bsc#1012628).
- drivers/net/wan/hdlc_fr: Fix a double free in pvc_xmit
(bsc#1012628).
- arm64: dts: imx8mm/q: Fix pad control of SD1_DATA0
(bsc#1012628).
- xfrm: Provide private skb extensions for segmented and hw
offloaded ESP packets (bsc#1012628).
- can: bcm/raw: fix msg_namelen values depending on
CAN_REQUIRED_SIZE (bsc#1012628).
- can: isotp: fix msg_namelen values depending on
CAN_REQUIRED_SIZE (bsc#1012628).
- can: uapi: can.h: mark union inside struct can_frame packed
(bsc#1012628).
- mlxsw: spectrum: Fix ECN marking in tunnel decapsulation
(bsc#1012628).
- ethernet: myri10ge: Fix a use after free in myri10ge_sw_tso
(bsc#1012628).
- gianfar: Handle error code at MAC address change (bsc#1012628).
- net: dsa: Fix type was not set for devlink port (bsc#1012628).
- clk: qcom: camcc: Update the clock ops for the SC7180
(bsc#1012628).
- cxgb4: avoid collecting SGE_QBASE regs during traffic
(bsc#1012628).
- net:tipc: Fix a double free in tipc_sk_mcast_rcv (bsc#1012628).
- ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
(bsc#1012628).
- net/ncsi: Avoid channel_monitor hrtimer deadlock (bsc#1012628).
- net: qrtr: Fix memory leak on qrtr_tx_wait failure
(bsc#1012628).
- nfp: flower: ignore duplicate merge hints from FW (bsc#1012628).
- net: phy: broadcom: Only advertise EEE for supported modes
(bsc#1012628).
- I2C: JZ4780: Fix bug for Ingenic X1000 (bsc#1012628).
- ASoC: sunxi: sun4i-codec: fill ASoC card owner (bsc#1012628).
- net/mlx5e: Fix mapping of ct_label zero (bsc#1012628).
- net/mlx5: Delete auxiliary bus driver eth-rep first
(bsc#1012628).
- net/mlx5e: Fix ethtool indication of connector type
(bsc#1012628).
- net/mlx5: Don't request more than supported EQs (bsc#1012628).
- net/mlx5e: Guarantee room for XSK wakeup NOP on async ICOSQ
(bsc#1012628).
- net/rds: Fix a use after free in rds_message_map_pages
(bsc#1012628).
- xdp: fix xdp_return_frame() kernel BUG throw for page_pool
memory model (bsc#1012628).
- soc/fsl: qbman: fix conflicting alignment attributes
(bsc#1012628).
- i40e: fix receiving of single packets in xsk zero-copy mode
(bsc#1012628).
- i40e: Fix display statistics for veb_tc (bsc#1012628).
- RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs
clt session files (bsc#1012628).
- drm/msm: Set drvdata to NULL when msm_drm_init() fails
(bsc#1012628).
- net: udp: Add support for getsockopt(..., ..., UDP_GRO, ...,
...); (bsc#1012628).
- mptcp: forbit mcast-related sockopt on MPTCP sockets
(bsc#1012628).
- mptcp: revert "mptcp: provide subflow aware release function"
(bsc#1012628).
- scsi: ufs: core: Fix task management request completion timeout
(bsc#1012628).
- scsi: ufs: core: Fix wrong Task Tag used in task management
request UPIUs (bsc#1012628).
- drm/msm/disp/dpu1: program 3d_merge only if block is attached
(bsc#1012628).
- Revert "arm64: dts: marvell: armada-cp110: Switch to per-port
SATA interrupts" (bsc#1012628).
- ARM: dts: turris-omnia: fix hardware buffer management
(bsc#1012628).
- net: cls_api: Fix uninitialised struct field
bo->unlocked_driver_cb (bsc#1012628).
- net: macb: restore cmp registers on resume path (bsc#1012628).
- clk: fix invalid usage of list cursor in register (bsc#1012628).
- clk: fix invalid usage of list cursor in unregister
(bsc#1012628).
- workqueue: Move the position of debug_work_activate() in
__queue_work() (bsc#1012628).
- s390/cpcmd: fix inline assembly register clobbering
(bsc#1012628).
- perf inject: Fix repipe usage (bsc#1012628).
- openvswitch: fix send of uninitialized stack memory in ct
limit reply (bsc#1012628).
- i2c: designware: Adjust bus_freq_hz when refuse high speed
mode set (bsc#1012628).
- iwlwifi: fix 11ax disabled bit in the regulatory capability
flags (bsc#1012628).
- can: mcp251x: fix support for half duplex SPI host controllers
(bsc#1012628).
- platform/x86: intel-hid: Fix spurious wakeups caused by
tablet-mode events during suspend (bsc#1012628).
- tipc: increment the tmp aead refcnt before attaching it
(bsc#1012628).
- net: hns3: clear VF down state bit before request link status
(bsc#1012628).
- net/mlx5: Fix HW spec violation configuring uplink
(bsc#1012628).
- net/mlx5: Fix placement of log_max_flow_counter (bsc#1012628).
- net/mlx5: Fix PPLM register mapping (bsc#1012628).
- net/mlx5: Fix PBMC register mapping (bsc#1012628).
- RDMA/cxgb4: check for ipv6 address properly while destroying
listener (bsc#1012628).
- perf report: Fix wrong LBR block sorting (bsc#1012628).
- RDMA/qedr: Fix kernel panic when trying to access recv_cq
(bsc#1012628).
- drm/vc4: crtc: Reduce PV fifo threshold on hvs4 (bsc#1012628).
- i40e: Fix parameters in aq_get_phy_register() (bsc#1012628).
- RDMA/addr: Be strict with gid size (bsc#1012628).
- vdpa/mlx5: should exclude header length and fcs from mtu
(bsc#1012628).
- vdpa/mlx5: Fix wrong use of bit numbers (bsc#1012628).
- RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1012628).
- clk: socfpga: fix iomem pointer cast on 64-bit (bsc#1012628).
- lockdep: Address clang -Wformat warning printing for %hd
(bsc#1012628).
- dt-bindings: net: ethernet-controller: fix typo in NVMEM
(bsc#1012628).
- net: sched: bump refcount for new action in ACT replace mode
(bsc#1012628).
- x86/traps: Correct exc_general_protection() and math_error()
return paths (bsc#1012628).
- gpiolib: Read "gpio-line-names" from a firmware node
(bsc#1012628).
- cfg80211: remove WARN_ON() in cfg80211_sme_connect
(bsc#1012628).
- net: tun: set tun->dev->addr_len during TUNSETLINK processing
(bsc#1012628).
- drivers: net: fix memory leak in atusb_probe (bsc#1012628).
- drivers: net: fix memory leak in peak_usb_create_dev
(bsc#1012628).
- net: mac802154: Fix general protection fault (bsc#1012628).
- net: ieee802154: nl-mac: fix check on panid (bsc#1012628).
- net: ieee802154: fix nl802154 del llsec key (bsc#1012628).
- net: ieee802154: fix nl802154 del llsec dev (bsc#1012628).
- net: ieee802154: fix nl802154 add llsec key (bsc#1012628).
- net: ieee802154: fix nl802154 del llsec devkey (bsc#1012628).
- net: ieee802154: forbid monitor for set llsec params
(bsc#1012628).
- net: ieee802154: forbid monitor for del llsec seclevel
(bsc#1012628).
- net: ieee802154: stop dump llsec params for monitors
(bsc#1012628).
- Revert "net: sched: bump refcount for new action in ACT replace
mode" (bsc#1012628).
- commit f68b7e1
- rpm/check-for-config-changes: remove stale comment
It is stale since 8ab393bf905a committed in 2005 :).
- commit c9f9f5a
- rpm/mkspec: Use tilde instead of dot for version string with rc (bsc#1184650)
- commit f37613f
- rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514)
The devel package requires the kernel binary package itself for building
modules externally.
- commit 794be7b
- Update to 5.12-rc7
- commit bd61ada
- drm/msm: a6xx: fix version check for the A650 SQE microcode
(git-fixes).
- commit b15020c
- Linux 5.11.13 (bsc#1012628).
- init/Kconfig: make COMPILE_TEST depend on HAS_IOMEM
(bsc#1012628).
- Update config files.
- bpf, x86: Validate computation of branch displacements for
x86-32 (bsc#1012628).
- bpf, x86: Validate computation of branch displacements for
x86-64 (bsc#1012628).
- tools/resolve_btfids: Add /libbpf to .gitignore (bsc#1012628).
- kbuild: Do not clean resolve_btfids if the output does not exist
(bsc#1012628).
- kbuild: Add resolve_btfids clean to root clean target
(bsc#1012628).
- tools/resolve_btfids: Set srctree variable unconditionally
(bsc#1012628).
- tools/resolve_btfids: Check objects before removing
(bsc#1012628).
- tools/resolve_btfids: Build libbpf and libsubcmd in separate
directories (bsc#1012628).
- math: Export mul_u64_u64_div_u64 (bsc#1012628).
- io_uring: fix timeout cancel return code (bsc#1012628).
- cifs: Silently ignore unknown oplock break handle (bsc#1012628).
- cifs: revalidate mapping when we open files for SMB1 POSIX
(bsc#1012628).
- ia64: fix format strings for err_inject (bsc#1012628).
- ia64: mca: allocate early mca with GFP_ATOMIC (bsc#1012628).
- selftests/vm: fix out-of-tree build (bsc#1012628).
- arm64: kernel: disable CNP on Carmel (bsc#1012628).
- Update config files.
- scsi: target: pscsi: Clean up after failure in pscsi_map_sg()
(bsc#1012628).
- ptp_qoriq: fix overflow in ptp_qoriq_adjfine() u64 calcalation
(bsc#1012628).
- platform/x86: intel_pmc_core: Ignore GBE LTR on Tiger Lake
platforms (bsc#1012628).
- platform/x86: intel_pmt_class: Initial resource to 0
(bsc#1012628).
- block: clear GD_NEED_PART_SCAN later in bdev_disk_changed
(bsc#1012628).
- x86/build: Turn off -fcf-protection for realmode targets
(bsc#1012628).
- drm/msm/disp/dpu1: icc path needs to be set before dpu runtime
resume (bsc#1012628).
- kselftest/arm64: sve: Do not use non-canonical FFR register
value (bsc#1012628).
- platform/x86: thinkpad_acpi: Allow the FnLock LED to change
state (bsc#1012628).
- net: ipa: fix init header command validation (bsc#1012628).
- netfilter: nftables: skip hook overlap logic if flowtable is
stale (bsc#1012628).
- netfilter: conntrack: Fix gre tunneling over ipv6 (bsc#1012628).
- drm/msm: Ratelimit invalid-fence message (bsc#1012628).
- drm/msm/adreno: a5xx_power: Don't apply A540 lm_setup to other
GPUs (bsc#1012628).
- drm/msm/dsi_pll_7nm: Fix variable usage for pll_lockdet_rate
(bsc#1012628).
- mac80211: choose first enabled channel for monitor
(bsc#1012628).
- mac80211: Check crypto_aead_encrypt for errors (bsc#1012628).
- can: kvaser_usb: Add support for USBcan Pro 4xHS (bsc#1012628).
- net: arcnet: com20020 fix error handling (bsc#1012628).
- mISDN: fix crash in fritzpci (bsc#1012628).
- kunit: tool: Fix a python tuple typing error (bsc#1012628).
- net: pxa168_eth: Fix a potential data race in pxa168_eth_remove
(bsc#1012628).
- net/mlx5e: Enforce minimum value check for ICOSQ size
(bsc#1012628).
- bpf, x86: Use kvmalloc_array instead kmalloc_array in
bpf_jit_comp (bsc#1012628).
- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
(bsc#1012628).
- drm/msm: a6xx: Make sure the SQE microcode is safe
(bsc#1012628).
- bus: ti-sysc: Fix warning on unbind if reset is not deasserted
(bsc#1012628).
- ARM: dts: am33xx: add aliases for mmc interfaces (bsc#1012628).
- commit 0ea11a6
- rpm/check-for-config-changes: Also ignore AS_VERSION added in 5.12.
- commit bd64cb2
- post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388).
- commit 18f65df
- Update
patches.kernel.org/5.11.9-100-perf-x86-intel-Fix-a-crash-caused-by-zero-PEB…
(bsc#1012628 CVE-2021-28971 bsc#1184196).
Add a CVE reference.
- commit 1b6b086
- Linux 5.11.12 (bsc#1012628).
- arm64: mm: correct the inside linear map range during hotplug
check (bsc#1012628).
- virtiofs: Fail dax mount if device does not support it
(bsc#1012628).
- ext4: shrink race window in ext4_should_retry_alloc()
(bsc#1012628).
- ext4: fix bh ref count on error paths (bsc#1012628).
- fs: nfsd: fix kconfig dependency warning for NFSD_V4
(bsc#1012628).
- rpc: fix NULL dereference on kmalloc failure (bsc#1012628).
- iomap: Fix negative assignment to unsigned sis->pages in
iomap_swapfile_activate (bsc#1012628).
- ASoC: rt1015: fix i2c communication error (bsc#1012628).
- ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by
a factor of 10 (bsc#1012628).
- ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by
a factor of 10 (bsc#1012628).
- ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default
value on probe (bsc#1012628).
- ASoC: es8316: Simplify adc_pga_gain_tlv table (bsc#1012628).
- ASoC: soc-core: Prevent warning if no DMI table is present
(bsc#1012628).
- ASoC: cs42l42: Fix Bitclock polarity inversion (bsc#1012628).
- ASoC: cs42l42: Fix channel width support (bsc#1012628).
- ASoC: cs42l42: Fix mixer volume control (bsc#1012628).
- ASoC: cs42l42: Always wait at least 3ms after reset
(bsc#1012628).
- NFSD: fix error handling in NFSv4.0 callbacks (bsc#1012628).
- ASoC: mediatek: mt8192: fix tdm out data is valid on rising edge
(bsc#1012628).
- kernel: freezer should treat PF_IO_WORKER like PF_KTHREAD for
freezing (bsc#1012628).
- vhost: Fix vhost_vq_reset() (bsc#1012628).
- io_uring: fix ->flags races by linked timeouts (bsc#1012628).
- io_uring: halt SQO submission on ctx exit (bsc#1012628).
- scsi: st: Fix a use after free in st_open() (bsc#1012628).
- scsi: qla2xxx: Fix broken #endif placement (bsc#1012628).
- staging: comedi: cb_pcidas: fix request_irq() warn
(bsc#1012628).
- staging: comedi: cb_pcidas64: fix request_irq() warn
(bsc#1012628).
- ASoC: rt5659: Update MCLK rate in set_sysclk() (bsc#1012628).
- ASoC: rt711: add snd_soc_component remove callback
(bsc#1012628).
- thermal/core: Add NULL pointer check before using cooling
device stats (bsc#1012628).
- locking/ww_mutex: Simplify use_ww_ctx & ww_ctx handling
(bsc#1012628).
- locking/ww_mutex: Fix acquire/release imbalance in
ww_acquire_init()/ww_acquire_fini() (bsc#1012628).
- nvmet-tcp: fix kmap leak when data digest in use (bsc#1012628).
- io_uring: imply MSG_NOSIGNAL for send[msg]()/recv[msg]() calls
(bsc#1012628).
- Revert "PM: ACPI: reboot: Use S5 for reboot" (bsc#1012628).
- nouveau: Skip unvailable ttm page entries (bsc#1012628).
- static_call: Align static_call_is_init() patching condition
(bsc#1012628).
- ext4: do not iput inode under running transaction in
ext4_rename() (bsc#1012628).
- io_uring: call req_set_fail_links() on short
send[msg]()/recv[msg]() with MSG_WAITALL (bsc#1012628).
- net: mvpp2: fix interrupt mask/unmask skip condition
(bsc#1012628).
- mptcp: deliver ssk errors to msk (bsc#1012628).
- mptcp: fix poll after shutdown (bsc#1012628).
- mptcp: init mptcp request socket earlier (bsc#1012628).
- mptcp: add a missing retransmission timer scheduling
(bsc#1012628).
- flow_dissector: fix TTL and TOS dissection on IPv4 fragments
(bsc#1012628).
- mptcp: fix DATA_FIN processing for orphaned sockets
(bsc#1012628).
- mptcp: provide subflow aware release function (bsc#1012628).
- can: dev: move driver related infrastructure into separate
subdir (bsc#1012628).
- net: introduce CAN specific pointer in the struct net_device
(bsc#1012628).
- mptcp: fix race in release_cb (bsc#1012628).
- net: bonding: fix error return code of bond_neigh_init()
(bsc#1012628).
- mptcp: fix bit MPTCP_PUSH_PENDING tests (bsc#1012628).
- can: tcan4x5x: fix max register value (bsc#1012628).
- brcmfmac: clear EAP/association status bits on linkdown events
(bsc#1012628).
- ath11k: add ieee80211_unregister_hw to avoid kernel crash
caused by NULL pointer (bsc#1012628).
- rtw88: coex: 8821c: correct antenna switch function
(bsc#1012628).
- netdevsim: dev: Initialize FIB module after debugfs
(bsc#1012628).
- iwlwifi: pcie: don't disable interrupts for reg_lock
(bsc#1012628).
- ath10k: hold RCU lock when calling
ieee80211_find_sta_by_ifaddr() (bsc#1012628).
- net: ethernet: aquantia: Handle error cleanup of start on open
(bsc#1012628).
- appletalk: Fix skb allocation size in loopback case
(bsc#1012628).
- net: ipa: remove two unused register definitions (bsc#1012628).
- net: ipa: use a separate pointer for adjusted GSI memory
(bsc#1012628).
- net: ipa: fix register write command validation (bsc#1012628).
- net: wan/lmc: unregister device when no matching device is found
(bsc#1012628).
- net: 9p: advance iov on empty read (bsc#1012628).
- bpf: Remove MTU check in __bpf_skb_max_len (bsc#1012628).
- ACPI: tables: x86: Reserve memory occupied by ACPI tables
(bsc#1012628).
- ACPI: processor: Fix CPU0 wakeup in acpi_idle_play_dead()
(bsc#1012628).
- ACPI: scan: Fix _STA getting called on devices with unmet
dependencies (bsc#1012628).
- ALSA: usb-audio: Apply sample rate quirk to Logitech Connect
(bsc#1012628).
- ALSA: hda: Re-add dropped snd_poewr_change_state() calls
(bsc#1012628).
- ALSA: hda: Add missing sanity checks in PM prepare/complete
callbacks (bsc#1012628).
- ALSA: hda/realtek: fix a determine_headset_type issue for a
Dell AIO (bsc#1012628).
- ALSA: hda/realtek: call alc_update_headset_mode() in
hp_automute_hook (bsc#1012628).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 640 G8
(bsc#1012628).
- xtensa: fix uaccess-related livelock in do_page_fault
(bsc#1012628).
- xtensa: move coprocessor_flush to the .text section
(bsc#1012628).
- KVM: SVM: load control fields from VMCB12 before checking them
(bsc#1012628).
- KVM: SVM: ensure that EFER.SVME is set when running nested
guest or on nested vmexit (bsc#1012628).
- PM: runtime: Fix race getting/putting suppliers at probe
(bsc#1012628).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers()
(bsc#1012628).
- tracing: Fix stack trace event size (bsc#1012628).
- s390/vdso: copy tod_steering_delta value to vdso_data page
(bsc#1012628).
- s390/vdso: fix tod_steering_delta type (bsc#1012628).
- drm/ttm: make ttm_bo_unpin more defensive (bsc#1012628).
- mm: fix race by making init_zero_pfn() early_initcall
(bsc#1012628).
- drm/amdkfd: dqm fence memory corruption (bsc#1012628).
- drm/amd/pm: no need to force MCLK to highest when no display
connected (bsc#1012628).
- drm/amdgpu/vangogh: don't check for dpm in is_dpm_running when
in suspend (bsc#1012628).
- drm/amdgpu: fix offset calculation in
amdgpu_vm_bo_clear_mappings() (bsc#1012628).
- drm/amdgpu: Set a suitable dev_info.gart_page_size
(bsc#1012628).
- drm/amdgpu: check alignment on CPU page for bo map
(bsc#1012628).
- reiserfs: update reiserfs_xattrs_initialized() condition
(bsc#1012628).
- drm/imx: fix memory leak when fails to init (bsc#1012628).
- drm/tegra: dc: Restore coupling of display controllers
(bsc#1012628).
- drm/tegra: sor: Grab runtime PM reference across reset
(bsc#1012628).
- vfio/nvlink: Add missing SPAPR_TCE_IOMMU depends (bsc#1012628).
- pinctrl: microchip-sgpio: Fix wrong register offset for IRQ
trigger (bsc#1012628).
- pinctrl: rockchip: fix restore error in resume (bsc#1012628).
- pinctrl: qcom: sc7280: Fix SDC_QDSD_PINGROUP and UFS_RESET
offsets (bsc#1012628).
- pinctrl: qcom: sc7280: Fix SDC1_RCLK configurations
(bsc#1012628).
- pinctrl: qcom: lpass lpi: use default pullup/strength values
(bsc#1012628).
- pinctrl: qcom: fix unintentional string concatenation
(bsc#1012628).
- extcon: Add stubs for extcon_register_notifier_all() functions
(bsc#1012628).
- extcon: Fix error handling in extcon_dev_register (bsc#1012628).
- firmware: stratix10-svc: reset COMMAND_RECONFIG_FLAG_PARTIAL
to 0 (bsc#1012628).
- powerpc/pseries/mobility: use struct for shared state
(bsc#1012628).
- powerpc/pseries/mobility: handle premature return from H_JOIN
(bsc#1012628).
- usb: dwc3: pci: Enable dis_uX_susphy_quirk for Intel Merrifield
(bsc#1012628).
- video: hyperv_fb: Fix a double free in hvfb_probe (bsc#1012628).
- powerpc/mm/book3s64: Use the correct storage key value when
calling H_PROTECT (bsc#1012628).
- usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control()
(bsc#1012628).
- USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
(bsc#1012628).
- usb: musb: Fix suspend with devices connected for a64
(bsc#1012628).
- usb: xhci-mtk: fix broken streams issue on 0.96 xHCI
(bsc#1012628).
- cdc-acm: fix BREAK rx code path adding necessary calls
(bsc#1012628).
- USB: cdc-acm: untangle a circular dependency between callback
and softint (bsc#1012628).
- USB: cdc-acm: downgrade message to debug (bsc#1012628).
- USB: cdc-acm: fix double free on probe failure (bsc#1012628).
- USB: cdc-acm: fix use-after-free after probe failure
(bsc#1012628).
- usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference
(bsc#1012628).
- usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board
(bsc#1012628).
- usb: dwc2: Prevent core suspend when port connection flag is 0
(bsc#1012628).
- usb: dwc3: qcom: skip interconnect init for ACPI probe
(bsc#1012628).
- usb: dwc3: gadget: Clear DEP flags after stop transfers in ep
disable (bsc#1012628).
- soc: qcom-geni-se: Cleanup the code to remove proxy votes
(bsc#1012628).
- staging: rtl8192e: Fix incorrect source in memcpy()
(bsc#1012628).
- staging: rtl8192e: Change state information from u16 to u8
(bsc#1012628).
- driver core: clear deferred probe reason on probe retry
(bsc#1012628).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
(bsc#1012628).
- riscv: evaluate put_user() arg before enabling user access
(bsc#1012628).
- io_uring: do ctx sqd ejection in a clear context (bsc#1012628).
- Revert "kernel: freezer should treat PF_IO_WORKER like
PF_KTHREAD for freezing" (bsc#1012628).
- Revert "net: bonding: fix error return code of
bond_neigh_init()" (bsc#1012628).
- commit 92a542e
- config.conf: reenable armv6/armv7 configs
(all modules, otherwise same settings like arm64)
- commit d115d63
- arm64: add debug config with KASAN enabled (bsc#1183716)
- commit b68cba9
- firewire: nosy: Fix a use-after-free bug in nosy_ioctl()
(CVE-2021-3483 bsc#1184393).
- commit c90d8a9
- drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
- commit 6dbaa20
- arm64: enable and update config for 5.12
- commit 0a5586c
- Update to 5.12-rc6
- commit b5f88e6
==== libzypp ====
Version update (17.25.9 -> 17.25.10)
- Properly handle permission denied when providing optional files
(bsc#1185239)
- Fix sevice detection with cgroupv2 (bsc#1184997)
- version 17.25.10 (22)
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Local (SUSE) change: update iscsi.service so that it tries to
logon to any "onboot" and firmware targets, in case a target
was offline when booted but back up when the service is started.
(bsc#1153806)
- Merged with latest from upstream, which contains these fixes:
* Add "no wait" option to iscsiadm firmware login
* Check for ISCSI_ERR_ISCSID_NOTCONN in iscsistart
* Log proper error message when AUTH failure occurs
==== python38 ====
Version update (3.8.8 -> 3.8.9)
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== python38-core ====
Version update (3.8.8 -> 3.8.9)
Subpackages: libpython3_8-1_0 python38-base
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== shim ====
- Split the keys in vendor-dbx.bin to vendor-dbx-sles and
vendor-dbx-opensuse for shim-sles and shim-opensuse to reduce
the size of MokListXRT (bsc#1185261)
+ Also update generate-vendor-dbx.sh in dbx-cert.tar.xz
==== snapper ====
Subpackages: libsnapper5
- added systemd sandboxing for services
==== yomi-formula ====
Version update (0.0.1+git.1604593202.a2c22bf -> 0.0.1+git.1619170188.fa52819)
- Update to version 0.0.1+git.1619170188.fa52819:
* README: document ym.sshd parameter
- Update to version 0.0.1+git.1614275707.786435e:
* pillar: update to SLE-15-SP2
* fstab: do not mount while registering
* devices: fix documentation
* Adding a TOC
* software: add recreatedb.sls for rpmdb migration
* repository: workaround for boo#1178910
* software: separate repository.sls
* network: generate persistent-net.rules
==== zypper ====
Version update (1.14.43 -> 1.14.44)
Subpackages: zypper-needs-restarting
- Rephrase needs-rebooting help and messages.
Try to point out that the need to reboot was not necessarily
triggered by the current transaction.
- man page: Recommend the needs-rebooting command to test whether
a system reboot is suggested.
- patch: Let a patch's reboot-needed flag overrule included packages
(bsc#1183268)
- Quickfix setting "openSUSE_Tumbleweed" as default platform for
"MicroOS" (bsc#1153687)
This fixes the guessed platform for "obs://<project>/" URLs.
- Protect against strict/relaxed user umask via sudo (bsc#1183589)
- zypper-log: protect against thread name indicators in a log.
- xml summary: add solvables repository alias (bsc#1182372)
- version 1.14.44
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
boost-base
branding-openSUSE
evolution-data-server
gnome-branding-MicroOS (20210322 -> 20210427)
less (581 -> 581.2)
libgsm (1.0.18 -> 1.0.19)
libxml2
polkit-default-privs (1550+20210409.c29362e -> 1550+20210430.c408cda)
sensors
=== Details ===
==== boost-base ====
Subpackages: boost-license1_76_0 libboost_thread1_76_0
- Remove libboost_math_c99l.so* libboost_math_tr1l.so* in spec file
for PowerPC compiled w/ BOOST_MATH_NO_LONG_DOUBLE_MATH_FUNCTIONS
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE systemd-icon-branding-openSUSE wallpaper-branding-openSUSE
- Also skip *.tr as config files in
/etc/bootsplash/themes/openSUSE/bootloader (in addition to
/etc/bootsplash/themes/openSUSE/cdrom)
==== evolution-data-server ====
Subpackages: libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-26 libedataserverui-1_2-3
- Add c95a70bfeae25b.patch: Fix build with cmake 3.20.1.
==== gnome-branding-MicroOS ====
Version update (20210322 -> 20210427)
- Wait for Internet connectivity before proceeding with next steps.
Before this change, the mod-firstboot script was failing when:
* there was no network configured on the first boot (happens
when using NetworkManager, since it's not configured by YaST
during installation)
* the script started before wifi connection was properly
established
- 20210427
==== less ====
Version update (581 -> 581.2)
- update to 581.2:
* This fixes a bug found in less-581 where the terminal was sometimes left in
mouse-reporting mode after exiting less.
==== libgsm ====
Version update (1.0.18 -> 1.0.19)
- update to 1.0.19:
* Make it easier to include gsm.h from C++ by wrapping it with macros.
Throw a #define _POSIX_C_SOURCE 200809L into toast.h to make it
possible for Linux glibc to just work.
* Switch from compress/.Z to gzip/.gz
==== libxml2 ====
Subpackages: libxml2-2 libxml2-tools
- Security fix: [bsc#1185408, CVE-2021-3518]
* Fix use-after-free in xinclude.c:xmlXIncludeDoProcess()
* Add libxml2-CVE-2021-3518.patch
- Security fix: [bsc#1185410, CVE-2021-3517]
* Fix heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3517.patch
- Security fix: [bsc#1185409, CVE-2021-3516]
* Fix use-after-free in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3516.patch
==== polkit-default-privs ====
Version update (1550+20210409.c29362e -> 1550+20210430.c408cda)
- Update to version 1550+20210430.c408cda:
* systemd: add newly added inhibit-handle-reboot-key action (bsc#1185468)
* whitelist non-functional change in systemd-networkd rules (bsc#1185469)
- Update to version 1550+20210429.a605b7d:
* tuned: whitelist incrementally added polkit action (bsc#1185418)
==== sensors ====
- change-pidfile-path-from-var-run-to-run.patch: Change PIDFile
path from /var/run to /run (bsc#1185183).
- var-run-deprecated.patch: /var/run is deprecated (bsc#1185183).
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
boost-base
branding-openSUSE
less (581 -> 581.2)
libxml2
=== Details ===
==== boost-base ====
Subpackages: boost-license1_76_0 libboost_thread1_76_0
- Remove libboost_math_c99l.so* libboost_math_tr1l.so* in spec file
for PowerPC compiled w/ BOOST_MATH_NO_LONG_DOUBLE_MATH_FUNCTIONS
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE
- Also skip *.tr as config files in
/etc/bootsplash/themes/openSUSE/bootloader (in addition to
/etc/bootsplash/themes/openSUSE/cdrom)
==== less ====
Version update (581 -> 581.2)
- update to 581.2:
* This fixes a bug found in less-581 where the terminal was sometimes left in
mouse-reporting mode after exiting less.
==== libxml2 ====
Subpackages: libxml2-2 libxml2-tools
- Security fix: [bsc#1185408, CVE-2021-3518]
* Fix use-after-free in xinclude.c:xmlXIncludeDoProcess()
* Add libxml2-CVE-2021-3518.patch
- Security fix: [bsc#1185410, CVE-2021-3517]
* Fix heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3517.patch
- Security fix: [bsc#1185409, CVE-2021-3516]
* Fix use-after-free in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3516.patch
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
coreutils
iproute2 (5.11 -> 5.12)
kernel-source
libical (3.0.9 -> 3.0.10)
libical-glib (3.0.9 -> 3.0.10)
libinput (1.17.1 -> 1.17.2)
libzypp (17.25.9 -> 17.25.10)
open-iscsi
python38 (3.8.8 -> 3.8.9)
python38-core (3.8.8 -> 3.8.9)
samba (4.14.2+git.159.2a8872214bf -> 4.14.4+git.162.18fd73a39a0)
snapper
zypper (1.14.43 -> 1.14.44)
=== Details ===
==== coreutils ====
- Use new packageand format
- coreutils-tests-fix-FP-in-ls-stat-free-color.patch: Add upstream patch
to avoid FP in testsuite.
- coreutils.spec:
- Reference the above patch.
- Change keyring URL to new GNU coreutils Group Release Keyring.
- coreutils.keyring: Update with the Group Release Keyring.
==== iproute2 ====
Version update (5.11 -> 5.12)
- Update to release 5.12
* devlink: Use library provided string processing APIs
* utils: Introduce helper routines for generic socket recv
* q_cake: Fix incorrect printing of signed values in class statistics
* json_print: Add print_tv()
* nexthop: Add support for nexthop buckets
* nexthop: Add support for resilient nexthop groups
* ip: xfrm: add support for tfcpad
* tc: e_bpf: fix memory leak in parse_bpf()
* lib: bpf_legacy: treat 0 as a valid file descriptor
* ip: drop 2-char command assumption
* bridge: vlan: dump port only if there are any vlans
==== kernel-source ====
- rpm/constraints.in: remove aarch64 disk size exception
obs://Kernel:stable/kernel-default/ARM/aarch64 currrently fails:
installing package kernel-default-livepatch-devel-5.12.0-3.1.g6208a83.aarch64 needs 3MB more space on the / filesystem
The stats say:
Maximal used disk space: 31799 Mbyte
By default, we require 35G. For aarch64 we had an exception to lower
this limit to 30G there. Drop this exception as it is obviously no
longer valid.
- commit ee00b50
- series.conf: cleanup
- fix Patch-mainline tag and move to "almost mainline" section:
patches.suse/crypto-ccp-Annotate-SEV-Firmware-file-names.patch
- commit 3a48ed8
- crypto: ccp: Annotate SEV Firmware file names (bsc#1185282).
- commit 66154b6
==== libical ====
Version update (3.0.9 -> 3.0.10)
- update to 3.0.10:
* Fix generating wrong recurrence rules
* Fix a bug computing transitions in tzfiles
* Fix reading TZif files to use TZ string in the footer as the last
(non-terminating) transitions
* Fix reading TZif files to use more RRULEs and/or RDATEs whevever possible
* Built-in timezones updated to tzdata2021a
==== libical-glib ====
Version update (3.0.9 -> 3.0.10)
- update to 3.0.10:
* Fix generating wrong recurrence rules
* Fix a bug computing transitions in tzfiles
* Fix reading TZif files to use TZ string in the footer as the last
(non-terminating) transitions
* Fix reading TZif files to use more RRULEs and/or RDATEs whevever possible
* Built-in timezones updated to tzdata2021a
==== libinput ====
Version update (1.17.1 -> 1.17.2)
- Update to release 1.17.2
* Fix sensitivity for Dell Latitude 7490 pointing-stick
* Add palm size quirk for the Gigabyte Aero 15
==== libzypp ====
Version update (17.25.9 -> 17.25.10)
- Properly handle permission denied when providing optional files
(bsc#1185239)
- Fix sevice detection with cgroupv2 (bsc#1184997)
- version 17.25.10 (22)
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Local (SUSE) change: update iscsi.service so that it tries to
logon to any "onboot" and firmware targets, in case a target
was offline when booted but back up when the service is started.
(bsc#1153806)
- Merged with latest from upstream, which contains these fixes:
* Add "no wait" option to iscsiadm firmware login
* Check for ISCSI_ERR_ISCSID_NOTCONN in iscsistart
* Log proper error message when AUTH failure occurs
==== python38 ====
Version update (3.8.8 -> 3.8.9)
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== python38-core ====
Version update (3.8.8 -> 3.8.9)
Subpackages: libpython3_8-1_0 python38-base
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== samba ====
Version update (4.14.2+git.159.2a8872214bf -> 4.14.4+git.162.18fd73a39a0)
Subpackages: libdcerpc-binding0 libdcerpc0 libndr-krb5pac0 libndr-nbt0 libndr-standard0 libndr1 libnetapi0 libsamba-credentials1 libsamba-errors0 libsamba-hostconfig0 libsamba-passdb0 libsamba-util0 libsamdb0 libsmbclient0 libsmbconf0 libsmbldap2 libtevent-util0 libwbclient0 samba-client samba-libs samba-libs-python3
- Update to 4.14.4
* CVE-2021-20254: Fix buffer overrun in sids_to_unixids();
(bso#14571); (bsc#1184677).
- Update to 4.14.3
* s3:modules:vfs_virusfilter: Recent New_VFS changes break
vfs_virusfilter_openat; (bso#14671).
* build: Notice if flex is missing at configure time; (bso#14586).
* Fix smbd panic when two clients open same file; (bso#14672).
* Fix memory leak in the RPC server; (bso#14675).
* s3: smbd: fix deferred renames; (bso#14679).
* s3-iremotewinspool: Set the per-request memory context;
(bso#14675)
* Fix memory leak in the RPC server; (bso#14675).
* third_party: Update socket_wrapper to version 1.3.2;
(bso#11899).
* third_party: Update socket_wrapper to version 1.3.3;
(bso#14640).
* samba-gpupdate: Test that sysvol paths download in
case-insensitive way; (bso#14665).
* smbd: Ensure errno is preserved across fsp destructor;
(bso#14662).
* idmap_rfc2307 and idmap_nss return wrong mapping for uid/gid
conflict; (bso#14663).
* build: Only add -Wl,--as-needed when supported; (bso#14288).
==== snapper ====
Subpackages: libsnapper5
- added systemd sandboxing for services
==== zypper ====
Version update (1.14.43 -> 1.14.44)
Subpackages: zypper-needs-restarting
- Rephrase needs-rebooting help and messages.
Try to point out that the need to reboot was not necessarily
triggered by the current transaction.
- man page: Recommend the needs-rebooting command to test whether
a system reboot is suggested.
- patch: Let a patch's reboot-needed flag overrule included packages
(bsc#1183268)
- Quickfix setting "openSUSE_Tumbleweed" as default platform for
"MicroOS" (bsc#1153687)
This fixes the guessed platform for "obs://<project>/" URLs.
- Protect against strict/relaxed user umask via sudo (bsc#1183589)
- zypper-log: protect against thread name indicators in a log.
- xml summary: add solvables repository alias (bsc#1182372)
- version 1.14.44
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
autofs (5.1.6 -> 5.1.7)
coreutils
haproxy (2.3.9+git1.afb63bc04 -> 2.3.10+git0.4764f0e4e)
iproute2 (5.11 -> 5.12)
kernel-source
libzypp (17.25.9 -> 17.25.10)
open-iscsi
python38 (3.8.8 -> 3.8.9)
python38-core (3.8.8 -> 3.8.9)
snapper
yomi-formula (0.0.1+git.1604593202.a2c22bf -> 0.0.1+git.1619170188.fa52819)
zypper (1.14.43 -> 1.14.44)
=== Details ===
==== autofs ====
Version update (5.1.6 -> 5.1.7)
- Upgrade to 5.1.7
- make bind mounts propagation slave by default.
- update ldap READMEs and schema definitions.
- fix program map multi-mount lookup after mount fail.
- fix browse dir not re-created on symlink expire.
- fix a regression with map instance lookup.
- correct fsf address.
- samples: fix Makefile targets' directory dependencies
- remove intr hosts map mount option.
- fix trailing dollar sun entry expansion.
- initialize struct addrinfo for getaddrinfo() calls.
- fix quoted string length calc in expandsunent().
- fix autofs mount options construction.
- mount_nfs.c fix local rdma share not mounting.
- configure.in: Remove unneeded second call to PKG_PROG_PKG_CONFIG.
- configure.in: Do not append parentheses to PKG_PROG_PKG_CONFIG.
- Use PKG_CHECK_MODULES to detect the libxml2 library.
- fix ldap sasl reconnect problem.
- samples/ldap.schema fix.
- fix configure force shutdown check.
- fix crash in sun_mount().
- fix lookup_nss_read_master() nsswicth check return.
- fix typo in open_sss_lib().
- fix sss_master_map_wait timing.
- add sss ECONREFUSED return handling.
- use mapname in sss context for setautomntent().
- add support for new sss autofs proto version call.
- fix retries check in setautomntent_wait().
- refactor sss setautomntent().
- improve sss setautomntent() error handling.
- refactor sss getautomntent().
- improve sss getautomntent() error handling.
- sss introduce calculate_retry_count() function.
- move readall into struct master.
- sss introduce a flag to indicate map being read.
- update sss timeout documentation.
- refactor sss getautomntbyname().
- improve sss getautomntbyname() error handling.
- use a valid timeout in lookup_prune_one_cache().
- dont prune offset map entries.
- simplify sss source stale check.
- include linux/nfs.h directly in rpc_subs.h.
- fix typo in daemon/automount.c.
- fix direct mount unlink_mount_tree() path.
- fix unlink mounts umount order.
- fix incorrect logical compare in unlink_mount_tree().
- use bit flag for force unlink mounts.
- improve force unlink option description.
- remove command fifo on autofs mount fail.
- add force unlink mounts and exit option.
- cleanup stale logpri fifo pipes on unlink and exit.
- fix incorrect systemctl command syntax in autofs(8).
- update list.h.
- add hashtable implementation.
- change mountpoint to mp in struct ext_mount.
- make external mounts independent of amd_entry.
- make external mounts use simpler hashtable.
- add a hash index to mnt_list.
- use mnt_list for submounts.
- use mnt_list for amdmounts.
- make umount_autofs() static.
- remove force parameter from umount_all().
- fix remount expire.
- fix stale offset directories disable mount.
- use struct mnt_list to track mounted mounts.
- use struct mnt_list mounted list for expire.
- remove unused function tree_get_mnt_list().
- only add expre alarm for active mounts.
- move submount check into conditional_alarm_add().
- move lib/master.c to daemon/master.c.
- use master_list_empty() for list empty check.
- add helper to construct mount point path.
- check defaults_read_config() return.
- move AUTOFS_LIB to end of build rule lines.
- make autofs.a a shared library.
- make lookup_file.c nss map read status return handling consistent.
- fix empty mounts list return from unlink_mount_tree().
- Refreshed autofs-5.1.1-dbus-udisks-monitor.patch
- Replaced automount-fix-master-wait.patch with upstream patch
autofs-5.1.7-Fix-option-for-master_read_wait.patch
==== coreutils ====
- Use new packageand format
- coreutils-tests-fix-FP-in-ls-stat-free-color.patch: Add upstream patch
to avoid FP in testsuite.
- coreutils.spec:
- Reference the above patch.
- Change keyring URL to new GNU coreutils Group Release Keyring.
- coreutils.keyring: Update with the Group Release Keyring.
==== haproxy ====
Version update (2.3.9+git1.afb63bc04 -> 2.3.10+git0.4764f0e4e)
- Update to version 2.3.10+git0.4764f0e4e:
* [RELEASE] Released version 2.3.10
* BUG/MEDIUM: peers: re-work refcnt on table to protect against flush
* BUG/MEDIUM: peers: re-work connection to new process during reload.
* BUG/MINOR: peers: remove useless table check if initial resync is finished
* BUG/MEDIUM: mux-h2: Properly handle shutdowns when received with data
* BUG/MINOR: mworker: don't use oldpids[] anymore for reload
* BUG/MINOR: mworker/init: don't reset nb_oldpids in non-mworker cases
* BUG/MEDIUM: config: fix cpu-map notation with both process and threads
* BUG/MEDIUM: mux-h2: Fix dfl calculation when merging CONTINUATION frames
* BUG/MAJOR: mux-h2: Properly detect too large frames when decoding headers
* BUG/MINOR: server: free srv.lb_nodes in free_server
* BUG/MINOR: mux-h1: Release idle server H1 connection if data are received
* BUG/MINOR: logs: Report the true number of retries if there was no connection
* BUG/MINOR: http_htx: Remove BUG_ON() from http_get_stline() function
* BUG/MINOR: http-fetch: Make method smp safe if headers were already forwarded
* BUG/MINOR: ssl-samples: Fix ssl_bc_* samples when called from a health-check
* MINOR: connection: Make bc_http_major compatible with tcp-checks
* BUG/MINOR: connection: Fix fc_http_major and bc_http_major for TCP connections
* MINOR: logs: Add support of checks as session origin to format lf strings
* BUG/MINOR: checks: Set missing id to the dummy checks frontend
* BUG/MEDIUM: threads: Ignore current thread to end its harmless period
* DOC: ssl: Certificate hot update only works on fronted certificates
* BUG/MEDIUM: sample: Fix adjusting size in field converter
* MINOR: No longer rely on deprecated sample fetches for predefined ACLs
* DOC: clarify that compression works for HTTP/2
* BUG/MINOR: tools: fix parsing "us" unit for timers
* CONTRIB: halog: fix issue with array of type char
* REGTESTS: ssl: mark set_ssl_cert_bundle.vtc as broken
* DOC: Explicitly state only IPv4 are supported by forwardfor/originalto options
* REGTESTS: ssl: "set ssl cert" and multi-certificates bundle
* BUG/MINOR: ssl: Add missing free on SSL_CTX in ckch_inst_free
* BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields
* BUG/MINOR: ssl: Prevent removal of crt-list line if the instance is a default one
* BUG/MINOR: ssl: Fix update of default certificate
* BUILD: tcp: use IPPROTO_IPV6 instead of SOL_IPV6 on FreeBSD/MacOS
* BUG/MINOR: tcp: fix silent-drop workaround for IPv6
==== iproute2 ====
Version update (5.11 -> 5.12)
- Update to release 5.12
* devlink: Use library provided string processing APIs
* utils: Introduce helper routines for generic socket recv
* q_cake: Fix incorrect printing of signed values in class statistics
* json_print: Add print_tv()
* nexthop: Add support for nexthop buckets
* nexthop: Add support for resilient nexthop groups
* ip: xfrm: add support for tfcpad
* tc: e_bpf: fix memory leak in parse_bpf()
* lib: bpf_legacy: treat 0 as a valid file descriptor
* ip: drop 2-char command assumption
* bridge: vlan: dump port only if there are any vlans
==== kernel-source ====
- rpm/constraints.in: remove aarch64 disk size exception
obs://Kernel:stable/kernel-default/ARM/aarch64 currrently fails:
installing package kernel-default-livepatch-devel-5.12.0-3.1.g6208a83.aarch64 needs 3MB more space on the / filesystem
The stats say:
Maximal used disk space: 31799 Mbyte
By default, we require 35G. For aarch64 we had an exception to lower
this limit to 30G there. Drop this exception as it is obviously no
longer valid.
- commit ee00b50
- series.conf: cleanup
- fix Patch-mainline tag and move to "almost mainline" section:
patches.suse/crypto-ccp-Annotate-SEV-Firmware-file-names.patch
- commit 3a48ed8
- crypto: ccp: Annotate SEV Firmware file names (bsc#1185282).
- commit 66154b6
==== libzypp ====
Version update (17.25.9 -> 17.25.10)
- Properly handle permission denied when providing optional files
(bsc#1185239)
- Fix sevice detection with cgroupv2 (bsc#1184997)
- version 17.25.10 (22)
==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0
- Local (SUSE) change: update iscsi.service so that it tries to
logon to any "onboot" and firmware targets, in case a target
was offline when booted but back up when the service is started.
(bsc#1153806)
- Merged with latest from upstream, which contains these fixes:
* Add "no wait" option to iscsiadm firmware login
* Check for ISCSI_ERR_ISCSID_NOTCONN in iscsistart
* Log proper error message when AUTH failure occurs
==== python38 ====
Version update (3.8.8 -> 3.8.9)
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== python38-core ====
Version update (3.8.8 -> 3.8.9)
Subpackages: libpython3_8-1_0 python38-base
- Update to 3.8.9:
- bpo#42988 (bsc#1183374) CVE-2021-3426: Remove the getfile
feature of the pydoc module which could be abused to read
arbitrary files on the disk (directory traversal
vulnerability). Moreover, even source code of Python modules
can contain sensitive data like passwords. Vulnerability
reported by David Schwörer.
- bpo-43285: ftplib no longer trusts the IP address value
returned from the server in response to the PASV command by
default. This prevents a malicious FTP server from using the
response to probe IPv4 address and port combinations on the
client network.
- Code that requires the former vulnerable behavior may set
a trust_server_pasv_ipv4_address attribute on their
ftplib.FTP instances to True to re-enable it.
- bpo-43439: Add audit hooks for gc.get_objects(),
gc.get_referrers() and gc.get_referents(). Patch by Pablo
Galindo.
- bpo-43660: Fix crash that happens when replacing sys.stderr
with a callable that can remove the object while an exception
is being printed. Patch by Pablo Galindo.
- bpo-35883: Python no longer fails at startup with a fatal
error if a command line argument contains an invalid Unicode
character. The Py_DecodeLocale() function now escapes byte
sequences which would be decoded as Unicode characters
outside the [U+0000; U+10ffff] range.
- bpo-43406: Fix a possible race condition where
PyErr_CheckSignals tries to execute a non-Python signal
handler.
- bpo-35930: Raising an exception raised in a ?future? instance
will create reference cycles.
- bpo-43577: Fix deadlock when using ssl.SSLContext debug
callback with ssl.SSLContext.sni_callback().
- bpo-43423: subprocess.communicate() no longer raises an
IndexError when there is an empty stdout or stderr IO buffer
during a timeout on Windows.
- bpo-27820: Fixed long-standing bug of smtplib.SMTP where
doing AUTH LOGIN with initial_response_ok=False will fail.
The cause is that SMTP.auth_login _always_ returns a password
if provided with a challenge string, thus non-compliant with
the standard for AUTH LOGIN. Also fixes bug with the test for
smtpd.
- bpo-43399: Fix ElementTree.extend not working on iterators
when using the Python implementation
- bpo-43316: The python -m gzip command line application now
properly fails when detecting an unsupported extension. It
exits with a non-zero exit code and prints an error message
to stderr.
- bpo-43260: Fix TextIOWrapper can not flush internal buffer
forever after very large text is written.
- bpo-42782: Fail fast in shutil.move() to avoid creating
destination directories on failure.
- bpo-37193: Fixed memory leak in socketserver.ThreadingMixIn
introduced in Python 3.7.
- bpo-43199: Answer ?Why is there no goto?? in the Design and
History FAQ.
- bpo-43407: Clarified that a result from time.monotonic(),
time.perf_counter(), time.process_time(), or
time.thread_time() can be compared with the result from any
following call to the same function - not just the next
immediate call.
- bpo-27646: Clarify that ?yield from <expr>? works with any
iterable, not just iterators.
- bpo-36346: Update some deprecated unicode APIs which are
documented as ?will be removed in 4.0? to ?3.12?. See PEP 623
for detail.
- bpo-37945: Fix test_getsetlocale_issue1813() of test_locale:
skip the test if setlocale() fails. Patch by Victor Stinner.
- bpo-41561: Add workaround for Ubuntu?s custom OpenSSL
security level policy.
- bpo-43631: Update macOS, Windows, and CI to OpenSSL 1.1.1k.
- bpo-43617: Improve configure.ac: Check for presence of
autoconf-archive package and remove our copies of M4 macros.
- bpo-41837: Update macOS installer build to use OpenSSL
1.1.1j.
- bpo-42225: Document that IDLE can fail on Unix either from
misconfigured IP masquerage rules or failure displaying
complex colored (non-ascii) characters.
- bpo-43283: Document why printing to IDLE?s Shell is often
slower than printing to a system terminal and that it can be
made faster by pre-formatting a single string before
printing.
==== snapper ====
Subpackages: libsnapper5
- added systemd sandboxing for services
==== yomi-formula ====
Version update (0.0.1+git.1604593202.a2c22bf -> 0.0.1+git.1619170188.fa52819)
- Update to version 0.0.1+git.1619170188.fa52819:
* README: document ym.sshd parameter
- Update to version 0.0.1+git.1614275707.786435e:
* pillar: update to SLE-15-SP2
* fstab: do not mount while registering
* devices: fix documentation
* Adding a TOC
* software: add recreatedb.sls for rpmdb migration
* repository: workaround for boo#1178910
* software: separate repository.sls
* network: generate persistent-net.rules
==== zypper ====
Version update (1.14.43 -> 1.14.44)
Subpackages: zypper-needs-restarting
- Rephrase needs-rebooting help and messages.
Try to point out that the need to reboot was not necessarily
triggered by the current transaction.
- man page: Recommend the needs-rebooting command to test whether
a system reboot is suggested.
- patch: Let a patch's reboot-needed flag overrule included packages
(bsc#1183268)
- Quickfix setting "openSUSE_Tumbleweed" as default platform for
"MicroOS" (bsc#1153687)
This fixes the guessed platform for "obs://<project>/" URLs.
- Protect against strict/relaxed user umask via sudo (bsc#1183589)
- zypper-log: protect against thread name indicators in a log.
- xml summary: add solvables repository alias (bsc#1182372)
- version 1.14.44
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
boost-base
branding-openSUSE
evolution-data-server
gnome-branding-MicroOS (20210322 -> 20210427)
less (581 -> 581.2)
libgsm (1.0.18 -> 1.0.19)
libxml2
polkit-default-privs (1550+20210409.c29362e -> 1550+20210430.c408cda)
sensors
=== Details ===
==== boost-base ====
Subpackages: boost-license1_76_0 libboost_thread1_76_0
- Remove libboost_math_c99l.so* libboost_math_tr1l.so* in spec file
for PowerPC compiled w/ BOOST_MATH_NO_LONG_DOUBLE_MATH_FUNCTIONS
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE systemd-icon-branding-openSUSE wallpaper-branding-openSUSE
- Also skip *.tr as config files in
/etc/bootsplash/themes/openSUSE/bootloader (in addition to
/etc/bootsplash/themes/openSUSE/cdrom)
==== evolution-data-server ====
Subpackages: libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1 libedataserver-1_2-26 libedataserverui-1_2-3
- Add c95a70bfeae25b.patch: Fix build with cmake 3.20.1.
==== gnome-branding-MicroOS ====
Version update (20210322 -> 20210427)
- Wait for Internet connectivity before proceeding with next steps.
Before this change, the mod-firstboot script was failing when:
* there was no network configured on the first boot (happens
when using NetworkManager, since it's not configured by YaST
during installation)
* the script started before wifi connection was properly
established
- 20210427
==== less ====
Version update (581 -> 581.2)
- update to 581.2:
* This fixes a bug found in less-581 where the terminal was sometimes left in
mouse-reporting mode after exiting less.
==== libgsm ====
Version update (1.0.18 -> 1.0.19)
- update to 1.0.19:
* Make it easier to include gsm.h from C++ by wrapping it with macros.
Throw a #define _POSIX_C_SOURCE 200809L into toast.h to make it
possible for Linux glibc to just work.
* Switch from compress/.Z to gzip/.gz
==== libxml2 ====
Subpackages: libxml2-2 libxml2-tools
- Security fix: [bsc#1185408, CVE-2021-3518]
* Fix use-after-free in xinclude.c:xmlXIncludeDoProcess()
* Add libxml2-CVE-2021-3518.patch
- Security fix: [bsc#1185410, CVE-2021-3517]
* Fix heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3517.patch
- Security fix: [bsc#1185409, CVE-2021-3516]
* Fix use-after-free in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3516.patch
==== polkit-default-privs ====
Version update (1550+20210409.c29362e -> 1550+20210430.c408cda)
- Update to version 1550+20210430.c408cda:
* systemd: add newly added inhibit-handle-reboot-key action (bsc#1185468)
* whitelist non-functional change in systemd-networkd rules (bsc#1185469)
- Update to version 1550+20210429.a605b7d:
* tuned: whitelist incrementally added polkit action (bsc#1185418)
==== sensors ====
- change-pidfile-path-from-var-run-to-run.patch: Change PIDFile
path from /var/run to /run (bsc#1185183).
- var-run-deprecated.patch: /var/run is deprecated (bsc#1185183).
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
boost-base
branding-openSUSE
less (581 -> 581.2)
libxml2
=== Details ===
==== boost-base ====
Subpackages: boost-license1_76_0 libboost_thread1_76_0
- Remove libboost_math_c99l.so* libboost_math_tr1l.so* in spec file
for PowerPC compiled w/ BOOST_MATH_NO_LONG_DOUBLE_MATH_FUNCTIONS
==== branding-openSUSE ====
Subpackages: grub2-branding-openSUSE
- Also skip *.tr as config files in
/etc/bootsplash/themes/openSUSE/bootloader (in addition to
/etc/bootsplash/themes/openSUSE/cdrom)
==== less ====
Version update (581 -> 581.2)
- update to 581.2:
* This fixes a bug found in less-581 where the terminal was sometimes left in
mouse-reporting mode after exiting less.
==== libxml2 ====
Subpackages: libxml2-2 libxml2-tools
- Security fix: [bsc#1185408, CVE-2021-3518]
* Fix use-after-free in xinclude.c:xmlXIncludeDoProcess()
* Add libxml2-CVE-2021-3518.patch
- Security fix: [bsc#1185410, CVE-2021-3517]
* Fix heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3517.patch
- Security fix: [bsc#1185409, CVE-2021-3516]
* Fix use-after-free in entities.c:xmlEncodeEntitiesInternal()
* Add libxml2-CVE-2021-3516.patch
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
AppStream (0.14.1 -> 0.14.3)
Mesa (20.3.5 -> 21.0.2)
Mesa-drivers (20.3.5 -> 21.0.2)
NetworkManager (1.30.0 -> 1.30.4)
PackageKit
adwaita-icon-theme (3.38.0 -> 40.0)
apparmor
at-spi2-core (2.38.0 -> 2.40.0)
attica-qt5 (5.80.0 -> 5.81.0)
avahi
baloo5 (5.80.0 -> 5.81.0)
baloo5-widgets (20.12.3 -> 21.04.0)
blog
bluedevil5 (5.21.3 -> 5.21.4)
bluez (5.56 -> 5.58)
bluez-qt (5.80.0 -> 5.81.0)
breeze (5.21.3 -> 5.21.4)
breeze5-icons (5.80.0 -> 5.81.0)
cheese
cifs-utils
cloud-init
cni-plugins (0.9.0 -> 0.9.1)
conmon (2.0.26 -> 2.0.27)
container-selinux (2.158.0 -> 2.160.1)
containers-systemd (0.0+git20210318.fea98a6 -> 0.0+git20210407.9384691)
cups (2.3.3 -> 2.3.3op2)
cups-filters
curl (7.75.0 -> 7.76.1)
dbus-1
dconf (0.38.0 -> 0.40.0)
discover (5.21.3 -> 5.21.4)
dnf (4.6.1 -> 4.7.0)
dolphin (20.12.3 -> 21.04.0)
dracut (053+suse.90.gb89b6347 -> 053+suse.93.g039ac07d)
drkonqi5 (5.21.3 -> 5.21.4)
ell (0.38 -> 0.39)
evolution-data-server (3.38.4 -> 3.40.0)
expat (2.2.10 -> 2.3.0)
file (5.39 -> 5.40)
filesystem
findutils
frameworkintegration (5.80.0 -> 5.81.0)
fuse3 (3.10.2 -> 3.10.3)
fwupd (1.5.7 -> 1.5.8)
gcc10 (10.2.1+git1574 -> 10.3.0+git1587)
gcr (3.38.1 -> 3.40.0)
gd (2.3.0 -> 2.3.2)
gdk-pixbuf (2.42.2 -> 2.42.6)
giflib
gjs (1.66.2 -> 1.68.0)
glib-networking (2.66.0 -> 2.68.0)
glib2 (2.66.7 -> 2.68.1)
glibc
gmp
gnome-autoar (0.3.0 -> 0.3.1)
gnome-bluetooth (3.34.3 -> 3.34.5)
gnome-control-center (3.38.4 -> 40.0)
gnome-desktop (3.38.4 -> 40.0)
gnome-keyring (3.36.0 -> 40.0)
gnome-online-accounts (3.38.0 -> 3.40.0)
gnome-session (3.38.0 -> 40.0)
gnome-settings-daemon (3.38.1 -> 40.0.1)
gnome-shell (3.38.3 -> 40.0)
gnome-shell-extension-desktop-icons (20.04.0 -> 20.10.0)
gnome-shell-extensions (3.38.2 -> 40.0)
gnome-software (3.38.1 -> 40.0)
gnome-system-monitor (3.38.0 -> 40.0)
gnome-terminal (3.38.3 -> 3.40.0)
gnome-tweaks (3.34.1 -> 40.0)
gnome-user-docs (3.38.2 -> 40.0)
gobject-introspection (1.66.1 -> 1.68.0)
graphene (1.10.2 -> 1.10.6)
grub2
gsettings-desktop-schemas (3.38.0 -> 40.0)
gstreamer (1.18.3 -> 1.18.4)
gstreamer-plugins-bad (1.18.3 -> 1.18.4)
gstreamer-plugins-base (1.18.3 -> 1.18.4)
gstreamer-plugins-good (1.18.3 -> 1.18.4)
gtk3 (3.24.27 -> 3.24.29)
gvfs (1.46.2 -> 1.48.0)
gzip
harfbuzz (2.7.4 -> 2.8.0)
hwdata (0.345 -> 0.346)
hwinfo (21.72 -> 21.73)
installation-images-MicroOS (16.56 -> 17.0)
irqbalance (1.7.0+git20210222.9db8d5c -> 1.8.0)
iso-codes (4.5.0 -> 4.6.0)
jack (1.9.17 -> 1.9.18)
kaccounts-integration (20.12.3 -> 21.04.0)
kactivities-stats (5.80.0 -> 5.81.0)
kactivities5 (5.80.0 -> 5.81.0)
kactivitymanagerd (5.21.3 -> 5.21.4)
karchive (5.80.0 -> 5.81.0)
kate (20.12.3 -> 21.04.0)
kauth (5.80.0 -> 5.81.0)
kbookmarks (5.80.0 -> 5.81.0)
kcmutils (5.80.0 -> 5.81.0)
kcodecs (5.80.0 -> 5.81.0)
kcompletion (5.80.0 -> 5.81.0)
kconfig (5.80.0 -> 5.81.0)
kconfigwidgets (5.80.0 -> 5.81.0)
kcoreaddons (5.80.0 -> 5.81.0)
kcrash (5.80.0 -> 5.81.0)
kdbusaddons (5.80.0 -> 5.81.0)
kde-cli-tools5 (5.21.3 -> 5.21.4)
kde-print-manager (20.12.3 -> 21.04.0)
kdeclarative (5.80.0 -> 5.81.0)
kded (5.80.0 -> 5.81.0)
kdelibs4support (5.80.0 -> 5.81.0)
kdesu (5.80.0 -> 5.81.0)
kdialog (20.12.3 -> 21.04.0)
kdnssd-framework (5.80.0 -> 5.81.0)
kdoctools (5.80.0 -> 5.81.0)
kdump
kernel-firmware (20210315 -> 20210419)
kexec-tools (2.0.20 -> 2.0.21)
kfilemetadata5 (5.80.0 -> 5.81.0)
kgamma5 (5.21.3 -> 5.21.4)
kglobalaccel (5.80.0 -> 5.81.0)
kguiaddons (5.80.0 -> 5.81.0)
kholidays (5.80.0 -> 5.81.0)
khotkeys5 (5.21.3 -> 5.21.4)
ki18n (5.80.0 -> 5.81.0)
kiconthemes (5.80.0 -> 5.81.0)
kidletime (5.80.0 -> 5.81.0)
kinfocenter5 (5.21.3 -> 5.21.4)
kinit (5.80.0 -> 5.81.0)
kio (5.80.1 -> 5.81.0)
kio-extras5 (20.12.3 -> 21.04.0)
kirigami2 (5.80.0 -> 5.81.0)
kitemmodels (5.80.0 -> 5.81.0)
kitemviews (5.80.0 -> 5.81.0)
kjobwidgets (5.80.0 -> 5.81.0)
kmenuedit5 (5.21.3 -> 5.21.4)
knewstuff (5.80.0 -> 5.81.0)
knotifications (5.80.0 -> 5.81.0)
knotifyconfig (5.80.0 -> 5.81.0)
konsole (20.12.3 -> 21.04.0)
kpackage (5.80.0 -> 5.81.0)
kparts (5.80.0 -> 5.81.0)
kpeople5 (5.80.0 -> 5.81.0)
kpty (5.80.0 -> 5.81.0)
kquickcharts (5.80.0 -> 5.81.0)
krb5
kross (5.80.0 -> 5.81.0)
krunner (5.80.0 -> 5.81.0)
kscreen5 (5.21.3 -> 5.21.4)
kscreenlocker (5.21.3 -> 5.21.4)
kservice (5.80.0 -> 5.81.0)
ksysguard5 (5.21.3 -> 5.21.4)
ktexteditor (5.80.0 -> 5.81.0)
ktextwidgets (5.80.0 -> 5.81.0)
kunitconversion (5.80.0 -> 5.81.0)
kwallet (5.80.0 -> 5.81.0)
kwalletmanager5 (20.12.3 -> 21.04.0)
kwayland (5.80.0 -> 5.81.0)
kwayland-integration (5.21.3 -> 5.21.4)
kwayland-server (5.21.3 -> 5.21.4)
kwidgetsaddons (5.80.0 -> 5.81.0)
kwin5 (5.21.3 -> 5.21.4)
kwindowsystem (5.80.0 -> 5.81.0)
kwrited5 (5.21.3 -> 5.21.4)
kxmlgui (5.80.0 -> 5.81.0)
ldb (2.2.1 -> 2.3.0)
less (563 -> 581)
libKF5ModemManagerQt (5.80.0 -> 5.81.0)
libKF5NetworkManagerQt (5.80.0 -> 5.81.0)
libXres (1.2.0 -> 1.2.1)
libapparmor
libassuan (2.5.4 -> 2.5.5)
libblockdev
libcap
libcontainers-common
libdazzle (3.38.0 -> 3.40.0)
libdnf (0.60.0 -> 0.62.0)
libdrm (2.4.104 -> 2.4.105)
libeconf (0.3.8+git20200710.5126fff -> 0.4.0+git20210413.fdb8025)
libfido2 (1.6.0 -> 1.7.0)
libgcrypt (1.9.2 -> 1.9.3)
libgnomekbd
libgweather (3.36.1 -> 40.0)
libhandy (1.0.3 -> 1.2.1)
libhugetlbfs
libical (3.0.8 -> 3.0.9)
libical-glib (3.0.8 -> 3.0.9)
libinput (1.17.0 -> 1.17.1)
libjpeg-turbo
libkdecoration2 (5.21.3 -> 5.21.4)
libksba (1.5.0 -> 1.5.1)
libkscreen2 (5.21.3 -> 5.21.4)
libksysguard5 (5.21.3.1 -> 5.21.4)
libopenmpt (0.5.5 -> 0.5.7)
libpeas (1.28.0 -> 1.30.0)
libqt5-qtbase
libqt5-qtdeclarative
libqt5-qtsvg
libqt5-qtwebengine (5.15.2 -> 5.15.3)
librepo (1.13.0 -> 1.14.0)
librsvg (2.50.3 -> 2.50.4)
libselinux
libsolv (0.7.17 -> 0.7.19)
libva (2.10.0 -> 2.11.0)
libvpx (1.9.0 -> 1.10.0)
libxcrypt (4.4.18 -> 4.4.19)
libxkbcommon (1.1.0 -> 1.2.1)
libzypp (17.25.8 -> 17.25.9)
lua54 (5.4.2 -> 5.4.3)
lvm2
lvm2-device-mapper
makedumpfile (1.6.7 -> 1.6.8)
microdnf (3.7.1 -> 3.8.0)
milou5 (5.21.3 -> 5.21.4)
mozilla-nspr (4.29 -> 4.30)
mozilla-nss (3.62 -> 3.63.1)
multipath-tools (0.8.5+29+suse.5dabcd2 -> 0.8.5+30+suse.633836e)
mutter (3.38.3 -> 40.0)
nautilus (3.38.2 -> 40.0)
ncurses (6.2.20210313 -> 6.2.20210424)
openSUSE-build-key
openssl (1.1.1j -> 1.1.1k)
openssl-1_1 (1.1.1j -> 1.1.1k)
pam
pango (1.48.3 -> 1.48.4)
patterns-gnome
patterns-kde
patterns-microos
pcre2
perl-Bootloader (0.933 -> 0.934)
pipewire (0.3.24 -> 0.3.26)
pkgconf
plasma-browser-integration (5.21.3 -> 5.21.4)
plasma-framework (5.80.0 -> 5.81.0)
plasma-nm5 (5.21.3 -> 5.21.4)
plasma5-addons (5.21.3 -> 5.21.4)
plasma5-desktop (5.21.3 -> 5.21.4)
plasma5-integration (5.21.3 -> 5.21.4)
plasma5-openSUSE
plasma5-pa (5.21.3 -> 5.21.4)
plasma5-workspace (5.21.3 -> 5.21.4)
podman (3.0.1 -> 3.1.2)
polkit-default-privs (1550+20210111.f725c25 -> 1550+20210409.c29362e)
polkit-kde-agent-5 (5.21.3 -> 5.21.4)
poppler (21.03.0 -> 21.04.0)
poppler-qt5 (21.03.0 -> 21.04.0)
powerdevil5 (5.21.3 -> 5.21.4)
prison-qt5 (5.80.0 -> 5.81.0)
pulseaudio
purpose (5.80.0 -> 5.81.0)
python-MarkupSafe
python-cryptography
python-gobject (3.38.0 -> 3.40.1)
python-importlib-metadata (3.7.0 -> 3.7.2)
python-jsonpatch (1.28 -> 1.31)
qalculate (3.16.1 -> 3.18.0)
qqc2-desktop-style (5.80.0 -> 5.81.0)
raspberrypi-firmware-config
raspberrypi-firmware-dt
rav1e (0.4.0 -> 0.4.1)
re2 (20210202 -> 20210401)
rpm (4.16.0 -> 4.16.1.3)
rpm-config-SUSE (0.g64 -> 0.g76)
runc
samba (4.13.4+git.199.be6e11f5ab2 -> 4.14.2+git.159.2a8872214bf)
selinux-policy (20210309 -> 20210419)
sg3_utils (1.45~815+5.6aa67ed -> 1.46)
shadow
shim (15+git47 -> 15.4)
snapper (0.8.16 -> 0.9.0)
solid (5.80.0 -> 5.81.0)
sonnet (5.80.0 -> 5.81.0)
sqlite3 (3.35.2 -> 3.35.5)
sssd
sudo (1.9.5p2 -> 1.9.6p1)
suse-module-tools (15.3.5 -> 15.4.1)
syntax-highlighting (5.80.0 -> 5.81.0)
systemd (246.11 -> 246.13)
systemd-presets-common-SUSE
systemsettings5 (5.21.3 -> 5.21.4)
sysvinit
talloc (2.3.1 -> 2.3.2)
threadweaver (5.80.0 -> 5.81.0)
tiff (4.2.0 -> 4.3.0)
toolbox (2.1+git20210311.15cb3ad -> 2.1+git20210329.d14ac82)
tracker (3.0.3 -> 3.1.1)
tracker-miners (3.0.4 -> 3.1.1)
u-boot-rpiarm64 (2021.01 -> 2021.04)
vim (8.2.2607 -> 8.2.2800)
webkit2gtk3 (2.30.5 -> 2.32.0)
wpa_supplicant
xdg-desktop-portal-kde (5.21.3 -> 5.21.4)
xf86-input-libinput (0.30.0 -> 1.0.1)
xinit
xmessage
xmodmap
xorg-x11-server (1.20.10 -> 1.20.11)
xterm (366 -> 367)
yast2 (4.3.60 -> 4.4.2)
yelp (3.38.3 -> 40.0)
yelp-xsl (3.38.3 -> 40.0)
zchunk (1.1.5 -> 1.1.9)
=== Details ===
==== AppStream ====
Version update (0.14.1 -> 0.14.3)
Subpackages: libAppStreamQt2 libappstream4
- Update to version 0.14.3
* spec: Mention that license-IDs are case-sensitive
* compose: Don't loop endlessly if external desktop l10n function
is set
* Never create a predictable dir in /tmp for caching
* qt: Implement missing Pool::componentsByCategories
* Share one user-owned read-only system metadata cache between all
applications
* pool: Clean up user sysdata caches if we start to use the system
cache
* Port over some parsing improvements for desktop-files from asgen
* compose: Add helper for reading desktop-entry files
* compose: Handle bad UTF-8 in desktop-entry files even better
* search: Perform partial token matches instead of prefix matches
* search: Unconditionally perform partial term matching after
exact matching
* news-to-metainfo: Recognize the "Contributors" section
* Update our own metainfo file for appstreamcli
* Read descriptions from collection XML correctly again
* search: Make whole-search string matching a lot more strict
* validator: Resolve false-positive when testing remote icon
URL validity
* utils: Improve textwrap if text is just one excessively
long word
* compose: Permit U+00AD SOFT HYPHEN in string values
* Validate our own metainfo file
* compose: Don't assume lowest priority for desktop-entry-only
components
* search: Only replace full words with greylist terms,
not partial ones
* ascli: Take all positional parameters as search terms when
searching
==== Mesa ====
Version update (20.3.5 -> 21.0.2)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- Move osmesa build back to Mesa, which we can now do after
choosing another dummy driver there.
- Use LLVM-versioned libclc runtime dependency to ensure
bitcode compatibility. We have that in Tumbleweed and soon Leap.
- U_clover-Fix-build-with-llvm-12.patch
* Fixes build with LLVM 12.
- U_clover-Add-missing-include-for-llvm-12-build-fix.patch
* Fixes a missing header in the previous patch.
- Mesa-devel: no longer require libOSMesa-devel, since it's now
built in Mesa-drivers; packages should require it directly now,
preferrably via pkconfig(osmesa) ...
- Switch dummy driver for mesa package from "auto" xorg driver (i965) to
gallium swrast driver
- update to 21.0.2
* many additions especially on the Radeon Vulkan (RADV) driver
front where sparse memory support is in place, AMD Smart Access
Memory / Resizable BAR optimizations, various RDNA 2
improvements, rapid packed math for ACO, and more.
Elsewhere in Mesa 21.0 there are continued RadeonSI
optimizations, many Intel ANV and Iris improvements, OpenGL 3.3
for Freedreno, DXGI Winsys was added and initial Direct3D 12
code for WSL, OpenGL 4.1 for Zink, and more.
- moved osmesa build to Mesa-drivers since swrast driver has been
removed from Mesa
- Enable radeon and nouveau drivers on riscv64
==== Mesa-drivers ====
Version update (20.3.5 -> 21.0.2)
Subpackages: Mesa-dri Mesa-gallium
- Move osmesa build back to Mesa, which we can now do after
choosing another dummy driver there.
- Use LLVM-versioned libclc runtime dependency to ensure
bitcode compatibility. We have that in Tumbleweed and soon Leap.
- U_clover-Fix-build-with-llvm-12.patch
* Fixes build with LLVM 12.
- U_clover-Add-missing-include-for-llvm-12-build-fix.patch
* Fixes a missing header in the previous patch.
- Mesa-devel: no longer require libOSMesa-devel, since it's now
built in Mesa-drivers; packages should require it directly now,
preferrably via pkconfig(osmesa) ...
- Switch dummy driver for mesa package from "auto" xorg driver (i965) to
gallium swrast driver
- update to 21.0.2
* many additions especially on the Radeon Vulkan (RADV) driver
front where sparse memory support is in place, AMD Smart Access
Memory / Resizable BAR optimizations, various RDNA 2
improvements, rapid packed math for ACO, and more.
Elsewhere in Mesa 21.0 there are continued RadeonSI
optimizations, many Intel ANV and Iris improvements, OpenGL 3.3
for Freedreno, DXGI Winsys was added and initial Direct3D 12
code for WSL, OpenGL 4.1 for Zink, and more.
- moved osmesa build to Mesa-drivers since swrast driver has been
removed from Mesa
- Enable radeon and nouveau drivers on riscv64
==== NetworkManager ====
Version update (1.30.0 -> 1.30.4)
Subpackages: libnm0 typelib-1_0-NM-1_0
- Update to version 1.30.4:
+ Fix crash evaluating match setting properties (CVE-2021-20297).
+ Fix leak of local route added by NetworkManager for configured
addresses.
+ Fix name of the device autoconnect D-Bus property.
+ Multiple bugfixes in the initrd generator.
+ Various minor bugfixes.
- Update to version 1.30.2:
+ Increase the limit of open file descriptors in
NetworkManager.service.
+ Fix hostname lookup via DNS when resolv.conf is managed by
systemd-resolved.
+ Enable WPA3 for Wi-Fi connections with key_mgmt=WPA-PSK.
+ Fix crash with the IWD Wi-Fi backend.
+ Avoid logging warning when setting bond option
"ad_actor_system=00:00:00:00:00:00".
+ Update SpecificObject D-Bus property of ActiveConnection after
WiFi roaming.
+ Multiple bugfixes in the initrd generator.
+ Various minor bugfixes.
- Drop NM-restore-MAC-on-release-only-when-cloned.patch: fixed
upstream.
- Modified NetworkManager.conf: Use dhclient as the default dhcp
client(bsc#1183202).
- Add nm-dhcp-use-valid-lease-on-timeout.patch: Support valid lease
file on dhcp timeout(glfd#NetworkManager/NetworkManager!811,
bsc#1183202).
- Add NM-restore-MAC-on-release-only-when-cloned.patch: bond:
restore MAC on release only when there is a cloned MAC address
(glfo#NetworkManager/NetworkManager!775, bsc#1183967).
==== PackageKit ====
Subpackages: PackageKit-backend-dnf libpackagekit-glib2-18
- Add PackageKit-cancel-transaction-if-daemon-disappears.patch:
Fix hangs in packagekit-glib2 client if daemon crashes
(gh#hughsie/PackageKit#464).
==== adwaita-icon-theme ====
Version update (3.38.0 -> 40.0)
- Update to version 40.0:
+ No changes compared to 40.rc.
- Update to version 40.rc:
+ Fullcolor emblem contrast.
+ Cursor naming.
+ symbolic: bluetooth-disconneted, power profile icons, night
light and display brightnessn, and contact-new.
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add crypto-policies-mr720.diff to allow reading crypto policies
in abstractions/ssl_certs (boo#1183597)
- replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in
systemd into containers just because apparmor-parser ships a *.service file
==== at-spi2-core ====
Version update (2.38.0 -> 2.40.0)
Subpackages: libatspi0 typelib-1_0-Atspi-2_0
- Update to version 2.40.0:
+ No changes.
- Update to version 2.39.91:
+ Fix a couple of memory leaks.
+ Remove const from AtspiDeviceListenerCB prototype.
- Update to version 2.39.90.1:
+ Fix a crash introduced in 2.39.90, along with a few warnings.
- Update to version 2.39.90:
+ Fix build with X11 disabled.
+ Various fixes for the new device API used for key monitoring
and grabbing.
+ Fixed several memory leaks.
- Update to version 2.39.1:
+ Don't use gdbus-broker if not running under systemd.
+ Unref bus at the end of cleanup.
+ Fix XML interfaces.
+ Use unix sockets instead of abstract sockets.
+ Added a device API to replace the old API for capturing key
grabs. This is needed for toolkits that do not report
keystrokes to atk, such as gtk 4.
==== attica-qt5 ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5Attica5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== avahi ====
Subpackages: libavahi-client3 libavahi-common3 libavahi-core7
- Add avahi-CVE-2021-3468.patch: avoid infinite loop by handling
HUP event in client_work (boo#1184521 CVE-2021-3468).
https://github.com/lathiat/avahi/pull/330
==== baloo5 ====
Version update (5.80.0 -> 5.81.0)
Subpackages: baloo5-imports baloo5-kioslaves libKF5Baloo5 libKF5BalooEngine5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* [SearchStore] Explicitly narrow timestamps for range query
* Add now mandatory args parameter to QProcess::startDetached()
* Port away from deprecated QDateTime(QDate) constructor
* Remove long defunct, xapian based filesearchstoretest
* Remove unused fileinfo.cpp/.h
* [MetadataMover] Update filename terms when moving/renaming file (kde#433116)
* [MetadataMover] Extend renaming test cases
* [MetadataMover] Use categorized logging for all debug statements
* [MetadataMover] Make some temporaries const
* Add trailing commas to enums
==== baloo5-widgets ====
Version update (20.12.3 -> 21.04.0)
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Update to 21.03.90
* New feature release
- No code change since 21.03.80
- Update to 21.03.80
* New feature release
- Changes since 20.12.3:
* TagsFileItemAction: add Menu windowflag
* Tagging fileitemplugin: use parent Widget as menu parent
* Remove unused includes
==== blog ====
Subpackages: libblogger2
- Fix package split done for shared library packaging guideline (bsc#1184479).
==== bluedevil5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* [applet] Fix tooltip showing wrong name for connected device (kde#422691)
==== bluez ====
Version update (5.56 -> 5.58)
Subpackages: libbluetooth3
- update to 5.58:
* Fix issue with usage of deprecated GLib functions.
- version 5.57:
* Fix issue with handling GATT notification PDU parsing.
* Fix issue with registering DIS without a valid source.
* Fix issue with removing remote SEPs when loading from cache.
- remove upstreamed
bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch
- add bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch
Fix Bluetooth headphones disconnect periodically(bsc#1183821)
==== bluez-qt ====
Version update (5.80.0 -> 5.81.0)
Subpackages: bluez-qt-imports bluez-qt-udev libKF5BluezQt6
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Fix unity compile support
* Port GattManager and MediaTransport away from QDBusInterface
==== breeze ====
Version update (5.21.3 -> 5.21.4)
Subpackages: breeze5-cursors breeze5-decoration breeze5-style breeze5-wallpapers libbreezecommon5-5
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== breeze5-icons ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Add a few symlinks for "configure" and "help-donate" (kde#435150)
* Add KMyMoney Pie-Chart Icon
* Link svn-* icons to new vcs-* icons
* Add vcs-* icons for Kate
* Also check for lxml.etree
* Make lock icon filled status consistent (kde#244542)
* Remove 22 brightness icons in 16 size folder
* Fix location of brightness icons
* Add high-brightness and low-brightness icons
==== cheese ====
Subpackages: libcheese-common libcheese-gtk25 libcheese8
- Add 7cf6268e54620bbbe5e6e61800c50fb0cb4bea57.patch: Fix build
with new vala.
==== cifs-utils ====
- cifs.upcall: fix regression in kerberos mount; (bsc#1184815).
* add 0001-cifs.upcall-fix-regression-in-kerberos-mount.patch
- CVE-2021-20208: cifs-utils: cifs.upcall kerberos auth leak in
container; (bsc#1183239); CVE-2021-20208.
* add 0001-cifs.upcall-try-to-use-container-ipc-uts-net-pid-mnt.patch
==== cloud-init ====
- Add cloud-init-bonding-opts.patch (bsc#1184085)
+ Write proper bonding option configuration for SLE/openSUSE
- Fix application and inclusion of
use_arroba_to_include_sudoers_directory-bsc_1181283.patchfix (bsc#1181283)
==== cni-plugins ====
Version update (0.9.0 -> 0.9.1)
- Update to version 0.9.1:
* ipam/dhcp: Add broadcast flag
* add flannel to support dual stack ip
* bandwidth: fix panic in tests
* host-device: Add support for DPDK device
* [main/vlan] Fix error handling for delegate IPAM plugin
* dhcp: default dhcp clien timeout is 10s
* vlan: fix error message text by removing ptp references
* dhcp: daemon dhcp client timeout is configurable
* dhcp: timeout value is set in DHCP daemon
* remove unused function
* deps: go mod tidy coreos/go-iptables
* deps: bump coreos/go-iptables
==== conmon ====
Version update (2.0.26 -> 2.0.27)
- Update to version 2.0.27:
* bump to v2.0.27
* Add CRI-O integration test GitHub action
* exec: don't fail on EBADFD
* close_fds: fix close of external fds
* Add arm64 static build binary
* bump to v2.0.27-dev
==== container-selinux ====
Version update (2.158.0 -> 2.160.1)
- Fix container runtime binary labels (bsc#1185030). You need to
relable at least /usr/sbin if you're affected
==== containers-systemd ====
Version update (0.0+git20210318.fea98a6 -> 0.0+git20210407.9384691)
- Update to version 0.0+git20210407.9384691:
* Add service for wsdd
==== cups ====
Version update (2.3.3 -> 2.3.3op2)
Subpackages: cups-client cups-config libcups2 libcupsimage2
- upstream_pull_174.patch is
https://github.com/OpenPrinting/cups/pull/174
"Use 60s timeout for read_thread, revert read limits"
to fix printing with older USB printers
- New upstream URL https://openprinting.github.io/cups
- Disable testsuite for now via "bcond_with testsuite"
until https://github.com/OpenPrinting/cups/issues/155 is fixed
- Add "testsuite" conditional that disables anything within %check
==== cups-filters ====
- fix_upstream_issue348.patch fixes
https://github.com/OpenPrinting/cups-filters/issues/348
foomatic-rip segfaults with 'job-sheets=none,none'
but works with 'job-sheets=none'
(bsc#1182893)
==== curl ====
Version update (7.75.0 -> 7.76.1)
Subpackages: libcurl4
- update to 7.76.1:
- ngtcp2: Use ALPN h3-29 for now
- TODO: remove 18.22 --fail-with-body
- Update to 7.76.0
* Security fixes:
- [bsc#1183933, CVE-2021-22876]: strip credentials from the
auto-referer header field
- [bsc#1183934, CVE-2021-22890]: add 'isproxy' argument to
Curl_ssl_get/addsessionid()
* Changes:
- cookies: Support multiple -b parameters
- curl: add --fail-with-body
- doh: add options to disable ssl verification
- http: add support to read and store the referrer header
- sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
- vtls: initial implementation of rustls backend
* Bugfixes:
- CVE-2021-22876: strip credentials from the auto-referer header field
- CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid()
- c-hyper: support automatic content-encoding
- configure: only add OpenSSL paths if they are defined
- configure: provide Largefile feature for curl-config
- curl: set CURLOPT_NEW_FILE_PERMS if requested
- doh: Fix sharing user's resolve list with DOH handles
- doh: Inherit CURLOPT_STDERR from user's easy handle
- dynbuf: bump the max HTTP request to 1MB
- ftp: add 'list_only' to the transfer state struct
- ftp: add 'prefer_ascii' to the transfer state struct
- ftp: allow SIZE to fail when doing (resumed) upload
- ftp: avoid SIZE when asking for a TYPE A file
- ftp: fix memory leak in ftp_done
- ftp: never set data->set.ftp_append outside setopt
- gnutls: assume nettle crypto support
- http2: don't set KEEP_SEND when there's no more data to be sent
- http2: fail if connection terminated without END_STREAM
- http: do not add a referrer header with empty value
- http: strip default port from URL sent to proxy
- http: use credentials from transfer, not connection
- lib: remove 'conn->data' completely
- multi: close the connection when h2=>h1 downgrading
- multi: do once-per-transfer inits in before_perform in DID state
- multi: rename the multi transfer states
- multi: update pending list when removing handle
- ngtcp2: adapt to the new recv_datagram callback
- ngtcp2: clarify calculation precedence
- ngtcp2: sync with recent API updates
- openssl: adapt to v3's new const for a few API calls
- openssl: ensure to check SSL_CTX_set_alpn_protos return values
- openssl: remove get_ssl_version_txt in favor of SSL_get_version
- parse_proxy: fix a memory leak in the OOM path
- url: fix memory leak if OOM in the HSTS handling
- url: fix possible use-after-free in default protocol
- urldata: don't touch data->set.httpversion at run-time
- urldata: merge "struct DynamicStatic" into "struct UrlState"
- urldata: remove the 'rtspversion' field
- urldata: remove the _ORIG suffix from string names
- wolfssl: don't store a NULL sessionid
==== dbus-1 ====
Subpackages: libdbus-1-3
- avoid listing cmake directory - owned by cmake package
==== dconf ====
Version update (0.38.0 -> 0.40.0)
Subpackages: gsettings-backend-dconf libdconf1
- Update to version 0.40.0:
+ common: Add missing G_BEGIN/END_DECLS to allow use of headers
from C++ code.
- Update to version 0.39.1:
+ Build:
- Improve libdconf visible symbols.
- Minor fixes to bash completion script.
+ Engine: do not emit optimistic change notifications unless the
local value is different.
+ service: add a systemd unit for D-Bus activation.
==== discover ====
Version update (5.21.3 -> 5.21.4)
Subpackages: discover-backend-flatpak discover-backend-packagekit discover-notifier
- Add patch to fix build with glib >= 2.68.0:
* 0001-Only-wrap-flatpak.h-includes-in-extern-C-with-older-.patch
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== dnf ====
Version update (4.6.1 -> 4.7.0)
- Update to version 4.7.0
+ Improve repo config path ordering to fix a comps merging issue (rh#1928181)
+ Keep reason when package is removed (rh#1921063)
+ Improve mechanism for application of security filters (rh#1918475)
+ [doc] Add description for new API
+ [API] Add new method for reset of security filters
+ [doc] Improve documentation for Hotfix repositories
+ [doc] fix: "makecache" command downloads only enabled repositories
+ Use libdnf.utils.checksum_{check,value}
+ [doc] Add info that maximum parallel downloads is 20
+ Increase loglevel in case of invalid config options
+ [doc] installonly_limit documentation follows behavior
+ Prevent traceback (catch ValueError) if pkg is from cmdline
+ Add documentation for config option sslverifystatus (rh#1814383)
+ Check for specific key string when verifing signatures (rh#1915990)
+ Use rpmkeys binary to verify package signature (rh#1915990)
+ Bugs fixed (rh#1916783)
+ Preserve file mode during log rotation (rh#1910084)
==== dolphin ====
Version update (20.12.3 -> 21.04.0)
Subpackages: dolphin-part libdolphinvcs5
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Stop owning directories provided by the filesystem package (boo#1184786)
- Update to 21.03.90
* New feature release
- Changes since 21.03.80:
* KFileItemModel: DetailsModeSettings::directorySizeCount forces m_sortDirsFirst
* appstream: fix homepage url
* Fix crash calling openDirectories() in various cases
* Don't re-open already-open URLs when using session-restore feature (kde#434911)
- Update to 21.03.80
* New feature release
- Too many changes to list here.
- Drop 0001-Update-cached-viewContainer-geometry-every-time-they.patch
==== dracut ====
Version update (053+suse.90.gb89b6347 -> 053+suse.93.g039ac07d)
Subpackages: dracut-ima
- Update to version 053+suse.93.g039ac07d:
* fix(kernel-modules): optionally add /usr/lib/modules.d to initramfs
- Update to version 053+suse.91.g4a0bdda1:
* fix(kernel-modules): optionally add /usr/lib/modules.d to initramfs (bsc#1180822)
==== drkonqi5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== ell ====
Version update (0.38 -> 0.39)
- update to 0.39:
* Add support for serialized test execution framework
==== evolution-data-server ====
Version update (3.38.4 -> 3.40.0)
Subpackages: libcamel-1_2-62 libebackend-1_2-10 libebook-1_2-20 libebook-contacts-1_2-3 libecal-2_0-1 libedata-book-1_2-26 libedata-cal-2_0-1
- Update to version 3.40.0:
+ Updated translations.
- Update to version 3.39.3:
+ ESoupAuthBearer: Shorten the token expiry time by 4 more
seconds.
+ ESoupSession: Refresh Bearer auth token during request
redirect.
+ MetaBackend tests: Relax a runtime requirement.
+ Calendar: Add functions to clamp a VTIMEZONE component.
+ e_cal_client_get_component_as_string: Clamp the VTIMEZONE
component.
+ test-cal-utils: Add test to clamp a VTIMEZONE by a future time.
+ Calendar: Make few improvements in the Weather backend.
+ camel-debug: Copy cached backtrace symbol strings.
+ camel-gpg-context: Add some debug prints.
+ [IMAPx] Cancel authentication request when failed to get the
SASL response.
+ EBookMetaBackend: Add 'backend_module_directory' property into
the class.
+ Allow to load modules from custom prefixes.
+ reminder-watcher: Process "Dismiss All" requests in the
background.
+ Allocate large-enough buffer for g_base64_decode_step().
+ CamelSpoolStore: Use cache for often accessed data.
+ alarm-notify: Default notify-past-events to false plus few
related fixes.
+ e-book-backend-file: Fix busy loop when modifying multiple
contacts at once.
+ Use SHA256 instead of SHA1 where appropriate.
+ Fix integer overflow on 32-bit architectures.
+ Fix a memory leak in camel_util_get_directory_variants().
+ Updated translations.
- Drop evolution-data-server-boo1182882.patch: fixed upstream.
==== expat ====
Version update (2.2.10 -> 2.3.0)
- Do not BuildRequire cmake: expat is part of the distro bootstrap
cycle and any additional dependency makes the ring larger. In
this case here, cmake was even only used to own a directory.
- update to 2.3.0:
* When calling XML_ParseBuffer without a prior successful call to
XML_GetBuffer as a user, no longer trigger undefined behavior
(by adding an integer to a NULL pointer) but rather return
XML_STATUS_ERROR and set the error code to (new) code
XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer)
of Clang 11 (but not Clang 9).
* xmlwf: Exit status 2 was used for both:
- malformed input files (documented) and
- invalid command-line arguments (undocumented).
case of invalid command-line arguments now
has its own exit status 4, resolving the ambiguity.
* Other changes
==== file ====
Version update (5.39 -> 5.40)
Subpackages: file-magic libmagic1
- Add patch file-5.40-ascii.patch
* fix regressions on dection of smaller ASCII files (boo#1184899)
- Add upstream comitts as patches
* file-5.40-9b0459af.patch
put attributes inside the xz magic. (boo#1184888, boo#1184891)
* file-5.40-749e1ecf.patch
If the file is less than 3 bytes, use the file length to determine type
* file-5.40-f0601504.patch
Fix regression after unsigned/signed printing changes
* file-5.40-f7705dca.patch
fix previous (cast >>)
* file-5.40-3096f87f.patch
Correct return values to exptexted
* file-5.40-4c5fe1ad.patch
Add missing parens
- Port patch
* file-5.28-btrfs-image.dif
due patch file-5.40-f0601504.patch
- Add upstream commits as patches
* file-5.40-1c677c04.patch
Don't count each byte encounter as 1, count the total number
of bytes found (Anatol Belski). This makes it behave like 5.39
* file-5.40-6b34436a.patch
remove "u" from the pattern (Joerg Jenderek)
* file-5.40-9e2becec.patch
Encoding bug fix
- Fix offsets of patches
* file-5.17-option.dif
* file-5.19-biorad.dif
* file-5.19-printf.dif
* file-5.19-zip2.0.dif
* file-5.22-elf.dif
* file-5.23-endian.patch
* file-5.28-btrfs-image.dif
* file-5.38-allow-readlinkat.dif
* file-secure_getenv.patch
- update to 5.40:
* Add limit to the number of bytes to scan for encoding
* Fix /T (trim flag) for regex
* Trim trailing separator.
* Convert system read errors from corrupt ELF
files into human readable error messages
* Exclude surrogate pairs from utf-8 detection
- drop upstreamed patches:
* file-5.16-ocloexec.patch
* file-5.39-alternate_format.dif
==== filesystem ====
- also fix /var/lib/empty to be readonly
- make bindir/ _lib and _libdir readonly (mode 0555) to avoid
runpath-to-writeable-directory warning
==== findutils ====
- Use new Group Release Keyring
==== frameworkintegration ====
Version update (5.80.0 -> 5.81.0)
Subpackages: frameworkintegration-plugin libKF5Style5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== fuse3 ====
Version update (3.10.2 -> 3.10.3)
- Update to release 3.10.3
* Fix returning d_ino and d_type from readdir(3) in non-plus mode
==== fwupd ====
Version update (1.5.7 -> 1.5.8)
Subpackages: libfwupd2 libfwupdplugin1 typelib-1_0-Fwupd-2_0
- Remove valgrind from BuildRequires since it's not a hard
requirement anymore. (bsc#1184248)
- Update to version 1.5.8:
New features:
* Add a new internal flag to opt-in to GUID matching
* Add D501 Baklava device support
* Add fu_device_set_battery_level()
* Add missing uint64 read and write helpers
* Add Qubes wrapper source and create packages
* Allow enabling plugins only matching a specific HwId
* Prompt for unlock keypress if reset command is blocked
* Remove obsolete dell-dock non-passive update flow support
* Remove the Hughski public key
* Show a warning when parsing invalid quirk files
* Support for GATT characteristic signals/notifications
* Support more than one protocol for a given device
Fixes:
* Align the CCGX DMC firmware to 64 byte chunks
* Be more strict for custom quirk keys
* Check pixart firmware compatibility with hardware before
flashing
* Correct a thunderbolt assertion if kernel failed FW read
* Correctly erase STM32 devices when transfer size is less
than sector size
* Detect SREC overflow to avoid adding ~4GB of 0xFF padding
* Do not show a critical error when flashing footer-less
binary files
* Don't allow device updates while needing activation
* Fix a regression in the elantp defined IAP start address
* Fix a regression where activate stopped working
* Fix firmware update of pointing device on Lenovo ThinkPad
Nano
* Fix the HSI plugin 'Disabled' state
* Fix the quirk key name for the Lenovo HDMI with power
* Fix writing to the GD32VF103 bootloader
* Only call elantp->detach() when writing a firmware blob
* Updated StarLabs GUIDs
* Wait a few ms for the Logitech hardware to settle after
detach
- Remove GPG-KEY-Hughski-Limited from the filelist
- Drop upstreamed patch
+ fwupd-bsc1182057-fix-sbat-section-copy.patch
==== gcc10 ====
Version update (10.2.1+git1574 -> 10.3.0+git1587)
- Update to GCC 10.3.0 release (63fa67847628e5f358e7e2e7e), git1587
- Disable nvptx offloading for aarch64 again since it doesn't work
==== gcr ====
Version update (3.38.1 -> 3.40.0)
Subpackages: gcr-data gcr-prompter gcr-ssh-askpass libgck-1-0 libgcr-3-1 typelib-1_0-Gck-1 typelib-1_0-Gcr-3
- Update to version 3.40.0:
+ FEATURE: add hkps://keys.openpgp.org to keyserver defaults.
+ gcr/key-mechanism: Port to GTask.
+ GckCall: Simplify the code by using GTask based implementation.
+ Updated translations.
- Make use of the new gpg_path meson option by passing
%{_bindir}/gpg2 as value to it: We know that openSUSE installs
gpg2 to this path. Allows to drop gpg2 BuildRequires.
- Drop pkgconfig(gtk+-x11-3.0) BuildRequires: no longer needed.
==== gd ====
Version update (2.3.0 -> 2.3.2)
- Enable AVIF support
- update to 2.3.2:
* gif: allow decodin when both Global and Local Colormaps (#494)
* avif: Support for AVIF images via libavif (#557)
* heif: Support for HEIF/AVIF images via libheif (#395) (#557)
* webp: Drop ../deps/ search when building with cmake
* Windows: Remove unused snprintf fallback
- update to 2.3.1:
- Fix potential integer overflow detected by oss-fuzz
- Fix #615 using libraqm
- Fix #303: gdlib.pc: use Requires instead of Libs (#537)
- Fixed #472: Adjusting CMakeLists.txt (#582)
- Fix #615: gdImageStringFT() fails for empty strings as of libgd 2.3.0 (#633)
- Fix typo but preserve BC
- Compute average in gdGuessBackgroundColorFromCorners properly (#483)
- CMakeLists.txt: zlib is enabled implicitly
- src/config.h.cmake: replace #cmakedefine01 with #define in macro ENABLE_GD_FOORMATS (#622)
- gdlib.pc: use prefixes for pkgconfig file
- cmake: remove required host includes (#617)
- Move initial declaration out of `for` loop
- distribute getlib script
- Make gd_nnquant.c less likely to introduce duplicate definitions (#601)
- webp: support pkg-config file
- gd_io: replace internal Putchar with gdPutC
- gd_io: trim unused Putword function
==== gdk-pixbuf ====
Version update (2.42.2 -> 2.42.6)
Subpackages: gdk-pixbuf-query-loaders gdk-pixbuf-thumbnailer libgdk_pixbuf-2_0-0 typelib-1_0-GdkPixbuf-2_0
- Update to stable 2.42.6
+ Yield gtk_doc option value in subprojects
+ Always initialise locale on thumbnailer startup
+ Add fallback subproject for libjpeg
+ Use type:array for the builtin_loaders option
+ Default to using builtin png and jpeg loaders
- Disable building of docs: creates a cycle with python:
+ Drop python3-gi-docgen BuildRequires.
+ Pass gtk_doc=false to meson
- Update to version 2.42.4:
+ Make enum type registration thread safe.
+ Do not install skipped test files.
+ Fix GIF initialization.
+ Always run GIF loader tests.
+ Fix leaks discovered via ASan.
+ Expose GdkPixbufLoader API via introspection.
+ Fix revert-to-previous first frame behaviour for GIF files.
+ Link to libintl if needed.
+ Improve support for using gdk-pixbuf as a subproject.
+ Fix build with GModule disabled.
+ Use gi-docgen to generate the API reference from introspection
data.
- Replace gtk-doc BuildRequires with python3-gi-docgen: follow
upstreams port.
- As a workaround to
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/177, delete
the installed gi-docgen program files.
==== giflib ====
- prep section should just extract and patch,
further modifications have to be done in the build section
- Added patch:
* PIE.patch
+ build path independent objects
==== gjs ====
Version update (1.66.2 -> 1.68.0)
Subpackages: libgjs0 typelib-1_0-GjsPrivate-1_0
- Update to version 1.68.0:
+ 40.rc session crashes in gjs on unlocking (sometimes).
+ 40.rc: installed-tests installed despite explicitly disabled.
- Drop 589.patch: fixed uptream.
- Re-enable test suite:
+ Enable %check section and run %meson_test
+ As the test suite also runs some graphical application, run
Xvfb before, so we have an X server available.
+ Add xorg-x11-server-Xvfb BuildRequires
- Update to version 1.67.3:
+ Closed bugs and merge requests:
- System.exit() doesn't work inside signal handler.
- GdkEvent subtypes trigger assert in Gtk4.
- 1.67.2: build fails with gcc 11.
- Warnings introspecting array of boxed type as signal
argument.
- Add list command to debugger.
- Assertion failure in enqueuePromiseJob.
- in interpreter Ctrl-c should exit inner shell if stuck.
- Compiler ambiguity in enum-utils.h on operator overloading.
- Fix GJS_DISABLE_JIT not fully disabling JIT.
- 1.67.2: Regress test hangs / timeouts on i686.
- object: Do not call any function on disposed GObject
pointers.
- Add 589.patch: Do not wrongly install files for installed_tests
if explicitly disabled.
- Update to version 1.67.2:
+ Importing ES modules is now supported.
+ The debugger now has a "list" command which works very
similarly to its GDB equivalent.
+ New API: GObject.ParamSpec.jsobject() works like the other
GObject.ParamSpec types.
+ New API: System.programPath is the name of the JS program that
GJS is running.
+ New API: System.programArgs is an array of arguments given to
the JS program.
- Update to version 1.67.1:
+ The debugger now has a "backtrace full" command which works
very similarly to its GDB equivalent.
+ The GObject.ParamFlags.CONSTRUCT_ONLY flag is now correctly
enforced, when using it on GObject classes defined in
JavaScript. This might break code that was incorrectly trying
to set a property that it had previously defined as
construct-only. The workaround is to remove the CONSTRUCT_ONLY
flag.
+ Fixed exception when calling GObject.Type().
+ Several performance improvements.
+ Progress on ES Modules.
+ Various refactors for type safety.
+ Various maintenance.
==== glib-networking ====
Version update (2.66.0 -> 2.68.0)
- Update to version 2.68.0:
+ Fix double free in GnuTLS client certificate request code.
- Update to version 2.68.rc:
+ Improve heuristic for returning
G_TLS_ERROR_CERTIFICATE_REQUIRED.
+ Fix check for certain handshake failure conditions.
- Update to version 2.68.alpha:
+ Download and validate missing intermediate certificates
(requires GnuTLS 3.7).
+ OpenSSL backend now uses system crypto policy.
+ Remove use of g_assert in testsuite.
+ Restore support for old versions of OpenSSL.
+ Implement TLS channel bindings API.
+ Implement PKCS#11 API.
+ Update testsuite for Fedora 33 crypto policy.
+ Fix NULL dereference in g_tls_connection_base_read_message.
+ Fix a couple code issues found by Coverity.
==== glib2 ====
Version update (2.66.7 -> 2.68.1)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0
- Update to version 2.68.1:
+ Fix a crash in `GKeyFile` when parsing a file which contains
translations using a `GKeyFile` instance which has loaded
another file previously.
+ Pin GIO DLL in memory on Windows.
+ Updated translations.
- Update to version 2.68.0:
+ Bugs fixed:
- build: Drop gconstructor_as_data_h usage from
glib-compile-schemas.
- glib.supp: Generalize some suppressions.
- gbytesicon: Fix error in g_bytes_icon_new() documentation.
- glocalfileoutputstream: Tidy up error handling.
- tests: Fix copy/paste error in queue test.
- Update to version 2.67.6:
+ Fix a security issue when using `g_file_replace()` with
`G_FILE_CREATE_REPLACE_DESTINATION`.
+ Disallow operations on the empty path with
`g_file_new_from_path()`.
+ Various fixes for GLib when building with clang-cl on Windows.
+ Updated translations.
- Update to version 2.67.5:
+ Fix more issues with `glib_typeof` macro from 2.67.3?2.67.4.
+ Fix regression with some FD mappings passed to
`g_subprocess_launcher_spawnv()` caused by changes for #2097 in
GLib 2.67.4.
+ Fix detection of `str[n]casecmp()` when building with
`clang-cl`.
+ Use zlib from subproject if configured with
`wrap_mode=forcefallback`.
+ Updated translations.
- Update to version 2.67.4:
+ Add a `g_string_replace()` function.
+ Add `G_DBUS_SERVER_FLAGS_AUTHENTICATION_REQUIRE_SAME_USER` flag
to simplify the common case for writing a D-Bus authentication
observer, allowing most uses of `GDBusAuthObserver` to be
dropped.
+ Add a new `g_spawn_with_pipes_and_fds()` variant which supports
renumbering FDs.
+ Add new g_memdup2() API to replace g_memdup(), which is
vulnerable to a silent integer truncation and heap overflow
problem if not used carefully.
+ Fix various regressions caused by rushed security fixes in
2.66.6.
+ Fix a silent integer truncation when calling
g_byte_array_new_take() for byte arrays bigger than G_MAXUINT.
+ Fix `g_utf8_strdown()` to fix some issues in Turkish.
+ Updated translations.
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- Enable support for static PIE (bsc#1184646)
- select-modify-timeout.patch: linux: always update select timeout
(bsc#1184339, BZ #27706)
- Don't remove -f[asynchronous-]unwind-tables during configure run, no
longer needed
==== gmp ====
- Compute FIPS hmac for libgmp.so.10 [bsc#1184555]
- do not break SLE 12 build when applying spec-cleaner
==== gnome-autoar ====
Version update (0.3.0 -> 0.3.1)
- Update to version 0.3.1:
+ Disallow symlinks in parents completely when extracting
( CVE-2021-28650 )
+ Drop recursive delete on failure to prevent data loss
+ Add back RAR support
==== gnome-bluetooth ====
Version update (3.34.3 -> 3.34.5)
Subpackages: libgnome-bluetooth13 typelib-1_0-GnomeBluetooth-1_0
- Update to version 3.34.5:
+ Fix unwanted soname change.
- Changes from version 3.34.4:
+ Use device alias instead of device name in Settings UI, and
don't show devices without a name.
+ Avoid new devices jumping around in the Settings list.
+ Fix a warning and a hang when opening the Bluetooth Settings.
+ Fix a possible hang when switching away from the Bluetooth
Settings.
+ Make the "Cancel" button work when pairing keyboards.
+ Remove joypad quirks in favour of BlueZ autopair ones.
+ Remove a number of deprecated calls.
==== gnome-control-center ====
Version update (3.38.4 -> 40.0)
Subpackages: gnome-control-center-goa
- Rebased gnome-control-center-info-never-use-gnome-software.patch,
gnome-control-center-more-power-button-actions.patch and
gnome-control-center-bring-back-firewall-zone.patch(bsc#1184098).
- Update to version 40.0:
+ Updated translations.
- Update to version 40.rc:
+ Location: Wrap label to fit smaller window sizes.
+ Mouse & Touchpad: Allow horizontal scrolling in test page.
+ Network: Fix creation of the netmask widget.
+ Various fixes to the language chooser.
+ Updated translations.
- Update to version 40.beta:
+ Various improvements to fingerprint management.
+ Show hardware model and vendor in the About panel.
+ New Keyboard panel design.
+ New power mode selector in the Power panel.
+ About:
- Show hardware model and vendor.
- Use os-release to search for the OS logo.
+ Accessibility: Major code cleanup.
+ Display: Try harder to select a good and working scale.
+ Keyboard: Handle input sources.
+ Power:
- Rearrange battery code to a new widget.
- Add a new "Power Mode" section.
+ Sharing: Also disable Traker3.
+ Sound: Update mute button icon when volume changes.
+ User Accounts
- Fix free of constant string
- Use properly translated fingerprint strings
- Improve transition to parental controls window
- Many improvements to fingerprint management
+ Updated translations.
- Drop control-center-complete-SAE-support.patch: fixed upstreaam.
==== gnome-desktop ====
Version update (3.38.4 -> 40.0)
Subpackages: gnome-version libgnome-desktop-3-19 libgnome-desktop-3_0-common typelib-1_0-GnomeDesktop-3_0
- Drop baselibs.conf: no longer build -32bit package. There is no
consumer left.
- Update to version 40.0:
+ No changes.
- Update to version 40.rc:
+ bg-slide-show: Always parse date/time integers in base 10.
+ Thumbnail:
- Fix thumbnailing of CBZ with UTF-8 filenames.
- Fix non-working thumbnailer in Flatpak.
+ Updated translations.
- Update to version 40.beta:
+ xkbinfo: Update iso639Ids but not iso3166Ids correctly in
evdev.
+ Updated translations.
==== gnome-keyring ====
Version update (3.36.0 -> 40.0)
Subpackages: gnome-keyring-pam libgck-modules-gnome-keyring
- Update to version 40.0:
+ Update libcap-ng capability handling.
+ UPdated translations.
==== gnome-online-accounts ====
Version update (3.38.0 -> 3.40.0)
Subpackages: libgoa-1_0-0 libgoa-backend-1_0-1
- Update to version 3.40.0:
+ No changes.
- Update to version 3.39.92:
+ Last.fm is enabled by default.
+ Bugs fixed:
- web-extension-main: Remove unnecessary and unused entry
point.
- kerberos-identity: Handle information-only prompts when
signing in.
- client: Mention that goa_client_get_manager might return
NULL.
+ Updated translations.
==== gnome-session ====
Version update (3.38.0 -> 40.0)
Subpackages: gnome-session-core gnome-session-default-session gnome-session-wayland
- Add gnome-session-avoid-blocking-when-connecting-dbus.patch: Fix
the login delay, avoid the blocking when connecting to
ScreenSaver dbus(bsc#1184698 glgo#GNOME/gnome-session#88).
- Update to version 40.0:
+ util: Remove undesired variables from activation environment.
- Update to version 40.beta:
+ gnome-session: GNOME session will now only block sleep for
suspend inhibitors and will block shutdown if a logout
inhibitor is active. Previously a suspend inhibitor would
prevent both sleep and logout. As such, applications may need
to be updated and grab both a logout and suspend inhibitor.
+ data: Fix indirect conflict with exit.target via app.slice
+ data: Re-add OnFailure= to .target units
+ util: Disable capturing of subpatterns
+ util: Only accept common space characters
+ Stop dbus-daemon instead of restarting it
+ Updated translations.
==== gnome-settings-daemon ====
Version update (3.38.1 -> 40.0.1)
- Update to version 40.0.1:
+ rfkill: Fix reading /dev/rfkill on newer kernels.
- Update to version 40.0:
+ No changes since version 40.rc.
- Update to version 40.rc:
+ Xsettings: Go back to loading gtk modules from
lib/gnome-settings-daemon-3.0.
+ Test framework improvements
+ Updated translations.
- Update to version 40.beta:
+ Power: Close idleness notifications before suspending.
+ Media-keys:
- Fix compiler warning.
- Remove screenshot sound feedback, performed by GNOME Shell.
+ Xsettings: Use Restart=on-failure like other plugins.
+ Updated translations.
- Update to version 40.alpha.1:
+ Use pathless "false" on dummy desktop files.
+ Auto-start screen saver service.
+ Datetime: Make use of new gweather API.
+ Xsettings:
- Fix mouse schema location.
- Fix updates after font settings changes.
+ Updated translations.
- Update to version 40.alpha:
+ Housekeeping: Fix crash when atime is not present.
+ Power:
- Avoid automatic logout in GDM/greeter.
- Do not warn more than once per warning level for devices.
+ USB-protection: Do not warn about ServiceUnknown errors for
USBGuard.
+ Datetime: Query GWeather DB on the fly instead of caching.
+ Color:
- Use the windowing system color transform matrix if available.
- Consider night-light active when disabled until tomorrow.
+ Xsettings:
- Use font aa/hinting/rgba-order from
gsettings-desktop-schemas.
- Use mouse drag-threshold/double-click from
gsettings-desktop-schemas.
+ Updated translations.
==== gnome-shell ====
Version update (3.38.3 -> 40.0)
Subpackages: gnome-shell-calendar
- Rebase patches, the following patches are rebased to version
40.0:
+ gnome-shell-domain.patch
+ gnome-shell-gdm-login-applet.patch
+ gnome-shell-jscSLE9267-Remove-sessionList-of-endSessionDialog.patch
+ gnome-shell-lock-bg-on-primary.patch
+ gnome-shell-screen-disappear.patch
+ gs-fate318433-prevent-same-account-multi-logins.patch
- Drop 2 patches, lock screen redesigned in version 3.36 or later:
+ gnome-shell-864872-unlock-by-mouse-motion.patch
+ gnome-shell-1007468-lock-screen-SUSE-logo-missing.patch
(bsc#1184102).
- Update
gnome-shell-jsc#SLE-16051-Input-method-recommendation.patch:
fix (boo#1183823).
- Update to version 40.0:
+ Updated translations.
==== gnome-shell-extension-desktop-icons ====
Version update (20.04.0 -> 20.10.0)
- Add desktop-icon-gnome-40.patch: Declare compatible to GNOME 40.
- Update to version 20.10.0:
* Support for Gnome Shell 3.38 and new dialog APIs.
* Fix dragging several files.
* Allocate draggable actor before starting the drag.
* Fix for the native switcheroo controller.
* Avoid scheduling multiple layoutChildren idlers and other
fixes.
* Templates support.
* Preview files with spacebar.
* Allow to launch programs with the discrete GPU.
* Show mounted devices.
* Set home folder label to localized "Home".
- Drop
gnome-shell-extension-desktop-icons-add-mount-disk-icon.patch:
Fixed upstream.
==== gnome-shell-extensions ====
Version update (3.38.2 -> 40.0)
- Have gnome-shell-classic obsolete gnome-shell-classic-session,
since gnome-shell-classic-session is no longer used.
- Remove gnome-shell-classic-session package: From the upstream
commit 9a78c7e4, the gnome-classic.session was not used anymore,
we can remove gnome-shell-classic-session package now
(bsc#1184933).
- Adapt sle-classic to version 40.0
+ Update gse-sle-classic-ext.patch
+ Update sle-classic(a)suse.com.tar.gz
- Update to version 40.0:
+ Updated translations.
- Move user-theme schema file to user-theme package.
- Update to version 40.rc:
+ native-window-placement: Adjust to gnome-shell changes.
+ windows-navigator: Adjust to gnome-shell changes.
+ window-list, workspace-indicator: Only show previews for up to
six workspaces.
+ window-list, workspace-indicator: Improve workspace preview
appearance.
+ Updated translations.
- Update to version 40.beta:
+ Add tooltips to workspace thumbnails.
+ Drop arrows from top bar menus.
+ drive-menu: Mark mounts that can be unmounted as removable.
+ Remove horizontal-workspaces extension.
+ Adjust to shell overview changes.
+ Fix crashes.
+ Misc. bug fixes and cleanups.
+ Updated translations.
- Update to version 40.alpha.1:
+ Don't depend on sassc when building from tarball.
+ Port extensions preferences to GTK4.
+ Misc. bug fixes and cleanups.
==== gnome-software ====
Version update (3.38.1 -> 40.0)
- Update to version 40.0:
+ Fix handling of invalid or incomplete application icons.
+ Fix the plugin documentation to reflect reality.
+ Fix the Snap plugin to actually load icons.
+ Set download size to 0 after the package is downloaded.
+ Updated translations.
- Update to version 40.rc:
+ Implement new featured apps carousel.
+ List of Flatpak repositories is updated when changed using the
Flatpak command line tool.
+ The loading page now shows the full color icon instead of the
symbolic one.
+ Show release date in version history for releases that use the
'date' attribute.
+ Improved icon handling, including with hiDPI screens.
+ Fixed a bug in remembering when update notifications were
shown.
+ Build as a dynamic rather than a static library, and rearrange
installation paths.
+ Updated translations.
- Bump gs_plugin_api from 14 to 16, following upstream.
- Rebase gnome-software-no-static-lib.patch.
- Update to version 40.beta:
+ GNOME Software now uses libappstream instead of
libappstream-glib to work with appstream data which provides
information about apps and other components.
* App details pages show version history information when it's
available.
* The loading page now shows the full color icon instead of the
symbolic one.
* UI elements for displaying app add-ons have been tweaked to
more closely match the designs.
* Installed icons and the badge showing the number of updates
available were changed back to blue from green.
* The dropdown showing the available sources of an application
includes the packaging format (e.g. Flatpak vs RPM).
* A bug was fixed that prevented installation of .flatpakref
files
+ Updated translations.
- Replace pkgconfig(appstream-glib) BuildRequires with
pkgconfig(appstream): follow upstreams changes.
==== gnome-system-monitor ====
Version update (3.38.0 -> 40.0)
- Add ba93af5b3e429db5a9c4dd7e2d06b800735a9071.patch: Dropped
non-gnome workaround causing crash (boo#1185340).
- Update to version 40.0:
+ Updated translations.
- Update to version 40.rc:
+ Updated view switcher and preferences.
+ Fixed out of bounds error.
+ Use correct x-axis labels.
+ Fixed compilation warnings.
+ Updated translations.
- Add pkgconfig(libhandy-1) BuildRequires: new dependency.
- Update to version 40.beta:
+ Fixed load-graph update interval.
+ Added logarithmic scale option in preferences.
+ Updated translations.
- Update to version 40.alpha:
+ Use random colors for cores.
+ Enable tabular fonts for tables.
+ Added memory maps and process priority help page.
+ Use two decimals precision for CPU usage.
+ Freeze process table while showing the process kill dialog.
+ Updated development setup documentation.
+ Added CPU affinity feature.
+ Added command-line help for GTK options.
+ Allow disable smooth drawing for network and memory charts.
+ Allow configuration of data points to draw.
+ Make resources sections collapsible.
+ Chart axis labels follow scaling.
+ Added option to select network totals unit separately.
+ Select Memory format in preferences.
+ Resize process name and command line columns.
+ Don't use trailing space in chart labels.
+ Updated translations.
==== gnome-terminal ====
Version update (3.38.3 -> 3.40.0)
Subpackages: nautilus-extension-terminal
- Update to version 3.40.0:
+ Revert "screen: use clean env when creating new tab".
+ Updated translations.
- Update to version 3.39.90:
+ window: Add option to decode timestamps in context menu.
+ about: Mention the gnome version corresponding to the release.
+ nautilus: Pass environment when creating a terminal in the
current directory.
+ server: Filter environment variables in the server too.
+ client: Filter out some more env variables.
==== gnome-tweaks ====
Version update (3.34.1 -> 40.0)
- Update to version 40.0:
+ Fix "Fails to recognize GNOME Shell 40.rc running"
+ Updated translations.
- Drop 70.patch: fixed upstream.
- Add 70.patch: gshellwrapper: Fails to find Shell when its version
is not from numbers only.
- Update to version 40.beta:
+ GNOME Tweaks 40 brings several bug fixes, support for GNOME 40
settings changes, and removes GNOME Shell Extensions support.
Extensions support can now be found in the GNOME Extensions
app.
+ Port to libhandy 1.0.
+ Show the back button when leaflet is folded.
+ Update to new gsettings-desktop-schemas location.
+ Drop unused extensions support.
+ Use Gtk.HeaderBar instead of Handy.HeaderBar.
+ Add notice for Extensions removal.
- Remove upstreamed patches:
+ 77dde7477922f645946bfc64b1b25aeed2b01919.patch
+ gnome-tweaks-port-libhandy-1.patch
+ gnome-tweaks-port-new-schema-loc.patch
==== gnome-user-docs ====
Version update (3.38.2 -> 40.0)
- Update to version 40.0:
+ Updated gesture documentation for GNOME 40.
+ Updated illustrations.
+ Document QR Code feature for WiFi Hotspot.
+ Updated translations.
- Update to version 40.rc:
+ Updates for GNOME 40.
+ Updated translations.
- Update to version 40.beta:
+ Updated Privacy pages.
+ Removed outdated Firestarter pages.
+ Updated translations.
==== gobject-introspection ====
Version update (1.66.1 -> 1.68.0)
Subpackages: girepository-1_0 libgirepository-1_0-1
- Update to version 1.68.0:
+ Update GLib annotations.
+ docs: cleanup.
+ Fix syntax errors in gir-1.2.rnc.
- Update to version 1.67.1:
+ Requires Python 3.6+.
+ Update GLib annotations.
+ Fix compatibility with Python 3.10.
+ Fix build with GIR data disabled.
+ Add test object for signal marshallers.
==== graphene ====
Version update (1.10.2 -> 1.10.6)
Subpackages: libgraphene-1_0-0 typelib-1_0-Graphene-1_0
- Update to version 1.10.6:
+ Hide GRAPHENE_SIMD_S from the introspection data.
+ Nudge ray axis when intersecting a box.
- Changes from version 1.10.4:
+ Add ARM NEON support when building with Visual Studio.
+ Build fix on ARM64 Windows.
+ Drop deprecated "python3" Meson module.
+ Fix detection of non-intersecting boxes.
+ Only enable SSE2 on x86_64.
+ Use the compiler-appropriate alignment attributes.
+ Change introspection option to a yielding feature.
- Change -Dintrospection=true meson parameter to
- Dintrospection=enabled: follow upstream build system changes.
- Wrap -Dsse2=true meson parameter into %ifarch x86_64: 32bit
builds for example do not support sse2 (likely boo#1184678).
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix obsolete syslog in systemd unit file and updating to use journal as
StandardOutput (bsc#1185149)
* grub2-once.service
- Fix build error on armv6/armv7 (bsc#1184712)
* 0001-emu-fix-executable-stack-marking.patch
- Fix error grub_file_filters not found in Azure virtual machine (bsc#1182012)
* 0001-Workaround-volatile-efi-boot-variable.patch
==== gsettings-desktop-schemas ====
Version update (3.38.0 -> 40.0)
- Update to version 40.0:
+ Updated translations.
- Update to version 40.rc:
+ Updated translations.
- Update to version 40.beta:
+ Use pgUp/Down shortcuts for horizontal workspace switching.
+ Add super-based workspace navigation shortcuts.
+ Remove ?gnome-fallback? as a valid session name.
+ Fix summary of `two-finger-scroll-enabled` key.
+ Updated translations.
- Update to version 40.alpha:
+ Add scroll button locking to trackballs.
+ Move mouse drag-threshold/double-click settings here.
+ Move antialiasing/hinting/rgba-order settings here.
+ Updated translations.
==== gstreamer ====
Version update (1.18.3 -> 1.18.4)
Subpackages: libgstreamer-1_0-0 typelib-1_0-Gst-1_0
- update to 1.18.4:
important security fixes for ID3 tag reading, matroska and realmedia
parsing, and gst-libav audio decoding
Details:
* audiomixer, audioaggregator: input buffer handling fixes
* decodebin3: improve stream-selection message handling
* uridecodebin3: make ?caps? property work
* wavenc: fix writing of INFO chunks in some cases
* v4l2: bt601 colorimetry, allow encoder resolution changes, fix
decoder frame rate negotiation
* decklinkvideosink: fix auto format detection, and fixes for 29.97fps
framerate output
* mpeg-2 video handling fixes when seeking
* avviddec: fix bufferpool negotiation and possible memory corruption
when changing resolution
* various stability, performance and reliability improvements
* memory leak fixes
* build fixes: rpicamsrc, qt overlay example, d3d11videosink on UWP
* info: Don?t leak log function user_data if the debug system is
compiled out
* task: Use SetThreadDescription() Win32 API for setting thread names,
which preserves thread names in dump files.
* buffer, memory: Mark info in map functions as caller-allocates and
pass allocation params as const pointers where possible
* clock: define AUTO_CLEANUP_FREE_FUNC for GstClockID
* tag: id3v2: fix frame size check and potential invalid reads
* audio: Fix gst_audio_buffer_truncate() meta handling for
non-interleaved audio
* audioresample: respect buffer layout when draining
* audioaggregator: fix input_buffer ownership
* decodebin3: change stream selection message owner, so that the app
sends the stream-selection event to the right element
* rtspconnection: correct data_size when tunneled mode
* uridecodebin3: make caps property work
* video-converter: Don?t upsample invalid lines
* videodecoder: Fix racy critical when pool negotiation occurs during
flush
* video: Convert gst_video_info_to_caps() to take self as const ptr
* examples: added qt core dependency for qt overlay example
* matroskademux: header parsing fixes
* rpicamsrc: depend on posix threads and vchiq_arm to fix build on
raspios again
* wavenc: Fixed INFO chunk corruption, caused by odd sized data not
being padded
* wavpackdec: Add floating point format support to fix distortions in
some cases
* v4l2: recognize V4L2 bt601 colorimetry again
* v4l2videoenc: support resolution change stream encode
* v4l2h265codec: fix HEVC profile string issue
* v4l2object: Need keep same transfer as input caps
* v4l2videodec: Fix vp8 and vp9 streams can?t play on board with
vendor bsp
* v4l2videodec: fix src side frame rate negotiation
* avwait: Don?t post messages with the mutex locked
* d3d11h264dec: Reconfigure decoder object on DPB size change and keep
track of actually configured DPB size
* dashsink: fix double unref of sinkpad caps
* decklinkvideosink: Use correct numerator for 29.97fps
* decklinkvideosink: fix auto format detection
* decklinksrc: Use a more accurate capture time
* d3d11videosink: Fix build error on UWP
* interlace: negotiation and buffer leak fixes
* mpegvideoparse: do not clip, so decoder receives data from keyframe
even if it?s before the segment start
* mpegtsparse: Fix switched DTS/PTS when set-timestamps=false
* nvh264sldec: Reopen decoder object if larger DPB size is required
* sdpsrc: fix double free if sdp is provided as string via the
property
* vulkan: Fix elements long name.
==== gstreamer-plugins-bad ====
Version update (1.18.3 -> 1.18.4)
Subpackages: libgstadaptivedemux-1_0-0 libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0 libgstcodecs-1_0-0 libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstsctp-1_0-0 libgsturidownloader-1_0-0 libgstvulkan-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0
- added patches
fix https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/issues/1574
+ gstreamer-plugins-bad-openexr3.patch
- Update to version 1.18.4:
+ avwait: Don't post messages with the mutex locked
+ d3d11h264dec: Reconfigure decoder object on DPB size change
and keep track of actually configured DPB size
+ dashsink: fix double unref of sinkpad caps
+ decklinkvideosink: Use correct numerator for 29.97fps
+ decklinkvideosink: fix auto format detection
+ decklinksrc: Use a more accurate capture time
+ d3d11videosink: Fix build error on UWP
+ interlace: negotiation and buffer leak fixes
+ mpegvideoparse: do not clip, so decoder receives data from
keyframe even if it's before the segment start
+ mpegtsparse: Fix switched DTS/PTS when set-timestamps=false
+ nvh264sldec: Reopen decoder object if larger DPB size is
required
+ sdpsrc: fix double free if sdp is provided as string via the
property
+ vulkan: Fix elements long name.
==== gstreamer-plugins-base ====
Version update (1.18.3 -> 1.18.4)
Subpackages: libgstallocators-1_0-0 libgstapp-1_0-0 libgstaudio-1_0-0 libgstfft-1_0-0 libgstgl-1_0-0 libgstpbutils-1_0-0 libgstriff-1_0-0 libgstrtp-1_0-0 libgstrtsp-1_0-0 libgstsdp-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0
- Update to version 1.18.4:
+ tag: id3v2: fix frame size check and potential invalid reads
+ audio: Fix gst_audio_buffer_truncate() meta handling for non-interleaved audio
+ audioresample: respect buffer layout when draining
+ audioaggregator: fix input_buffer ownership
+ decodebin3: change stream selection message owner, so that the app sends the stream-selection event to the right element
+ rtspconnection: correct data_size when tunneled mode
+ uridecodebin3: make caps property work
+ video-converter: Don't upsample invalid lines
+ videodecoder: Fix racy critical when pool negotiation occurs during flush
+ video: Convert gst_video_info_to_caps() to take self as const ptr
+ examples: added qt core dependency for qt overlay example
==== gstreamer-plugins-good ====
Version update (1.18.3 -> 1.18.4)
- Add 612102fdbc3f813bf9d3406165692b5f742e51a6.patch: Fix build
with gcc 11, based on upstream git.
- Update to version 1.18.4:
+ matroskademux: header parsing fixes
+ rpicamsrc: depend on posix threads and vchiq_arm to fix build
on raspios again
+ wavenc: Fixed INFO chunk corruption, caused by odd sized data
not being padded
+ wavpackdec: Add floating point format support to fix
distortions in some cases
+ v4l2: recognize V4L2 bt601 colorimetry again
+ v4l2videoenc: support resolution change stream encode
+ v4l2h265codec: fix HEVC profile string issue
+ v4l2object: Need keep same transfer as input caps
+ v4l2videodec: Fix vp8 and vp9 streams can't play on board
with vendor bsp
+ v4l2videodec: fix src side frame rate negotiation
==== gtk3 ====
Version update (3.24.27 -> 3.24.29)
Subpackages: gtk3-data gtk3-schema gtk3-tools libgtk-3-0 typelib-1_0-Gtk-3_0
- Update to version 3.24.29:
+ Input:
- Look for a Compose file in the right place.
- Revert some Compose sequence changes (mainly around dead
acute and apostrophe).
- Consume all key events during preedit, to avoid unexpected
interactions.
- Ignore more modifiers during preedit, to allow using 3rd and
5th level choosers.
- Fix handling of cursor positions in non-ASCII preedit text.
+ GtkSpinButton: Interpret localized digits.
+ GtkScale: Fix sporadic criticals.
+ GtkScrolledWindow:
- Cancel overshoot on size changes.
- Avoid criticals with non-overlay scrollbars.
+ GtkFileChooser: Handle smb mounts better.
+ GtkListBox: Fix extending multi-selections.
+ Fix a possible crash in gtk_show_uri.
+ Wayland: Improve font settings fallback.
+ X11:
- Avoid log spam on exit.
- Don't beep on untrusted displays.
+ Updated translations.
- Drop gtk3-prevent-g_file_get_basename-return-NULL.patch: fixed
upstream.
- Update to version 3.24.28:
+ Input: Improve dead key handling.
+ CSS: Fix rendering of scaled text shadows.
+ Wayland: Fix matching of accelerators with multiple layouts.
+ X11: Trap errors from the COW.
+ Build: Make gtk3-update-icon-cache output reproducible.
+ Updated translations.
- Add gtk3-prevent-g_file_get_basename-return-NULL.patch:
+ Fix a possible crash in gtk_show_uri
(boo#1185082, glgo#GNOME/gtk!3458).
==== gvfs ====
Version update (1.46.2 -> 1.48.0)
Subpackages: gvfs-backends
- Rebase SLE patches gvfs-nds.patch and gvfs-nvvfs.patch for version
1.48.0:
+ Use meson summary function instead of custom output(boo#1184104).
- Update to version 1.48.0:
+ Updated translations.
- Update to version 1.47.91:
+ Updated translations.
- Update to version 1.47.90:
+ google: Add Shared drives folder.
+ google: Add Shared with me folder.
+ google: Improve performance for folders with large number of
files.
+ daemon: Set filesystem::use-preview explicitly and
consistently.
+ daemon: Unify and shorten strings for prompt dialog titles.
+ Updated translations.
- Update to version 1.47.1:
+ mtp: Fix crashes when storage descriptions are not provided.
+ trash: Explicitly cancel file monitor to prevent deadlock.
+ admin: Add copy and push implementations for better
performance.
+ client: Add fallback to session bus for synchronous API.
+ daemon: Use named sockets to avoid network permission
requirement.
+ smb: Set fast content type independently of other attributes.
==== gzip ====
- fix DFLTCC segfault [bsc#1177047]
- added patches
fix https://git.savannah.gnu.org/cgit/gzip.git/commit/?id=be0a534ba2b6e77da289d…
+ gzip-1.10-fix-DFLTCC-segfault.patch
==== harfbuzz ====
Version update (2.7.4 -> 2.8.0)
Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0
- Update to version 2.8.0:
+ Shape joining scripts other than Arabic/Syriac using the
Universal Shaping Engine. Previously these were shaped using
the generalized Arabic shaper.
+ Fix regression in shaping of U+0B55 ORIYA SIGN OVERLINE.
+ Update language tags.
+ Variations: reduce error: do not round each interpolated delta.
+ Documentation improvements.
+ Subsetter improvements: subsets most, if not all, lookup types
now.
+ Fuzzer-found fixes and other improvements when memory failures
happen.
+ Removed most atomic implementations now that we have C++11
atomic impl.
+ General codebase upkeep; using more C++11 features: constexpr
constructors, etc.
==== hwdata ====
Version update (0.345 -> 0.346)
- Update to version 0.346:
+ Updated pci, usb and vendor ids.
+ Resolves boo#1182482 jsc#SLE-13791 bnc#1170160
==== hwinfo ====
Version update (21.72 -> 21.73)
- merge gh#openSUSE/hwinfo#95
- don't rely on select() updating its timeout arg (bsc#1184339)
- 21.73
==== installation-images-MicroOS ====
Version update (16.56 -> 17.0)
- merge gh#openSUSE/installation-images#498
- rescue: make sure /var/run is a link to /run
- rescue: link modules and firmware from correct location
- 17.0
- merge gh#openSUSE/installation-images#504
- no more libstoragemgmt-netapp-plugin
- 16.74
- merge gh#openSUSE/installation-images#503
- make usrmerge case depend on /lib link in filesystem package
- 16.73
- merge gh#openSUSE/installation-images#502
- extend 'exists' operator to test for a specfic type
- merge gh#openSUSE/installation-images#500
- fix NVMf autoconnect udev rule (bsc#1184908)
- 16.72
- merge gh#openSUSE/installation-images#490
- re-enable SecureBoot on AARCH64 on SLE Micro enable building the
SLE Micro flavor based on OBS macro
- 16.71
- merge gh#openSUSE/installation-images#497
- add udev rules for NVMf autoconnect in the installation system
(bsc#1184908)
- 16.70
- merge gh#openSUSE/installation-images#496
- add even more USB Type-C modules (bsc#1185010)
- 16.69
- merge gh#openSUSE/installation-images#492
- allow loading of unsupported modules (bsc#1184413, bsc#1183140)
- 16.68
- merge gh#openSUSE/installation-images#491
- build with kernel-default-optional on Leap (bsc#1184413)
- 16.67
- merge gh#openSUSE/installation-images#487
- gefrickel: don't skip non-existing
- 16.66
- merge gh#openSUSE/installation-images#484
- add USB Type-C modules (bsc#1184867)
- 16.65
- merge gh#openSUSE/installation-images#481
- enable multipathd in rescue system (bsc#1184686)
- merge gh#openSUSE/installation-images#480
- build with kernel-default-extra on Leap (bsc#1184413, bsc#1183140)
- 16.64
- merge gh#openSUSE/installation-images#478
- Fix grub branding for %{arm}
- 16.63
- merge gh#openSUSE/installation-images#473
- adjust NVME config initialisation (bsc#1183230)
- 16.62
- merge gh#openSUSE/installation-images#470
- Fix firmware dir for usrmerge (boo#1029961)
- remote_log_setup: support loghost with port
- 16.61
- merge gh#openSUSE/installation-images#450
- Add support for riscv64
- 16.60
- merge gh#openSUSE/installation-images#475
- remove bind-libs BuildRequires
- 16.59
- merge gh#openSUSE/installation-images#474
- remove changelog file
- update git2log script to latest version
- clean up VERSION
- remove .gitignore
- 16.58
- merge gh#openSUSE/installation-images#472
- handle update-alternative symlinks automatically
- remove update-alternative hacks
- 16.57
==== irqbalance ====
Version update (1.7.0+git20210222.9db8d5c -> 1.8.0)
- Add _service file pointing to github sources
A _service
- Update to version 1.8.0:
* Add return value check of opendir in do_one_cpu
* Hotplug may occur again during sleep, so wait until there is no hotplug
==== iso-codes ====
Version update (4.5.0 -> 4.6.0)
- update to 4.6.0:
* Many translation updates, see included ChangeLog
==== jack ====
Version update (1.9.17 -> 1.9.18)
- update to 1.9.18:
* Add zalsa_in/out as internal client (based on zita-a2j/j2a and jack1 code)
* Fix jack_midi_dump deadlock on close after the jack server is restarted
* Fix interrupt signal for linux futex waits
* Fix usage of meta-data in official macOS builds (private DB errors)
* Log error message when cleaning previous DB (macOS and Windows)
==== kaccounts-integration ====
Version update (20.12.3 -> 21.04.0)
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Update to 21.03.90
* New feature release
- No code change since 21.03.80
- Update to 21.03.80
* New feature release
- Too many changes to list here.
==== kactivities-stats ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kactivities5 ====
Version update (5.80.0 -> 5.81.0)
Subpackages: kactivities5-imports libKF5Activities5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Activate activity manager asynchronously
==== kactivitymanagerd ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== karchive ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kate ====
Version update (20.12.3 -> 21.04.0)
Subpackages: kate-plugins
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- Changes since 21.03.90:
* Fix S&R not recovering from canceled folder search (kde#435689)
- Stop owning directories provided by the filesystem package (boo#1184786)
- Update to 21.03.90
* New feature release
- Too many changes to list here.
- Update to 21.03.80
* New feature release
- Too many changes to list here.
- Rebase 0001-Defuse-root-block.patch
==== kauth ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5Auth5 libKF5AuthCore5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Un-overload HelperProxy::progressStep() signal
==== kbookmarks ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* [opera] Port away from direct QTextCodec use
==== kcmutils ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Add loaded signal to KCModuleData to handle delayed loading
==== kcodecs ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kcompletion ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Un-overload KLineEdit::returnPressed(const QString &) signal
* Un-overload KCompletionBox::activated(const QString &) signal
* Un-overload KComboBox::returnPressed(const QString &) signal
==== kconfig ====
Version update (5.80.0 -> 5.81.0)
Subpackages: kconf_update5 libKF5ConfigCore5 libKF5ConfigGui5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Relicense file to LGPL-2.0-or-later
* [kconfig_compiler] Explicitly open input file for reading
* Remove old contact data from src/kconfig_compiler_README.dox
* kconfig_compiler: change how paramString() creates strings
==== kconfigwidgets ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Introduce KHamburgermenu
==== kcoreaddons ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Enable Unicode support in QRegularExpression where needed
==== kcrash ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* document why we close FDs
* add licensing info for test fixtures
* prefer in-class init to ctor init
* remove undefined variable interpolation
==== kdbusaddons ====
Version update (5.80.0 -> 5.81.0)
Subpackages: kdbusaddons-tools libKF5DBusAddons5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Run clang-format
* Add clang-format pre-commit hook
==== kde-cli-tools5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== kde-print-manager ====
Version update (20.12.3 -> 21.04.0)
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Update to 21.03.90
* New feature release
- No code change since 21.03.80
- Update to 21.03.80
* New feature release
- Changes since 20.12.3:
* Remove unused CMake include
* Manually bind width of list item
==== kdeclarative ====
Version update (5.80.0 -> 5.81.0)
Subpackages: kdeclarative-components libKF5CalendarEvents5 libKF5Declarative5 libKF5QuickAddons5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kded ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* make kded shut down cleanly during systemd session teardown
==== kdelibs4support ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5KDELibs4Support5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* KComponentData: add a link to the KF5 porting notes
==== kdesu ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kdialog ====
Version update (20.12.3 -> 21.04.0)
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Update to 21.03.90
* New feature release
- No code change since 21.03.80
- Update to 21.03.80
* New feature release
- No code change since 20.12.3
==== kdnssd-framework ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kdoctools ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kdump ====
- kdump-Add-bootdev-to-dracut-command-line.patch: Add 'bootdev=' to
dracut command line (bsc#1182309).
==== kernel-firmware ====
Version update (20210315 -> 20210419)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20210419 (git commit 940b7f42d45d):
* cxgb4: Update firmware to revision 1.25.4.0
* Mellanox: Add new mlxsw_spectrum firmware xx.2008.2438
* brcm: Link CM4's WiFi firmware with DMI machine name.
* linux-firmware: Update firmware file for Intel Bluetooth AX201
* amdgpu: update navi14 smc firmware
* amdgpu: update navi10 SMC firmware
* QCA: Update Bluetooth firmware for QCA6174
* WHENCE: link to similar config file for rtl8821a support
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.14.A.6
* amdgpu: add arcturus firmware
* rtl_bt: Add rtl8723bs_config-OBDA0623.bin symlink
* brcm: Add nvram for the Chuwi Hi8 (CWI509) tablet
* brcm: Add nvram for the Predia Basic tablet
* qcom: sm8250: update remoteproc firmware
* qcom: update a650 firmware files
* rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x59A_76A3
* amdgpu: update sienna cichlid firmware for 20.50
* amdgpu: update vega20 firmware for 20.50
* amdgpu: update picasso firmware for 20.50
* amdgpu: update navi14 firmware for 20.50
* amdgpu: update vega12 firmware for 20.50
* amdgpu: update navi12 firmware for 20.50
* amdgpu: update vega10 firmware for 20.50
* amdgpu: update renoir firmware for 20.50
* amdgpu: update navi10 firmware for 20.50
* amdgpu: update raven2 firmware for 20.50
* amdgpu: update raven firmware for 20.50
* amdgpu: add initial support for navy flounder
- Update aliases
==== kexec-tools ====
Version update (2.0.20 -> 2.0.21)
- kexec-tools-remove-duplicate-ramdisk-definition.patch:
Remove duplicate definition of ramdisk (fix ppc build).
- Bump version to 2.0.21
- Drop patches from upstream git:
* kexec-tools-add-variant-helper-functions.patch
* kexec-tools-arm64-kexec-allocate-memory-space-avoiding-reserved-regions.patch
* kexec-tools-arm64-kdump-deal-with-resource-entries-in-proc-iomem.patch
* kexec-tools-build-multiboot2-for-i386.patch
* kexec-tools-fix-kexec_file_load-error-handling.patch
* kexec-tools-reset-getopt-before-falling-back-to-legacy.patch
* kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch
* kexec-tools-Remove-duplicated-variable-declarations.patch
- Hardening: Link as PIE (bsc#1185020).
==== kfilemetadata5 ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* This method is unused (fix unity compile support)
* Enable Unicode support in QRegularExpression where needed
==== kgamma5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== kglobalaccel ====
Version update (5.80.0 -> 5.81.0)
Subpackages: kglobalaccel5 libKF5GlobalAccel5 libKF5GlobalAccelPrivate5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Only use unistd/getuid when available
* Don't let kglobalaccel run if KDE_SESSION_UID mismatches
* Update KGlobalAccel definition file
==== kguiaddons ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kholidays ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Make it compile with unity cmake support
* Run clang-format
* Prevent clang-format uglification
* Add clang-format pre-commit hook
* Add trailing comma to enums
* handle negative years in easter and pascha calculations. (kde#434027)
==== khotkeys5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== ki18n ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kiconthemes ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Too many changes since 5.80.0, only listing bugfixes:
* ensure qrc + QDir::searchPaths work for icons (kde#434451)
- Drop patches:
* 0001-ensure-qrc-QDir-searchPaths-work-for-icons.patch
* 3262669e.patch
==== kidletime ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kinfocenter5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== kinit ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kio ====
Version update (5.80.1 -> 5.81.0)
Subpackages: kio-core
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Too many changes since 5.80.0, only listing bugfixes:
* Handle .theme files correctly (kde#435176)
* PreviewJob: Initialize cachesSize with 0, only pass size > 0
to shmget, improve createThumbnail (kde#430862)
* KNewFileMenu: use destination side to stat destination (kde#429541)
- Drop patch:
* 0001-MimeTypeFinderJob-don-t-put-job-on-hold-for-local-fi.patch
==== kio-extras5 ====
Version update (20.12.3 -> 21.04.0)
Subpackages: libkioarchive5
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Skip the openEXR optional dependency for Leap builds
- Update to 21.03.90
* New feature release
- No code change since 21.03.80
- Update to 21.03.80
* New feature release
- Too many changes since 20.12.3, only listing bugfixes:
* smb: do not assume rename files are different based on name (kde#430585)
* nfs: Do not set UDS_CREATION_TIME (kde#318821)
==== kirigami2 ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5Kirigami2-5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Too many changes since 5.80.0, only listing bugfixes:
* Auto fire SearchField's accepted, with optional extra delay (kde#435084)
* Fix focus handling in OverlaySheet to be managed as one FocusScope (kde#431295)
* [FormLayout] Use layout boundaries on twin layout hints (kde#434383)
* the visible part should always at least be as tall as item (kde#433815)
* Fix potential crash in SizeGroup (kde#434079)
* turn contentItemParent into a FocusScope (kde#433991)
==== kitemmodels ====
Version update (5.80.0 -> 5.81.0)
Subpackages: kitemmodels-imports libKF5ItemModels5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kitemviews ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kjobwidgets ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* KUiServerV2JobTracker: Send properties in requestView call
* Introduce KUiServerV2JobTracker
==== kmenuedit5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== knewstuff ====
Version update (5.80.0 -> 5.81.0)
Subpackages: knewstuff-imports libKF5NewStuff5 libKF5NewStuffCore5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* qtquickengine: Do not forward intermediate states
* quickengine: Emit entryEvent signal with enum which is exposed to QML
* Create a NewStuff.Action component, add NewStuff.Settings global
* Fix minor typos
* Less risk of infinite spinner on uninstalling KPackage based things (kde#434371)
==== knotifications ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Relicense files to LGPL-2.0-or-later
* Don't close resident notifications when action is invoked
* Add missing include for Qt 5.14
* Implement inline replies on Android
* Add an inline reply notification to the example
* Add KNotificationReplyAction for using inline-reply Notification API
==== knotifyconfig ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== konsole ====
Version update (20.12.3 -> 21.04.0)
Subpackages: konsole-part
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Stop owning directories provided by the filesystem package (boo#1184786)
- Update to 21.03.90
* New feature release
- Changes since 21.03.80:
* Always sort the profiles by name in 'File -> New Tab'
* Fix crash in ProfileSettings; clone selected profile settings to new profile
* Unmaximize terminal before moving to new tab
* ProfileSettings: use generateUniqueName() when creating new profiles
* ProfileManager: remove some fallback-profile-related code
* Don't edit the Fallback profile, instead create a new one
* Clean up some more "favourite profile"-related code
- Update to 21.03.80
* New feature release
- Too many changes to list here.
==== kpackage ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kparts ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Add a new signal to replace the now deprecated completed(bool)
* Add missing include
==== kpeople5 ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kpty ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kquickcharts ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Run clang-format
* Remove custom clang-format file
* Add clang-format pre-commit hook
==== krb5 ====
- Use /run instead of /var/run for daemon PID files; (bsc#1185163);
- do not own %sbindir, it comes from filesystem package
==== kross ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== krunner ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* autotests: Add tests for RunnerManager history functionality
* Deprecate concept of delayed runners & related methods
* Deprecate methods to remove matches in RunnerContext
==== kscreen5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Prefer "21:9" over "64:27" aspect ratio
==== kscreenlocker ====
Version update (5.21.3 -> 5.21.4)
Subpackages: libKScreenLocker5
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== kservice ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Deprecate KPluginInfo::fromKPartsInstanceName, completely unused
==== ksysguard5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== ktexteditor ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Too many changes since 5.80.0, only listing bugfixes:
* Don't warn about unsaved changes when closing if blank and unsaved (kde#391208)
* Use QPalette::highlight for the scrollbar minimap slider (kde#434690)
* Restrict horizontal range of cursor to avoid unintentionally wrapping. (kde#423253)
* Add option to keep spaces to the left of cursor when saving (kde#433455)
* fix unit tests => don't remove trailing spaces (kde#434163)
* fix spellcheck word detection for non-ASCII (kde#433673)
* fix auto-completion for non ASCII words (kde#433672)
==== ktextwidgets ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Deprecate KFind::highlight(int, int, int) signal
* Deprecate the KFind::highlight(QString &, int, int) signal
* Enable Unicode support in QRegularExpression where needed
==== kunitconversion ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== kwallet ====
Version update (5.80.0 -> 5.81.0)
Subpackages: kwalletd5 libKF5Wallet5 libkwalletbackend5-5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Un-overload OrgKdeKWalletInterface::walletClosed(int) signal
==== kwalletmanager5 ====
Version update (20.12.3 -> 21.04.0)
- Update to 21.04.0
* New feature release
* For more details please see:
* https://kde.org/announcements/gear/21.04
- No code change since 21.03.90
- Update to 21.03.90
* New feature release
- No code change since 21.03.80
- Update to 21.03.80
* New feature release
- Changes since 20.12.3:
* Add CMakePresets support
* Increase mini cmake version + allow to install po file too
* Add missing override
* Not necessary now
* Convert license statements to SPDX expressions
* Autogenerate categories file
* operator+/- is disabled for QFlags in qt6
* Remove unused include
==== kwayland ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Fixes DTD check errors and a typo
* Add the activity management protocol client implementation
* Bump plasma-wayland-protocols dependency to 1.2.1
==== kwayland-integration ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== kwayland-server ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Send current primary selection after introducing focused surface
* Fix management of keymap files
* Fix a typo
==== kwidgetsaddons ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Run clang-format
* Prevent clang-format uglification
* Add clang-format pre-commit hook
* Add trailing comma to enums
==== kwin5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Fix crash on hotplugging displays while switched to another TTY (kde#435388)
==== kwindowsystem ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Add MediaPause key to mapping (kde#403636)
==== kwrited5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== kxmlgui ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Tweaks
* Run clang-format
* Prevent clang-format uglification
* Add clang-format pre-commit hook
* Add trailing comma to enums
==== ldb ====
Version update (2.2.1 -> 2.3.0)
Subpackages: libldb2 python3-ldb
- Update to ldb 2.3.0
==== less ====
Version update (563 -> 581)
- less 581:
* Change ESC-u command to toggle, not disable, highlighting per
man page
* Add ESC-U command
* Add ctrl-W search modifier for wrapping search
* F command can be interrupted by ^X
* Support OSC 8 hyperlinks when -R is in effect
* g command with no number will ignore -j and put first line at
top of screen
* Multiple + or -p command line options are handled better
* Add the --incsearch option
* Add the --line-num-width option
* Add the --status-col-width option
* Add the --use-color and --color options
* Display -w highlight even if highlighted line is empty
* If search result is in a long line, scroll to ensure it is
visible
* Editing the same file under different names now creates only
one entry in the file list.
* Make visual bell more visible on some terminals
* Ring end-of-file bell no more than once per second
* Build can use either Python or Perl for Makefile.aut operations
* Fix crash when using the @ search modifier.
* Fix crash in the 's' command due to duplicate free
- drop less-429-save_line_position.patch which was never accepted
upstream due to solving one problem and creating others
==== libKF5ModemManagerQt ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== libKF5NetworkManagerQt ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Remove dead cmake code
==== libXres ====
Version update (1.2.0 -> 1.2.1)
- modernize spec file (move license to licensedir)
- Update to version 1.2.1
* Update README for gitlab migration
* Update configure.ac bug URL for gitlab migration
* Note ABI of XResQueryClientIds
* XRes: Use _XRead instead of _XRead32 for reading pid
==== libapparmor ====
- add crypto-policies-mr720.diff to allow reading crypto policies
in abstractions/ssl_certs (boo#1183597)
- replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in
systemd into containers just because apparmor-parser ships a *.service file
==== libassuan ====
Version update (2.5.4 -> 2.5.5)
- update to 2.5.5:
* Fix a crash in the logging code
* Upgrade autoconf
==== libblockdev ====
Subpackages: libbd_crypto2 libbd_fs2 libbd_loop2 libbd_mdraid2 libbd_part2 libbd_swap2 libbd_utils2 libblockdev2
- Add -Wno-deprecated-declarations to cflags: dealing with
deprecations is upstreams business and should not hinder
downstream packages from building.
==== libcap ====
- Add explicit dependency on libcap2 with version to libcap-progs
(bsc#1184690)
==== libcontainers-common ====
- Force overlay as default storage driver if system is not btrfs
(gh#containers/buildah#3153)
- Update common to 0.36.0
- Update podman to 3.1.1
- Update storage to 1.29.0
- Update image to 5.11.0
- Update common to 0.35.3
- Update podman to 3.1.0
- Update storage to 1.28.1
- Update image to 5.10.5
==== libdazzle ====
Version update (3.38.0 -> 3.40.0)
- Update to version 3.40.0:
+ Build system fixes for mingw.
+ PangoFontDescription to CSS conversion improvements.
==== libdnf ====
Version update (0.60.0 -> 0.62.0)
Subpackages: libdnf-repo-config-zypp libdnf2
- Add patch to fix crash when loading DVD repositories
+ Patch: 0001-Fix-a-crash-when-repoId-not-found-in-loaded-conf-gke.patch
- Update to 0.62.0
+ Change order of TransactionItemReason (rh#1921063)
+ Add two new comperators for security filters (rh#1918475)
+ Apply security filters for candidates with lower priority
+ Fix: Goal - translation of messages in global maps
+ Enhance description of modular solvables
+ Improve performance for module query
+ Change mechanism of modular errata applicability (rh#1804234)
+ dnf_transaction_commit(): Remove second call to rpmtsSetVSFlags
+ Fix a couple of memory leaks
+ Fix: Setting of librepo handle in newHandle function
+ Remove failsafe data when module is not enabled (rh#1847035)
+ Expose librepo's checksum functions via SWIG
+ Fix: Mising check of "hy_split_nevra()" return code
+ Do not allow 1 as installonly_limit value (rh#1926261)
+ Fix check whether the subkey can be used for signing
+ Hardening: add signature check with rpmcliVerifySignatures
(CVE-2021-3445, CVE-2021-3421, CVE-2021-20271, rh#1932079, rh#1932089, rh#1932090, boo#1183779)
+ Add a config option sslverifystatus, defaults to false (rh#1814383)
+ [context] Add API for distro-sync
==== libdrm ====
Version update (2.4.104 -> 2.4.105)
Subpackages: libdrm2 libdrm_amdgpu1 libdrm_nouveau2 libdrm_radeon1
- update to 2.4.105:
* amdgpu: add function of INFO ioctl for querying video caps
* amdgpu: sync up amdgpu_drm.h with latest from kernel
* xf86drmMode: set FB_MODIFIERS flag when modifiers are supplied
* xf86drmMode: introduce drmModeGetPropertyType
* intel: Keep libdrm working without pread/pwrite ioctls
* xf86drm: fix null pointer deref in drmGetBufInfo
* intel: Add support for JSL
* xf86drm: warn about GEM handle reference counting
* xf86drmMode: add drmIsKMS
* intel: add INTEL_ADLS_IDS to the pciids list
* intel: sync i915_pciids.h with kernel
* amdgpu: update marketing names
* tests and build system fixes
==== libeconf ====
Version update (0.3.8+git20200710.5126fff -> 0.4.0+git20210413.fdb8025)
- Removed doxygen from build requires.
- Update to version 0.4.0+git20210413.fdb8025:
* Installing man pages via meson. (#147)
- Update to version 0.4.0+git20210412.1513a26:
* Added econftool cat option (#146)
* new API call: econf_readDirsHistory (showing ALL locations)
* new API call: econf_getPath (absolute path of the configuration file)
- Update to version 0.4.0+git20210408.6d33e5e:
* Man pages libeconf.3 and econftool.8.
* Handling multiline strings.
* Added libeconf_ext which returns more information like
line_nr, comments, path of the configuration file,...
* Econftool, an command line interface for handling configuration
files.
* Generating HTML API documentation with doxygen.
* Improving error handling and semantic file check.
* Joining entries with the same key to one single entry if
env variable ECONF_JOIN_SAME_ENTRIES has been set.
==== libfido2 ====
Version update (1.6.0 -> 1.7.0)
Subpackages: libfido2-1 libfido2-udev
- Update to version 1.7.0:
* hid_win: detect devices with vendor or product IDs > 0x7fff
* Support for FIDO 2.1 authenticator configuration.
* Support for FIDO 2.1 UV token permissions.
* Support for FIDO 2.1 "credBlobs" and "largeBlobs" extensions.
* New API calls
* New fido_init flag to disable fido_dev_open?s U2F fallback
* Experimental NFC support on Linux.
- Enabled hidapi again, issues related to hidapi are fixed upstream
* Added fix-cmake-linking.patch to fix linking
==== libgcrypt ====
Version update (1.9.2 -> 1.9.3)
- libgcrypt 1.9.3:
* Bug fixes:
- Fix build problems on i386 using gcc-4.7.
- Fix checksum calculation in OCB decryption for AES on s390.
- Fix a regression in gcry_mpi_ec_add related to certain usages
of curve 25519.
- Fix a symbol not found problem on Apple M1.
- Fix for Apple iOS getentropy peculiarity.
- Make keygrip computation work for compressed points.
* Performance:
- Add x86_64 VAES/AVX2 accelerated implementation of Camellia.
- Add x86_64 VAES/AVX2 accelerated implementation of AES.
- Add VPMSUMD acceleration for GCM mode on PPC.
* Internal changes.
- Harden MPI conditional code against EM leakage.
- Harden Elgamal by introducing exponent blinding.
==== libgnomekbd ====
Subpackages: gnomekbd-tools libgnomekbd8
- Add libgnomekbd-avoid-coredump-on-ibus-engines.patch: avoid libgnomekbd
crash when working with ibus(bnc#1160963, glgo#GNOME/libgnomekbd!6).
==== libgweather ====
Version update (3.36.1 -> 40.0)
Subpackages: gweather-data libgweather-3-16 typelib-1_0-GWeather-3_0
- Update to version 40.0:
+ Fix possible uninitialized variable in location entry.
+ Updated translations.
- Update to version 40.beta:
+ Fix gweather_location_next_child annotations.
+ metno: Use alphabetical 2.0 symbol codes.
- Update to version 40.alpha.1:
+ Fix warnings related to the new application-id and contact-info
properties.
+ Fix use-after-free issues when detached locations are used.
+ Fix vala binding issues by removing a left over struct
definition.
- Changes from version 40.alpha:
+ An application-id as well as contact information must be
provided for every application to use online weather services.
For GApplication-based applications, the application ID is
prefilled.
+ All online weather providers are disabled by default,
applications should enable those that it has verified it can
follow the terms of service for. Note, for example, the
requirement to subscribe to the met.no API users mailing-list.
+ A lot of the getter functions for the location database now
return references to objects which the application will need to
handle. Applications that use JavaScript or Python bindings
should not require special handling for this change.
- Add python3-gobject BuildRequires: new dependency.
==== libhandy ====
Version update (1.0.3 -> 1.2.1)
Subpackages: libhandy-1-0 typelib-1_0-Handy-1_0
- Update to version 1.2.1:
+ hdydeck and hdyleaflet:
- Skip the unfolded allocation phase if there are no visible
children, fixing a crash.
- Fix the reverse child order.
+ hdyheaderbar: stop force centering an expanded title when
loose.
+ hdyflap: fix shadow glitches on flap child resizes.
+ hdypreferenceswindow:
- give the window the .preferences style class.
- make the search results page's margins adaptive.
+ demo: fix a memory leak in the view switcher demo.
+ meson: avoid trailing slashes in directories if package_subdir
is empty.
- Update to version 1.2.0:
+ Fix deprecation warnings when including handy.h.
+ Fix warnings with -Wmissing-field-initializers.
+ Fix warnings with --buildtype=optimized.
+ Fix a crash when subclassing HdyPreferencesGroup.
+ Fix a build reproducibility issue by using basenames rather
than full paths in generated sources.
+ Updated translations.
- Update to version 1.1.90:
+ Add HdyFlap, allowing to have adaptive tab bars and header
bars.
+ Add HdyTabBar and HdyTabView, offering a modern tab bar.
+ Add HdyStatusPage, a convenient widget for welcome pages, empty
state pages, or error pages.
+ HdyAvatar:
- Add the loadable -icon property to allow setting a
GLoadableIcon as the avatar picture.
- Deprecate hdy_avatar_set_image_load_func() in favor of the
loadable -icon property.
- Add hdy_avatar_draw_to_pixbuf() and
hdy_avatar_draw_to_pixbuf_async() to export the avatar as a
GdkPixbuf.
- Take CSS sizing properties into account.
+ HdyPreferencesWindow:
- Use HdyStatusPage as the empty search result page to
standardize the page's look.
+ HdyPreferencesPage:
- Propagate the natural height of the scrolled content.
- Make the scrolled window automatically follow the focus.
- Implement the margins via CSS so applications can override
them.
- Make the margins adapt to the available width.
+ HdyPreferencesGroup:
- Allow navigating out of the listbox.
- Wrap labels on words or characters, preventing long words
from breaking the UI.
- Take CSS sizing properties into account.
- Implement the margins via CSS so applications can override
them.
- Refine the spacing.
- Protect against gtk_widget_show_all().
- Fix a leak when destroying the widget.
- Add accessibility relationships for the title.
+ HdyClamp:
- Fix measuring the widget even without a child.
- Take CSS sizing properties into account.
+ HdyActionRow:
- Add the title -lines and subtitle -lines properties to set
the number of lines the title and subtitle should be limited
to, 0 giving an unlimited lines number.
- Wrap labels on words or characters, preventing long words
from breaking the UI.
- Document that hdy_action_row_get_icon_name() doesn't transfer
string ownership.
- Add accessibility relationships for the title.
+ HdyComboRow:
- Fix showing the checkmark on the right item.
- Use object -select -symbolic instead of emblem -ok
- symbolic as the selected item checkmark icon, as it is more
semantically correct.
+ HdySwipeTracker:
- Add the allow -long -swipes property to allow swiping more
than one snap point at a time.
- Calculate the velocity with a scroll history to gain
precision.
- Fix coordinate transformation for scrolling.
- Don't leak the current event.
+ HdyCarousel:
- Add the allow -long -swipes property to allow swiping more
than one child at a time.
- Fix a size invalidation issue.
+ HdyDeck:
- Add the hdy_deck_prepend(), hdy_deck_insert_child_after(),
and hdy_deck_reorder_child_after() methods.
- Increase the edge swipe area from 16px to 32px.
- Fix the ntural size calculation.
+ HdyLeaflet:
- Add the hdy_leaflet_prepend(),
hdy_leaflet_insert_child_after(), and
hdy_leaflet_reorder_child_after() methods.
- Increase the edge swipe area from 16px to 32px.
+ HdyKeypad:
- Beep when typing invalid characters.
- Allow pasting and erasing text in the entry.
- Fix allowing + when symbols are visible instead of hidden.
+ Updated translations.
==== libhugetlbfs ====
- Hardening: Link as PIE (bsc#1184123).
==== libical ====
Version update (3.0.8 -> 3.0.9)
- filelist fix for the glib build
- update to 3.0.9:
* Add support for empty parameters, e.g. CN=""
* Accept VTIMEZONE with more than one X- property
* Several fixes for recurrences containing BYWEEKNO
* icalrecurrencetype_from_string() will reject any RRULE that contains a
rule-part that occurs more than once
* Improve thread safety
* Fix compiled-in path for the built-in timezone data
* Fix reading TZif files with empty v1 data (use v2+ whenever possible)
* Add backwards compatibility for previous TZIDs
* Built-in timezones updated to tzdata2020d
* Fix build with newer libicu
* Fix cross-compile support in libical-glib
- remove 0001-Fix-build-with-icu-68.1.patch libical-read-v2-v3-data.patch:
upstream
==== libical-glib ====
Version update (3.0.8 -> 3.0.9)
- filelist fix for the glib build
- update to 3.0.9:
* Add support for empty parameters, e.g. CN=""
* Accept VTIMEZONE with more than one X- property
* Several fixes for recurrences containing BYWEEKNO
* icalrecurrencetype_from_string() will reject any RRULE that contains a
rule-part that occurs more than once
* Improve thread safety
* Fix compiled-in path for the built-in timezone data
* Fix reading TZif files with empty v1 data (use v2+ whenever possible)
* Add backwards compatibility for previous TZIDs
* Built-in timezones updated to tzdata2020d
* Fix build with newer libicu
* Fix cross-compile support in libical-glib
- remove 0001-Fix-build-with-icu-68.1.patch libical-read-v2-v3-data.patch:
upstream
==== libinput ====
Version update (1.17.0 -> 1.17.1)
- Update to release 1.17.1
* quirks: add quirks for Apple SPI input devices
* Add Lenovo Legion 5 keyboard to 50-system-lenovo.quirks
==== libjpeg-turbo ====
- version update to 2.1.0
lot of changes, see
* https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.90
* https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.1.0
==== libkdecoration2 ====
Version update (5.21.3 -> 5.21.4)
Subpackages: libkdecorations2-5 libkdecorations2private8
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== libksba ====
Version update (1.5.0 -> 1.5.1)
- libksba 1.5.1:
* Support Brainpool curves specified by ECDomainParameters
==== libkscreen2 ====
Version update (5.21.3 -> 5.21.4)
Subpackages: libKF5Screen7 libkscreen2-plugin
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== libksysguard5 ====
Version update (5.21.3.1 -> 5.21.4)
Subpackages: libksysguard5-helper libksysguard5-imports
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Use lld instead of Ld as format specifier (kde#418142)
* Emit also dataChanged when sensor colors are changed
* Assign a new color when configuring sensor colors (kde#434515)
* SensorFaceController: Save on destruction if the face requests it (kde#433768,kde#433536,kde#434005)
==== libopenmpt ====
Version update (0.5.5 -> 0.5.7)
- Update to 0.5.7:
* [Sec] Possible null-pointer dereference read caused by a
sequence of openmpt::module::read,
openmpt::module::set_position_seconds with a position past the
song end, and another openmpt::module::read call.
* IT: Instrument / sample panning was reset on note-off / fade
commands.
* IMF: Set Finetune is now implemented correctly.
* Fixed excessive memory consumption with malformed files in
various formats.
- Update to 0.5.6:
* AMS: Avoid allocating excessive amount of memory for compressed
song message in malformed files.
* S3M: Some samples or OPL patches were imported with a too high
sample rate if module was saved with Scream Tracker 3.
==== libpeas ====
Version update (1.28.0 -> 1.30.0)
- Update to version 1.30.0:
+ Build system improvements.
+ Improvements when running on Windows.
+ Updated translations.
==== libqt5-qtbase ====
Subpackages: libQt5Concurrent5 libQt5Core5 libQt5DBus5 libQt5Gui5 libQt5Network5 libQt5PrintSupport5 libQt5Sql5 libQt5Sql5-sqlite libQt5Test5 libQt5Widgets5 libQt5Xml5
- Add patch to fix possible crash caused by GCC 11 build fix:
* 0001-Partially-revert-813a928c7c3cf98670b6043149880ed5c95.patch
==== libqt5-qtdeclarative ====
- Add patch to fix build with GCC 11 (boo#1185100):
* 0001-Include-limits-to-fix-build-with-GCC-11.patch
==== libqt5-qtsvg ====
- Add commits from kde's 5.15 branch:
* 0001-Improve-handling-of-malformed-numeric-values-in-svg-.patch
* 0002-Clamp-parsed-doubles-to-float-representable-values.patch
(bsc#1184783, QTBUG-91507, CVE-2021-3481)
* 0003-Avoid-buffer-overflow-in-isSupportedSvgFeature.patch
* 0004-Make-image-handler-accept-UTF-16-UTF-32-encoded-SVGs.patch
(QTBUG-90744)
==== libqt5-qtwebengine ====
Version update (5.15.2 -> 5.15.3)
- Add patch to fix build with GCC 11:
* 0001-Fix-build-with-GCC-11.patch
- Update _constraints to avoid OOM
- Add back missing part in fix1163766.patch (boo#1184610)
- Update to version 5.15.3:
* Fix spelling and coding style
* Fix new view request handling (QTBUG-87378)
* Fix getDefaultScreenId on X11
* Fix flaky tst_QWebEngineView::textSelectionOutOfInputField test
* Move touch input tests to separate testcase
* Add touch input tests for scrolling and pinch zooming
* Fix rare duplicate ids forming in touch point id's mapping
* Use the module's version number for QtWebEngineProcess
* Touch handling: provide id mapping without modifying TouchPoint instance
(QTBUG-88001)
* Touch handling: fix mapped ids cleanup for TouchCancel event
* et custom headers from QWebEngineUrlRequestInfo before triggering redirect
(QTBUG-88861)
* Forward modifier flags for lock keys (QTBUG-89001)
* Fix handling of more than one finger for touch event (QTBUG-86389)
* Stabilize load signals emitting (QTBUG-65223, QTBUG-87089)
* Fix building against 5.12 on most CIs
* Update minimum HarfBuzz version to 2.4.0 (QTBUG-88976)
* Fix building against Qt 5.14
* Migrate user script IPC to mojo
* Fix crashes in user resource controller when single process
* Minor. Fix namespace for user resource controller
* Minor. RenderThreadObserverQt is really a RenderConfiguration
* Remove RenderViewObserverHelper from UserResourceController
* Cache mojo interface bindings to UserResourceControllerRenderFrame
* Cache mojo interface bindings for WebChannelIPCTransport
* Migrate render_view_observer_qt to mojo
* Fix crash on linkedin.com (QTBUG-89740)
* Suppress error pages also for http errors if they are disabled
* Fix leak in QQuickWebEngineViewPrivate::contextMenuRequested
* Register PerformanceNode early enough
* Quiet log on webrtc usage
* Remove configure option that doesn't work
* Remove Java build dependency
* Fix blank popups in qml (QTBUG-86034)
* Fix position of popup on qml (QTBUG-86034, QTBUG-89358)
* Enable hangout services extension (QTBUG-85731)
* Allow to fallback to default locale for non existent data packs (QTBUG-90490)
* Support devtools close button
* Do not extract download file names from certain url schemes (QTBUG-90355)
* Leave room for the null-termination byte when checking remote drive path
(QTBUG-90347)
* Do not set open files limit for linking if not necessary
* Remove even more remains of non network service code
* Add back prefers-color-scheme support (QTBUG-89753)
* Start supporting chrome.resourcesPrivate API (QTBUG-90035)
* Enable chrome://user-actions WebUI
* Remove remains of chrome://flash
* Fix loadFinished signal if page has content but server sends HTTP error
(QTBUG-90517)
* Fix devtools page resource loading as raw data instead of html string
* Remove frame metadata observer (RenderWidgetHostViewQt) on destroy
* Resolve installed interceptors right before interception point (QTBUG-86286)
* Update searches faster
* Remove more leftovers of the old compositor
* Enable webrtc logging and the corresponding WebUI
* Support mips64el platform CPU(loongson 3A4000)
* Add tracing UI resources
* Fix crash on meet.google.com
* Fix mad popup qquickwindows on wayland
* Fix crashes on BrowserContext destruction
* Fix crash on exit in quicknanobrowser when popup
* Remove QtPdf dependency on nss at build-time
* Avoid accessing profileAdapter when profile is shutting down (QTBUG-91187)
* Do not flush messages form profile destructor
* Ignore QQuickWebEngineNewViewRequest if it is unhandled
* Fix ScopedGLContextChecker with QTWEBENGINE_DISABLE_GPU_THREAD=1
* Don't send duplicate load progress values
* Fix neon support in libpng
* Do not call deprecated profile interceptor on ui thread (QTBUG-86267)
* Add certificate error message for ERR_SSL_OBSOLETE_VERSION
* Fix assert in WebContentsAdapter::devToolsFrontendDestroyed
* Avoid to reject a certificate error twice in Quick
* Fix PDF viewer plugin
* FIXUP: Fix swap condition in DisplayGLOutputSurface::updatePaintNode
(QTBUG-86599)
* Fix favicon engine under device pixel scaling
* Do not pass a native keycode matching the menu key when it is remapped
(QTBUG-86672)
* Optimize WebEngineSettings::testAttribute
* Warn about QtWebengineProcess launching from network share (QTBUG-84632)
* Handle non-ascii names for pulseaudio (QTBUG-85363)
* Do not set audio device for desktop capture if audio loopback is unsupported
* Fix new view request handling (QTBUG-87378)
* Fix getDefaultScreenId on X11
* Touch handling: provide id mapping without modifying TouchPoint instance
(QTBUG-88001)
* Set custom headers from QWebEngineUrlRequestInfo before triggering redirect
(QTBUG-88861)
* Stabilize load signals emitting (QTBUG-65223)
- CVE fixes backported in chromium updates:
* CVE-2020-16044: Use after free in WebRTC
* CVE-2021-21118: Heap buffer overflow in Blink
* CVE-2021-21119: Use after free in Media
* CVE-2021-21120: Use after free in WebSQL
* CVE-2021-21121: Use after free in Omnibox
* CVE-2021-21122: Use after free in Blink
* CVE-2021-21123: Insufficient data validation in File System API
* CVE-2021-21125: Insufficient policy enforcement in File System API
* CVE-2021-21126: Insufficient policy enforcement in extensions
* CVE-2021-21127: Insufficient policy enforcement in extensions
* CVE-2021-21128: Heap buffer overflow in Blink
* CVE-2021-21129: Insufficient policy enforcement in File System API
* CVE-2021-21130: Insufficient policy enforcement in File System API
* CVE-2021-21131: Insufficient policy enforcement in File System API
* CVE-2021-21132: Inappropriate implementation in DevTools
* CVE-2021-21135: Inappropriate implementation in Performance API
* CVE-2021-21137: Inappropriate implementation in DevTools
* CVE-2021-21140: Uninitialized Use in USB
* CVE-2021-21141: Insufficient policy enforcement in File System API
* CVE-2021-21145: Use after free in Fonts
* CVE-2021-21146: Use after free in Navigation
* CVE-2021-21147: Inappropriate implementation in Skia
* CVE-2021-21148: Heap buffer overflow in V8
* CVE-2021-21149: Stack overflow in Data Transfer
* CVE-2021-21150: Use after free in Downloads
* CVE-2021-21152: Heap buffer overflow in Media
* CVE-2021-21153: Stack overflow in GPU Process
* CVE-2021-21156: Heap buffer overflow in V8
* CVE-2021-21157: Use after free in Web Sockets
- Drop obsolete patches:
* icu-68.patch
* icu-68-2.patch
- Rebase patches:
* fix1163766.patch
* sandbox-statx-futex_time64.patch
* rtc-dont-use-h264.patch
* chromium-glibc-2.33.patch
- Add patch to fix crash with certain locales:
* 0001-Fix-normalization-of-app-locales.patch
- Clean the spec file a bit
- Can't use system_vpx on Leap 15.3
==== librepo ====
Version update (1.13.0 -> 1.14.0)
- Update to 1.14.0
+ Fix LRO_PRESERVETIME behavior
+ Support multiple checksums in xattr (rh#1931904)
+ Return "calculated" checksum if requested w/caching
+ Fix lr_yum_download_url in case lr_handle is NULL
==== librsvg ====
Version update (2.50.3 -> 2.50.4)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.50.4:
+ Update dependent crates that had security vulnerabilities:
- generic-array to 0.13.3 - RUSTSEC-2020-0146
+ Reduced stack usage
+ Add limit for too-large radiuses on the feMorphology filter
+ Properly ignore elements in an error state inside
the "switch" element
==== libselinux ====
Subpackages: libselinux1 selinux-tools
- Remove Recommends for selinux-autorelabel. It's better to have this
in the policy package itself (bsc#1181837)
==== libsolv ====
Version update (0.7.17 -> 0.7.19)
- fix rare segfault in resolve_jobrules() that could happen
if new rules are learnt
- fix a couple of memory leaks in error cases
- fix error handling in solv_xfopen_fd()
- bump version to 0.7.19
- fixed regex code on win32
- fixed memory leak in choice rule generation
- repo_add_conda: add flag to skip v2 packages
- bump version to 0.7.18
==== libva ====
Version update (2.10.0 -> 2.11.0)
Subpackages: libva-drm2 libva2
- update to 2.11.0:
* add: LibVA Protected Content API
* add: Add a configuration attribute to advertise AV1d LST feature
* fix: wayland: don't try to authenticate with render nodes
* autotools: use shell grouping instead of sed to prepend a line
* trace: Add details data dump for mpeg2 IQ matrix.
* doc: update docs for VASurfaceAttribPixelFormat
* doc: Libva documentation edit for AV1 reference frames
* doc: Modify AV1 frame_width_minus1 and frame_height_minus1 comment
* doc: Remove tile_rows and tile_cols restriction to match AV1 spec
* doc: Format code for doxygen output
* doc: AV1 decode documentation edit for superres_scale_denominator
* ci: upgrade FreeBSD to 12.2
* ci: disable travis build
* ci: update cache before attempting to install packages
* ci: avoid running workloads on other workloads changes
* ci: enable github actions
==== libvpx ====
Version update (1.9.0 -> 1.10.0)
- using service/obspcio again because upstream tar ball is changing,
leading to trust validation errors
- udpate to 1.10.0:
This maintenance release adds support for darwin20 and new codec controls, as
well as numerous bug fixes.
- Upgrading:
New codec control is added to disable loopfilter for VP9.
New encoder control is added to disable feature to increase Q on overshoot
detection for CBR.
Configure support for darwin20 is added.
New codec control is added for VP9 rate control. The control ID of this
interface is VP9E_SET_EXTERNAL_RATE_CONTROL. To make VP9 use a customized
external rate control model, users will have to implement each callback
function in vpx_rc_funcs_t and register them using libvpx API
vpx_codec_control_() with the control ID.
- Enhancement:
Use -std=gnu++11 instead of -std=c++11 for c++ files.
- Bug fixes:
Override assembler with --as option of configure for MSVS.
Fix several compilation issues with gcc 4.8.5.
Fix to resetting rate control for temporal layers.
Fix to the rate control stats of SVC example encoder when number of spatial
layers is 1.
Fix to reusing motion vectors from the base spatial layer in SVC.
2 pass related flags removed from SVC example encoder.
==== libxcrypt ====
Version update (4.4.18 -> 4.4.19)
- Update to 4.4.19
* Improve fallback implementation of explicit_bzero.
* Add glibc-on-CSKY, ARC, and RISCV-32 entries to libcrypt.minver.
These were added in GNU libc 2.29, 2.32, and 2.33 respectively
* Do not build xcrypt.h if we?re not going to install it.
* Do not apply --enable-obsolete-api-enosys mode to fcrypt.
* Compilation fix for NetBSD. NetBSD?s <unistd.h> declares encrypt
and setkey to return int, contrary to POSIX (which says they return
void). Rename those declarations out of the way with macros.
* Compilation fixes for building with GCC 11.
Basically fixes for explicit type-casting.
* Force update of existing symlinks during installation
==== libxkbcommon ====
Version update (1.1.0 -> 1.2.1)
Subpackages: libxkbcommon-x11-0 libxkbcommon0
- Update to release 1.2.1 [boo#1184688]
* Fix `xkb_x11_keymap_new_from_device()` failing when the
keymap contains key types with missing level names, like the
one used by the `numpad:mac` option in xkeyboard-config.
(Regressed in 1.2.0.)
- Update to release 1.2.0
* `xkb_x11_keymap_new_from_device()` is much faster. It now
performs only 2 roundtrips to the X server, instead of dozens
(in first-time calls).
* Case-sensitive `xkb_keysym_from_name()` is much faster.
* Keysym names of the form `0x12AB` and `U12AB` are parsed more
strictly.
* Compose files now have a size limit (65535 internal nodes).
* Compose table loading (`xkb_compose_table_new_from_locale()`
and similar) is much faster.
==== libzypp ====
Version update (17.25.8 -> 17.25.9)
- Add missing includes for GCC 11 (bsc#1181874)
- Fix unsafe usage of static in media verifier.
- Solver: Avoid segfault if no system is loaded (bsc#1183628)
- MediaVerifier: Relax media set verification in case of a single
not-volatile medium (bsc#1180851)
- Do no cleanup in custom cache dirs (bsc#1182936)
- ZConfig: let pubkeyCachePath follow repoCachePath.
- version 17.25.9 (22)
==== lua54 ====
Version update (5.4.2 -> 5.4.3)
Subpackages: liblua5_4-5
- Add upstream-bugs.patch and upstream-bugs-test.patch to fix
bugs 1,2,3 for build and tests respectively.
- Update to version 5.4.3:
* Fixes bugs found in Lua 5.4.2
- Removed upstream-bugs.patch: new release (no bugs found yet)
- Removed upstream-bugs-test.patch: new release (no bugs found yet)
==== lvm2 ====
Subpackages: liblvm2cmd2_03
- Honor lvm.conf event_activation=0 on "pvscan --cache -aay" (bsc#1185190)
+ bug-1185190_01-pvscan-support-disabled-event_activation.patch
+ bug-1185190_02-config-improve-description-for-event_activation.patch
- LVM cannot be disabled on boot (bsc#1184687)
+ bug-1184687_Add-nolvm-for-kernel-cmdline.patch
- Update patch for avoiding apply warning message
+ bug-1012973_simplify-special-case-for-md-in-69-dm-lvm-metadata.patch
- Add metadata-based autoactivation property for VG and LV (bsc#1178680)
+ bug-1178680_add-metadata-based-autoactivation-property-for-VG-an.patch
==== lvm2-device-mapper ====
Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03
- Honor lvm.conf event_activation=0 on "pvscan --cache -aay" (bsc#1185190)
+ bug-1185190_01-pvscan-support-disabled-event_activation.patch
+ bug-1185190_02-config-improve-description-for-event_activation.patch
- LVM cannot be disabled on boot (bsc#1184687)
+ bug-1184687_Add-nolvm-for-kernel-cmdline.patch
- Update patch for avoiding apply warning message
+ bug-1012973_simplify-special-case-for-md-in-69-dm-lvm-metadata.patch
- Add metadata-based autoactivation property for VG and LV (bsc#1178680)
+ bug-1178680_add-metadata-based-autoactivation-property-for-VG-an.patch
==== makedumpfile ====
Version update (1.6.7 -> 1.6.8)
- Update patch metadata.
- Fix guessing of va_bits (bsc#1183977)
* makedumpfile-1-3-Use-vmcoreinfo-note-in-proc-kcore-for-mem-.patch
* makedumpfile-2-3-arm64-Make-use-of-NUMBER-VA_BITS-in-vmcore.patch
* makedumpfile-3-3-arm64-support-flipped-VA-and-52-bit-kernel.patch
- Support kernel 5.11:
* makedumpfile-use-uts_namespace.name-offset-VMCOREINFO.patch:
make use of 'uts_namespace.name' offset in VMCOREINFO.
- Update upstream project location (URL and Source).
- Update to version 1.6.8:
* Support newer kernels up to v5.9
* arm64: Add support for ARMv8.2-LPA (52-bit PA support)
* Retrieve MAX_PHYSMEM_BITS from vmcoreinfo
* sadump, kaslr: fix failure of calculating kaslr_offset
* Introduce --check-params option
* cope with not-present mem section
- Drop upstreamed patches:
* makedumpfile-Fix-cd_header-offset-overflow-with-large-pfn.patch
* makedumpfile-arm64-Align-PMD_SECTION_MASK-with-PHYS_MASK.patch
* makedumpfile-sadump-Fix-failure-of-reading.patch
- Allow to read kernel log from the lockless ringbuffer (bsc#1183965):
* makedumpfile-printk-add-support-for-lockless-ringbuffer.patch
* makedumpfile-printk-use-committed-finalized-state-value.patch
==== microdnf ====
Version update (3.7.1 -> 3.8.0)
- Update to 3.8.0
+ Add "makecache" command
+ Add "distro-sync" command
==== milou5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Set RunnerManager runnerWindow variable if it is available
==== mozilla-nspr ====
Version update (4.29 -> 4.30)
- update to version 4.30
* support longer thread names on macOS
* fix a build failure on OpenBSD
==== mozilla-nss ====
Version update (3.62 -> 3.63.1)
Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs
- update to NSS 3.63.1
* no upstream release notes for 3.63.1 (yet)
Fixed in 3.63
* bmo#1697380 - Make a clang-format run on top of helpful contributions.
* bmo#1683520 - ECCKiila P384, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
scalar multiplication.
* bmo#1683520 - ECCKiila P521, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
scalar multiplication.
* bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* bmo#1694214 - tstclnt can't enable middlebox compat mode.
* bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
profiles.
* bmo#1685880 - Minor fix to prevent unused variable on early return.
* bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
with nss build.
* bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
of root CA changes, CA list version 2.48.
* bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
'Chambers of Commerce' and 'Global Chambersign' roots.
* bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
from NSS.
* bmo#1687822 - Turn off Websites trust bit for the ?Staat der
Nederlanden Root CA - G3? root cert in NSS.
* bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
Root - 2008' and 'Global Chambersign Root - 2008?.
* bmo#1694291 - Tracing fixes for ECH.
- required for Firefox 88
==== multipath-tools ====
Version update (0.8.5+29+suse.5dabcd2 -> 0.8.5+30+suse.633836e)
Subpackages: kpartx libmpath0
- Update to version 0.8.5+30+suse.633836e:
* multipathd: give up "add missing path" after multiple failures
(bsc#1183963)
==== mutter ====
Version update (3.38.3 -> 40.0)
Subpackages: mutter-data
- Rebase mutter-SLE-bsc984738-grab-display.patch and
mutter-SLE-bell.patch.
- Update to version 40.0:
+ xwayland: Check permissions on /tmp/.X11-unix.
- Update to version 40.rc:
+ Fix keyboard input from remote desktop in Xorg session.
+ Fix restoring focus to windows using globally active input.
+ Expose unaccalerated touchpad gesture deltas.
+ Avoid relayout on text attribute changes when possible.
+ Add remote desktop caps- and num-lock state properties.
+ Improve refresh rate calculation.
+ Implement presentation-time protocol.
+ Disable double-buffered shadow buffering.
+ Fix missing cursor on tablet devices.
+ Fix frame timings causing X11 clients to get stuck.
+ Fix applying input settings on X11.
+ Add headless native backend.
+ Fix high latency and stalls with proprietary nvidia driver.
+ Fix maximized windows not reacting to strut changes.
+ Only start XWayland on demand when running under systemd.
+ Sync LEDs when a new input device is added.
+ Fix order in which subsurface placement operations are handled.
+ Fixed crashes.
+ Plugged leaks.
+ Misc. bug fixes and cleanups.
+ Updated translations.
- Update to version 40.beta:
+ Consider clients without mapped windows for xwayland
auto-shutdown.
+ Let compositor to handle super+scroll events.
+ Default to starting Xwayland on demand.
+ xwayland: Restore abstract socket support.
+ Add support for atomic mode setting.
+ Fix clip region glitches when using fractional scaling.
+ Default to horizontal workspace layout.
+ Do not ping unmanaging windows.
+ Handle monitor changes during screencasts.
+ Fix unexpected jumps after restoring misbehaving clients.
+ Fix newly opened X11 windows being invisible in overview.
+ Fix viewport of offscreen effects.
+ Fix drag cancel animation when using geometry scaling.
+ Improve touch-mode heuristics.
+ Integrate clipboard with remote desktop sessions.
+ Fix stuck icon in DND operation between X11 and wayland.
+ Automatically synchronize pointer position after modal grabs.
+ Reimplement support for CLUTTER_SHOW_FPS.
+ Only pick on events that may move the pointer.
+ Emit discrete scroll events for accumulated smooth events in
virtual X11 devices.
+ Add support for rounded clipping when drawing background.
+ Plugged memory leaks.
+ Fixed crashes.
+ Misc. bug fixes and cleanups.
+ Updated translations.
- Update to version 40.alpha.1.1:
+ Adapt to settings moving to gsettings-desktop-schemas.
+ Misc. bug fixes and cleanups.
- Changes from version 40.alpha.1:
+ Base ClutterEffects on ClutterPaintNodes.
+ xwayland: Set xrandr primary output.
+ Add paint node based blur support.
+ Disable CRTCs if there is no monitor.
+ Fix updates of mipmapped animated backgrounds.
+ Allow remote desktop clients to specify scroll source.
+ Support the color transform matrix RandR property on X11.
+ Plugged memory leaks.
+ Fixed crashes.
+ Misc. bug fixes and cleanups.
- Update to version 40.alpha:
+ Replace CoglMatrix with graphene_matrix.
+ Allow to specify debug topics in MUTTER_DEBUG.
- Bump api_major to 8, following upstream changes.
==== nautilus ====
Version update (3.38.2 -> 40.0)
Subpackages: gnome-shell-search-provider-nautilus libnautilus-extension1
- Update set_trusted.sh: Use the right value in gio command
(bsc#1185026).
- Update to version 40.0:
+ Updated translations.
- Update to version 40.rc:
+ Group files depending on the opening app.
+ Fix crashes when closing the last tab.
+ Revert text-based clipboard workaround and use the dedicated
type again.
+ Use GNOME 40 empty view styling.
- Update to version 40.beta:
+ Improve tab completion in the location entry.
+ Make manual rename more convenient in File conflict dialog.
+ Add support for extracting password-protected archives.
+ Implement new single-page design of Preferences dialog.
+ Use libhandy for window and headerbar.
+ Fix detection and handling of remote files.
+ Fix progress reporting in various cases.
+ Fix Batch rename dialog crashes.
+ Preserve mtime of non-empty directories on move.
+ Updated translations.
- New build requirement: pkgconfig(libhandy-1).
- Update to version 40.alpha:
+ Add support for creation date.
+ Fix several memory leaks.
+ Do not use default location instead of root in path bar.
+ Don't save window state when tiled.
- Add pkgconfig(libportal) BuildRequires: new dependency.
==== ncurses ====
Version update (6.2.20210313 -> 6.2.20210424)
Subpackages: libncurses6 ncurses-utils terminfo-base
- Add ncurses patch 20210424
+ avoid using broken system macros for snprintf which interfere with
_nc_SLIMIT's conditionally adding a parameter when the string-hacks
configure option is enabled.
+ add a "all::" rule before the new "check" rule in test/Makefile.in
- Add ncurses patch 20210418
+ improve CF_LINK_FUNCS by ensuring that the source-file is closed
before linking to the target.
+ add "check" rules for headers in c++, progs and test-directories.
+ build-fix for termsort module when configured with termcap (reports
by Rajeev V Pillai, Rudi Heitbaum).
- Add ncurses patch 20210417
+ extend --disable-pkg-ldflags option to also control whether $LDFLAGS
from the build is provided in -config and .pc files (Debian #986764).
+ fix some cppcheck warnings, mostly style, in ncurses and c++
libraries and progs directory.
+ fix off-by-one limit for tput's processing command-line arguments
(patch by Hadrien Lacour).
- Do not strip examples
- Install available manual pages of examples as well
- Add ncurses patch 20210403
+ fix some cppcheck warnings, mostly style, in ncurses library and
progs directory.
+ improve description of BSD-style padding in curs_termcap.3x
+ improved CF_C11_NORETURN macro, from byacc changes.
+ fix "--enable-leak" in CF_DISABLE_LEAKS to allow turning
leak-checking off later in a set of options.
+ relax modification-time comparison in CF_LINK_FUNCS to allow it to
accept link() function with NFS filesystems which change the mtime
on the link target, e.g., several BSD systems.
+ call delay_output_sp to handle BSD-style padding when tputs_sp is
called, whether directly or internally, to ensure that the SCREEN
pointer is passed correctly (reports by Henric Jungheim, Juraj
Lutter).
- Correct offsets of patch ncurses-6.2.dif
- Disable pcre support for now (boo#1183960, boo#1184083)
- Add ncurses patch 20210327
+ build-fixes for Solaris10 /bin/sh
+ fix some cppcheck warnings, mostly style, in ncurses test-programs,
form and menu libraries.
- Add ncurses patch 20210323
+ add configure option --enable-stdnoreturn, making the _Noreturn
keyword optional to ease transition (prompted by report by
Rajeev V Pillai).
- Enhence cursescheck script
- Disable _Noreturn usage as it breaks build of e.g. dialog
- Add ncurses patch 20210320
+ improve parameter-checking in tput by forcing it to analyze any
extended string capability, e.g., as used in the Cs and Ms
capabilities of the tmux description (report by Brad Town,
cf: 20200531).
+ remove an incorrect free in the fallback (non-checking) version of
_nc_free_and_exit (report by Miroslav Lichvar).
+ correct use-ordering in some xterm-direct flavors -TD
+ add hterm, hterm-256color (Mike Frysinger)
+ if the build-time compiler accepts c11's _Noreturn keyword, use that
rather than gcc's attribute.
+ change configure-check for gcc's noreturn attribute to assume it is
a prefix rather than suffix, matching c11's _Noreturn convention.
+ add "lint" rule to c++/Makefile, e.g., with cppcheck.
- Port patch ncurses-6.2.dif by correcting offsets
==== openSUSE-build-key ====
- fixed s390x key install (bsc#1185245)
==== openssl ====
Version update (1.1.1j -> 1.1.1k)
- Update to 1.1.1k release
==== openssl-1_1 ====
Version update (1.1.1j -> 1.1.1k)
Subpackages: libopenssl1_1
- Update to 1.1.1k
* Fixed a problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag. This flag enables additional
security checks of the certificates present in a certificate
chain. It is not set by default. ([CVE-2021-3450])
[bsc#1183851]
* Fixed an issue where an OpenSSL TLS server may crash if sent a
maliciously crafted renegotiation ClientHello message from a
client. If a TLSv1.2 renegotiation ClientHello omits the
signature_algorithms extension (where it was present in the
initial ClientHello), but includes a signature_algorithms_cert
extension then a NULL pointer dereference will result, leading
to a crash and a denial of service attack.
A server is only vulnerable if it has TLSv1.2 and renegotiation
enabled (which is the default configuration). OpenSSL TLS
clients are not impacted by this issue. ([CVE-2021-3449])
[bsc#1183852]
==== pam ====
Subpackages: pam_unix
- If "LOCAL" is configured in access.conf, and a login attempt from
a remote host is made, pam_access tries to resolve "LOCAL" as
a hostname and logs a failure.
Checking explicitly for "LOCAL" and rejecting access in this case
resolves this issue.
[bsc#1184358, bsc1184358-prevent-LOCAL-from-being-resolved.patch]
- pam_limits: "unlimited" is not a legitimate value for "nofile"
(see setrlimit(2)). So, when "nofile" is set to one of the
"unlimited" values, it is set to the contents of
"/proc/sys/fs/nr_open" instead.
Also changed the manpage of pam_limits to express this.
[bsc#1181443, pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch]
==== pango ====
Version update (1.48.3 -> 1.48.4)
Subpackages: libpango-1_0-0 typelib-1_0-Pango-1_0
- Update to version 1.48.4:
+ Include docs in the dist tarball.
+ Include gi-docgen in the dist tarball, too.
+ win32: Fix 'Cursive' fallback.
+ Fix placement of marks in vertical text.
+ Cache metrics for the current font.
+ Improve letterspacing with combining marks.
==== patterns-gnome ====
Subpackages: patterns-gnome-gnome_basic patterns-gnome-gnome_basis
- Recommend gnome-extensions for installation by basis pattern.
==== patterns-kde ====
- Recommend plasma5-systemmonitor in kde_plasma
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap
- Suggest libdnf-repo-config-zypp explicitly
- Fix dependency on systemd-icon-branding-openSUSE
- Use only kernel-firmware-all instead of kernel-firmware to avoid
duplicate firmware on the DVD
- spice-vdagent is available on all archs
- hyper-v and open-vm-tools are available on AArch64 as well
- A fresh install does not have xdg-open & friends. Fix by adding xdg-utils
- while there, fix the comment, as they're common tools, but not
necessarily useful only "during initial setup"
- Add packages to the desktop commons pattern:
systemd-icons-branding-openSUSE (to list the MicroOS logo on the
Gnome Settings About page)
- Add packages to the DVD:
- instead of adding firmware-all, add specific firmware packages for
common hardware (or at least, for hardware for which we have bugs
open, see bsc#1184767 and bsc#1184403)
- Add some packages in the DVD:
- Spice guest driver so graphics works properly out of the box,
when installing in VMs (mostly for desktops)
- firmwares so that (wireless mostly, bot also wired) networking
works in the installer and on the installed system
==== pcre2 ====
Subpackages: libpcre2-16-0 libpcre2-8-0
- Remove regcomp, regexec etc. from libpcre2-posix.
(Add pcre2-symbol-clash.patch)
==== perl-Bootloader ====
Version update (0.933 -> 0.934)
- merge gh#openSUSE/perl-bootloader#134
- install with --removable if efivars are not writable
(bsc#1182749, bsc#1174111, bsc#1184160)
- fix whitespace
- 0.934
==== pipewire ====
Version update (0.3.24 -> 0.3.26)
Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-modules pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools
- Update to 0.3.26:
+ Highlights:
- I18n support, with translations merged from PulseAudio.
- New pw-link tool.
- Many Bluetooth improvements, support for hardware volumes.
- Support for 64 channel devices.
- Stability fixes and improvements.
+ PipeWire improvements:
- The link factory can now also make links between nodes and
ports by name so that it can be used in scripts.
- Add module-protocol-simple that can stream raw audio on a
socket.
- Added i18n support. Merge PulseAudio translations for the ACP
library so that we don't cause regressions.
- Support more than 19 channels in the channel mixer. This
makes all channels usable on 32 and 64 channel cards.
- Detect if we're running in a VM and allow for tweaking some
settings such as the max-quantum to make things work better
in VMs.
- Fix a potential crash when connecting a client and updating
permissions.
- Fix a potential crash when trying to link incompatible ports.
- Lingering links in error will now be destroyed automatically.
+ Tools:
- Added new pw-link tool to list and monitor ports and to list,
monitor, create and destroy links between them.
- pw-cli can now also list params by name.
- pw-dump now outputs Spa:String:JSON types in metadata as
properly parsed and formatted JSON so that tools can parse
the metadata values using a JSON parser.
+ Session-manager:
- Add logind support. The bluetooth monitor can only be started
for one user at the time, so use logind detect active seats.
- ALSA icon names were improved to match what PulseAudio does.
- Improve the bluetooth icon name. Also use the device alias as
the device description, like PulseAudio.
+ Device support:
- When devices become inaccessible, they are now removed from
the PipeWire graph.
- Fix datatype selection for buffers in v4l2 and libcamera.
+ Bluetooth:
- Various memory leaks and crashes are fixed.
- Added support for AVRCP hardware volume.
- Added support for HSP/HFP hardware volume.
+ PulseAudio server:
- Fix module-loopback connections to monitor ports.
- Implement module-native-protocol-tcp.
- Handle nodes and streams with > 32 channels. The PulseAudio
API only supports up to 32 channels so only make those 32
first channels available with the PA API.
- Implement module-simple-protocol-tcp.
- Improve events emitted by the server.
- Improvements to channels and channel_map properties on
modules. One can imply the other and they should match when
both given.
- null-sink will now have their volume work correctly by
default.
+ JACK: JACK developement files can now optionally be installed.
- Update to 0.3.25:
+ This is a bugfix release that is API and ABI compatible with
- previous 0.3.x releases.
+ Highlights
- Many stability improvements.
- Plug fd leak in flatpak detection
- add pw-loopback tool and support module-loopback
- volume restore for virtual sinks/sources or other sink/sources
without hardware volume.
- Fix cracks and pops in audio capture.
- Many bluetooth improvements and compatibity fixes.
+ PipeWire improvements
- Hex encode invalid SEC_LABEL properties to avoid generating invalid json.
- Small fixes to how nodes are started to avoid crashes.
- Make sure ports are only scheduled after being fully negotiated
to avoid crashes.
- Implement coverity into CI, fix some bugs detected by coverity.
- Plug leak in flatpak detection.
- Fix crash when removing globals in some cases.
- Fix crash because the mixer info was not removed from a port in all cases.
- Add PIPEWIRE_AUTOCONNECT environment variable to disable stream autoconnect.
Also add a config option to disable autoconnect.
- Improve wildcard in format helpers.
- Add env variable to disable journald logging.
+ Tools
- Add a new pw-loopback tool to loop a capture device to a playback device.
- Display localized strings correctly in pw-top
- Add some more options to pw-dot
+ Session-manager
- When a new node is configured and some stream have this as the
default target, move them to it.
- Fix some crashes.
- Implement volume restore on nodes without routes. This makes it
possible to restore volume on purely software nodes like null-sinks.
- Also try to suspend errored nodes so that they may leave the
error state and be reused again.
- Break endless link loops when something went wrong.
+ Device support
- Fix monitor volumes, they are now separate from the hardware volume.
- Fix cracks and pops in alsa capture caused by mismatch between
resampler and capture source.
- Add start-delay config option to alsa sink.
- Ensure the PipeWire midi ports start from a higher number so that the
lower port numbers are available to apps as before.
+ Bluetooth
- source devices are now removed when idle
- Support using pipewire as Audio Gateway.
- LDAC encoding quality can be configured now
- Implement codec switching for HFP
- Implement codec switching with new device property.
- Improved stability and compatibility
- Autoconnect device profiles at startup
- Add AAC bitrate mode configuration
- Make it possible to use an A2DP source as an input device.
You can then use your phone as an A2DP microphone, for example.
- Remove battery reporting when RFCOMM connections is closed.
+ PulseAudio server
- Add some workarounds for Blueman
- Set correct errno values, fixes a hang in load-module of a non-existing module
- Try to not send inconsistent information to clients.
- Fix some crashes.
- Add support for the new send-message API, use this to switch bluetooth codecs.
- Fix draining by making sure we are started.
- Handle 0 sink and source as the default sink/source.
- Implement module-loopback
+ JACK
- Fix some memory leaks when closing a client
- Add self-connect config option to limit where clients can connect themselves.
- Don't crash when apps call _port_get_buffer() on a port that is not their
own but simply return NULL. This fixes a crash in Ardour6.
- Improve client added/removed callbacks. Sometimes it would emit a client
remove when there were still ports for the client.
- make sure midi port names are stable across reboots.
==== pkgconf ====
Subpackages: libpkgconf3 pkgconf-m4 pkgconf-pkg-config
- do not own directories provided by filesystem
- small cleanups inspired by spec-cleaner
==== plasma-browser-integration ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== plasma-framework ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5Plasma5 plasma-framework-components
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Too many changes since 5.80.0, only listing bugfixes:
* Change ContrastEffect check to AdaptiveTransparency in A.T. check (kde#434200)
==== plasma-nm5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Fix bug with openfortivpn that do not support 2fa (kde#434940)
==== plasma5-addons ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== plasma5-desktop ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* fixup! fix broken keyboard configurations with single layout on Wayland
* fix broken keyboard configurations with single layout on Wayland (kde#433576)
* Fix zero badges (eg when downloading small files with Firefox)
* [applets/kickoff] Make section headers more section headery (kde#434669)
==== plasma5-integration ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== plasma5-openSUSE ====
Subpackages: plasma5-defaults-openSUSE plasma5-theme-openSUSE sddm-theme-openSUSE
- Update to 5.21.4
==== plasma5-pa ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Round volume to avoid increasing or decreasing by more than stepSize (kde#434769)
==== plasma5-workspace ====
Version update (5.21.3 -> 5.21.4)
Subpackages: gmenudbusmenuproxy plasma5-session plasma5-session-wayland plasma5-workspace-libs xembedsniproxy
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- Changes since 5.21.3:
* Make sure that *m_twinSpacer is iniitialized in panelspacer (kde#422914)
* Comment was interpreted as part of Restart
* [applets/digital-clock] Fix timezone placeholder message positioning
* icons kcm: Clear pending deletions when Defaults button is clicked
* Remove pointless widget (kde#434910)
* krunner: Restore history related property and methods for compatibility with third party themes (kde#433173)
* Make bottom frame again visible (kde#434645)
* Fix color scheme preview (kde#434493)
* save layout when corona startup is completed (kde#433799)
* Klipper Waylandclipboard: force offer of specific mimetype to fix pasting to gtk applications
==== podman ====
Version update (3.0.1 -> 3.1.2)
Subpackages: podman-cni-config
- Update to version 3.1.2:
* Bump to v3.1.2
* Update release notes for v3.1.2
* Ensure mount destination is clean, no trailing slash
* Fixes podman-remote save to directories does not work
* [CI:DOCS] Add missing dash to verbose option
* [CI:DOCS] Fix Markdown table layout bugs
* [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md
* rmi: don't break when the image is missing a manifest
* Bump containers/image to v5.11.1
* Bump github.com/coreos/go-systemd from 22.2.0 to 22.3.1
* Fix lint
* Bump to v3.1.2-dev
- Split podman-remote into a subpackage
- Add missing scriptlets for systemd units
- Escape macros in comments
- Drop some obsolete workarounds, including %{go_nostrip}
- Update to version 3.1.1:
* Bump to v3.1.1
* Update release notes for v3.1.1
* podman play kube apply correct log driver
* Fix build with GO111MODULE=off
* [CI:DOCS] Set all operation id to be compatibile
* Move operationIds to swagger:operation line
* swagger: add operationIds that match with docker
* Fix missing podman-remote build options
* [NO TESTS NEEDED] Shrink the size of podman-remote
* Move socket activation check into init() and set global condition.
* rootless: use is_fd_inherited
* Recreate until container prune tests for bindings
* System tests: special case for RHEL: require runc
* Document --volume from podman-remote run/create client
* Containers prune endpoint should use only prune filters
* Trim white space from /top endpoint results
* Fix unmount doc reference in image.rst
* Fix handling of remove --log-rusage param
* Makefile: introduce install.docker-full
* Makefile: ensure install.docker creates BINDIR
* Should send the OCI runtime path not just the name to buildah
* Fixed podman-remote --network flag
* podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns
* Fix typos --uidmapping and --gidmapping
* Add default template functions
* Don't relabel volumes if running in a privileged container
* Allow users to override default storage opts with --storage-opt
* Add transport and destination info to manifest doc
* Verify existence of auth file if specified
* Ensure that `--userns=keep-id` sets user in config
* [CI:DOCS] Update swagger definition of inspect manifest
* Volumes prune endpoint should use only prune filters
* Adjust libpod API Container Wait documentation to the code
* Add missing return
* [CI:DOCS] Fix formatting of podman-build man page
* cgroups: force 64 bits to ParseUint
* Fix slashes in socket URLs
* [CI:DOCS] Correct status code for /pods/create
* cgroup: do not set cgroup parent when rootless and cgroupfs
* Reflect current state of prune implementation in docs
* Do not delete container twice
* Test that we don't error out on advertised --log-level values
* At trace log level, print error text using %+v instead of %v
* pkg/errorhandling.JoinErrors: don't throw away context for lone errors
* Recognize --log-level=trace
* Fix message about runtime to show only the actual runtime
* Fix handling of $NAME and $IMAGE in runlabel
* Fix flake on failed podman-remote build : try 2
* Fix flake on failed podman-remote build
* Update documentation of podman-run to reflect volume "U" option
* Fixes invalid expression in save command
* Fix possible panic in libpod/image/prune.go
* Update all containers/ project vendors
* Fix tests
* Bump to v3.1.1-dev
- Update to version 3.1.0:
* Bump to v3.1.0
* Fix test failure
* Update release notes for v3.1.0 final release
* [NO TESTS NEEDED] Turn on podman-remote build --isolation
* Fix long option format on docs.podman.io
* Fix containers list/prune http api filter behaviour
* [CI:DOCS] Add note to mappings for user/group userns in build
* Validate passed in timezone from tz option
* Generate Kubernetes PersistentVolumeClaims from named volumes
* libpod/image: unit tests: use a `registries.conf` for aliases
- Require systemd 241 or newer due to podman dependency go-systemd v22,
otherwise build will fail with unknown C name errors
- Create docker subpackage to allow replacing docker with
corresponding aliases to podman.
==== polkit-default-privs ====
Version update (1550+20210111.f725c25 -> 1550+20210409.c29362e)
- Update to version 1550+20210409.c29362e:
* profiles: add KDiskMark (bsc#1182521)
* profiles: add kdenetwork-filesharing (bsc#1175633) (#37)
==== polkit-kde-agent-5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== poppler ====
Version update (21.03.0 -> 21.04.0)
Subpackages: libpoppler-cpp0 libpoppler-glib8
- Add Export-SplashFont-symbols-used-by-Scribus.patch to fix
scribus' PDF import plugin
- update to 21.04.0
core:
* Hide symbols by default
* TextSelectionDumper: fix word order for RTL text
* Fix rendering of text in some files. Issue #1052
* Implement rendering of Masks of Image subtype. Issue #1058
* Forms: fix unclicking standalone form buttons. Issue #1034
glib:
* Expose more fields from MediaRendition in PopplerMedia
* Use stock glib macro to define boxed type
* Remove incorrecly used volatile from enum type registration code
qt5:
* Fix crash in files with malformed signatures
* Fix memory leak when QImage constructor "fails"
qt6:
* Fix crash in files with malformed signatures
* Fix memory leak when QImage constructor "fails"
utils:
* pdfsig: New paragraph for "-sign" in manpage
* pdfimages: Do not assert in "too big images". Issue #1061
- Add a Qt6 flavor to poppler
==== poppler-qt5 ====
Version update (21.03.0 -> 21.04.0)
- Add Export-SplashFont-symbols-used-by-Scribus.patch to fix
scribus' PDF import plugin
- update to 21.04.0
core:
* Hide symbols by default
* TextSelectionDumper: fix word order for RTL text
* Fix rendering of text in some files. Issue #1052
* Implement rendering of Masks of Image subtype. Issue #1058
* Forms: fix unclicking standalone form buttons. Issue #1034
glib:
* Expose more fields from MediaRendition in PopplerMedia
* Use stock glib macro to define boxed type
* Remove incorrecly used volatile from enum type registration code
qt5:
* Fix crash in files with malformed signatures
* Fix memory leak when QImage constructor "fails"
qt6:
* Fix crash in files with malformed signatures
* Fix memory leak when QImage constructor "fails"
utils:
* pdfsig: New paragraph for "-sign" in manpage
* pdfimages: Do not assert in "too big images". Issue #1061
- Add a Qt6 flavor to poppler
==== powerdevil5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== prison-qt5 ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5Prison5 prison-qt5-imports
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-module-bluetooth pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils
- Really fix recording OGG with parecord (bsc#1183546)
parecord-really-fix-recording-OGG.patch
==== purpose ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5Purpose5 libKF5PurposeWidgets5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- No code change since 5.80.0
==== python-MarkupSafe ====
- allow tests to be disabled (still on by default)
==== python-cryptography ====
- Remove unnecessary %ifpython3 construct
==== python-gobject ====
Version update (3.38.0 -> 3.40.1)
Subpackages: python38-gobject python38-gobject-Gdk python38-gobject-cairo
- Update to version 3.40.1:
+ Fix tests with glib 2.68.
+ Fix a regression with marshalling partial() objects.
- Update to version 3.40.0:
+ GTK 4 compatibility fixes.
+ Python 3.9 and 3.10 compatibility fixes.
+ New minimal dependency requirements.
- Up glib2, gobject-introspection, and cairo required versions.
==== python-importlib-metadata ====
Version update (3.7.0 -> 3.7.2)
- update to 3.7.2:
* Cleaned up cruft in entry_points docstring.
* Internal refactoring to facilitate ``entry_points() -> dict``
deprecation.
==== python-jsonpatch ====
Version update (1.28 -> 1.31)
- update to 1.31:
* Add support for preserving Unicode charaters
* remove pypy build
==== qalculate ====
Version update (3.16.1 -> 3.18.0)
- Update to 3.18.0:
* Improve handling of expressions with log-based units
* Improve conversion of expression with multiple units
to a single unit (e.g. m/W to W)
* Output (kilo)gram instead of tonne with small prefix
* New functions for statistical distributions: probit(), betadist(),
cauchydist(), chisqdist(), expinv(), fdist(), gammadist(),
tdist(), wblinv(), weibulldist()
* Improve functions for statistical distribution
* Improve sexagesimal input and output, and add geodistance()
for calculation of distance between two GPS coordinates
* Add command() function, which runs an external command
and returns the output
* erfinv() function and support for solving equations
with error functions
* Fix conversion with relative temperature units activated
* Fix gammainc() function
* Fix keyboard focus when run hidden automatically at startup
* Temperature calculation modes (absolute, relative, hybrid)
* Allow prefixes, with full name, without units (e.g. kilo = 10^3)
* Extended and improved simplified Chinese translation
* Save handle vector function argument property
* Fix never ending loop when calculating []*[]
* Minor bug fixes and feature improvements
==== qqc2-desktop-style ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Respect highlighted property (kde#384989)
* Fix bad default window size of tabbar test
* Fix size of toolbuttons
* [DialogButtonBox] Improve implicit size behavior
==== raspberrypi-firmware-config ====
- Use smbios overlay to get minimal SMBIOS information through dmidecode (bsc#1183079)
==== raspberrypi-firmware-dt ====
- Add overlay for smbios information (bsc#1183079)
* smbios-overlay.dts
==== rav1e ====
Version update (0.4.0 -> 0.4.1)
- avoid packaging the pkgconfig dir - it comes from filesystem
- spec-cleaner run
- Update to version 0.4.1
* https://github.com/xiph/rav1e/releases/tag/v0.4.1
==== re2 ====
Version update (20210202 -> 20210401)
- Update to 2021-04-01:
* Make cached benchmarks actually use cached objects
* Address some -Wmissing-field-initializers warnings
* Make it easier to swap in a scalable reaer-writer mutex
* In the shared library, set compatibility version and
current version
==== rpm ====
Version update (4.16.0 -> 4.16.1.3)
- Use --dwz-single-file-mode for packages that use
baselibs.conf mechanism.
- Add add-dwz-single-file-mode-option.patch patch.
- change dump_posttrans mechanism to imply --noposttrans so that
libzypp can be compatible with older rpm versions
changed patch: posttrans.diff
- auto-config-update-aarch64-ppc64le.diff: Use timestamp in file instead
of searching for arch name, which cannot handle all cases
- update to rpm-4.16.1.3
* security fixes for CVE-2021-3421, CVE-2021-20271, CVE-2021-20266
* fix bdb_ro failing to open database with missing secondary indexes
* dropped: finddebuginfo-check-res-file.patch
* dropped: empty_dbbackend.diff
- require the exact version of librpmbuild in the rpm-build
package [bnc#1180965]
- reformat dwarf5.diff
- add dump_posttrans and --runposttrans options to make it possible
for libzypp to implement file triggers
new patch: posttrans.diff
==== rpm-config-SUSE ====
Version update (0.g64 -> 0.g76)
- Update to version 0.g76:
* Prepare usrmerge (boo#1029961)
* scripts/find-provides.ksyms: Handle XZ compressed kernel (boo#1179251).
* find-requires.ksyms: use "if kernel" conditional for modules-load.d
* find-requires.ksyms: actually generate modules-load.d dependencies
* find-requires.ksyms: Silence the awk warning
* find-provides.ksyms: Fix kernel version test
* find-provides.ksyms: Fix ksym-provides test
==== runc ====
- Backport patch to fix build on SLE-12 ppc64le.
+ 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch
==== samba ====
Version update (4.13.4+git.199.be6e11f5ab2 -> 4.14.2+git.159.2a8872214bf)
Subpackages: libdcerpc-binding0 libdcerpc0 libndr-krb5pac0 libndr-nbt0 libndr-standard0 libndr1 libnetapi0 libsamba-errors0 libsamba-hostconfig0 libsamba-passdb0 libsamba-util0 libsamdb0 libsmbclient0 libsmbconf0 libsmbldap2 libtevent-util0 libwbclient0 samba-client samba-libs samba-libs-python3
- Update to 4.14.2
* Release with dependency on ldb version 2.3.0.
- Update to 4.14.1
* CVE-2021-20277: Fix out of bounds read in ldb_handler_fold; (bso#14655);
* CVE-2020-27840: Fix unauthenticated remote heap corruption via bad DNs;
(bso#14595);
- Update to 4.14.0
* VFS layer modernized.
* Printers publishing in AD improved.
* Client group policies support for sudoers configuration and
cron jobs.
* Improved consistency of samba-tool subcommands.
* CTDB now uses the terms leader and follower instead of master and
slave. Configuration options have changed accordingly.
* The ctdb isnotrecmaster command is removed.
* For details on all items see WHATSNEW.txt in samba-doc package.
==== selinux-policy ====
Version update (20210309 -> 20210419)
Subpackages: selinux-policy-targeted
- Added Recommends for selinux-autorelabel (bsc#1181837)
- Prevent libreoffice fonts from changing types on every relabel
(bsc#1185265). Added fix_libraries.patch
- Transition unconfined users to ldconfig type (bsc#1183121).
Extended fix_unconfineduser.patch
- Update to version 20210419
- Refreshed:
* fix_dbus.patch
* fix_hadoop.patch
* fix_init.patch
* fix_unprivuser.patch
==== sg3_utils ====
Version update (1.45~815+5.6aa67ed -> 1.46)
- Update to version 1.46:
* sg_rep_pip: new utility: report provisioning initialization
pattern command
* sg_turs: estimated time-to-ready [spc6r03]
- add --delay=MS option
* sg_requests: substantial cleanup
* sg_vpd: add Format presets and Concurrent positioning ranges
- add hot-pluggable field in standard Inquiry [spc6r05]
- fix vendor struct opts_t alignment
* sg_inq: add hot-pluggable field in standard Inquiry
* sg_dd: --verify : separate category for miscompare errors
- --verify : oflag=coe continue on miscompares, counts them
- add cdl= operand for command duration limit indexes
- add oflag=nocreat and conv=nocreat : OFILE must exist
- add iflag=00, ff, random flags
- setup conditional auto rule for getrandom()
- add command timeout after comma in time= operand
* sg_get_elem_status: add ralwd bit sbc4r20a
* sg_write_x: add dld bits to write(32) [sbc4r19a]
* sg_rep_zones: print invalid write pointer LBA as -1 rather
than 16 "f"s
* sg_opcodes: improve handling of RWCDLP field
* sg_ses: use fan speed factor field for calculation [ses4r04]
- add --all (-a) option, same action as --join
* sg_compare_and_write: add examples section to its manpage
* sg_modes: document '-s' option (same as '-6')
* sg_sanitize + sg_format: when --verbose given once report
probable success; without --verbose 'no news is good news'
* sg_zone: add Remove element and modify zones command
* sg_raw: increase maximum data-in and data-out buffer size
from 64 KB to 1 MB
- fix --cmdfile= handling
- add --nvm option to send commands from the NVM command set
- add --cmdset option to bypass cdb heuristic
- add --scan= first_opcode,last_opcode
* sg_pt_freebsd: allow device names without leading /dev/
thus fix for regression introduced in rev 731 (ver: 1.43)
* sg_pt_solaris+sg_pt_osf1: fix problem with clear_scsi_pt_obj()
which needs to remember is_nvme and dev_fd values
* sg_lib: add ZBC (2020) feature set entries
* sg_lib: restore elements and rebuild command added
* sg_lib,sg_pt: add partial_clear_scsi_pt_obj(),
get_scsi_pt_cdb_len() and get_scsi_pt_cdb_buf()
- add do_nvm_pt() for the NVM (sub-)command set
- tweak transport error handling in Linux
* sg_lib: Linux NVMe SNTL: add read, write and verify;
synchronize cache and write same translations
- add dummy start stop unit and test unit ready commands
- wire cache mpage's WCE to nvme 'volatile write cache'
- fix crash in sg_f2hex_arr() when fname not found
* sg_lib: reprint cdb with illegal request sense key
- asc/ascq match asc-num.txt @t10 20200708 [spc6r02]
* gcc-10: suppress warnings
* autoconf: upgrade version 2.69 to 2.70
* remove space from end of source lines for git-svn
* testing/sg_mrq_testing: new, for blocking mrq usage
* testing/sgs_dd: add evfd flags and eventfd processing
* testing: remove master-slave terminology for sgv4
* examples: add nvme_read_ctl.hex and nvme_write_ctl.hex
==== shadow ====
- Do not require libeconf-devel on products without /usr/etc.
- Split login.defs configuration file into own sub-package, which
allows to install util-linux or pam on small embedded/edge
systems or container without the need to pull in the full shadow
suite.
- Amend patches/useradd-userkeleton.patch to also write into
existing directories and prefer files from /etc
- Add patch useradd-userkeleton.patch to extend original C code
of useradd to handle /usr/etc/skel (boo#1173321)
- Remove /usr/etc/skel support in useradd.local script
==== shim ====
Version update (15+git47 -> 15.4)
- Add shim-bsc1184454-allocate-mok-config-table-BS.patch to avoid
the error message during linux system boot (bsc#1184454)
- Add remove_build_id.patch to prevent the build id being added to
the binary. That can cause issues with the signature
- Update to 15.4 (bsc#1182057)
+ Rename the SBAT variable and fix the self-check of SBAT
+ sbat: add more dprint()
+ arm/aa64: Swizzle some sections to make old sbsign happier
+ arm/aa64 targets: put .rel* and .dyn* in .rodata
- Drop upstreamed patch:
+ shim-bsc1182057-sbat-variable-enhancement.patch
- Add shim-bsc1182057-sbat-variable-enhancement.patch to change
the SBAT variable name and enhance the handling of SBAT
(bsc#1182057)
- Update to 15.3 for SBAT support (bsc#1182057)
+ Drop gnu-efi from BuildRequires since upstream pull it into the
tar ball.
- Generate vender-specific SBAT metadata
+ Add dos2unix to BuildRequires since Makefile requires it for
vendor SBAT
- Update dbx-cert.tar.xz and vendor-dbx.bin to block the following
sign keys:
+ SLES-UEFI-SIGN-Certificate-2020-07.crt
+ openSUSE-UEFI-SIGN-Certificate-2020-07.crt
- Refresh patches
+ shim-arch-independent-names.patch
+ shim-change-debug-file-path.patch
+ shim-bsc1177315-verify-eku-codesign.patch
- Unified with shim-bsc1177315-fix-buffer-use-after-free.patch
- Drop upstreamed fixes
+ shim-correct-license-in-headers.patch
+ shim-always-mirror-mok-variables.patch
+ shim-bsc1175509-more-tpm-fixes.patch
+ shim-bsc1173411-only-check-efi-var-on-sb.patch
+ shim-fix-verify-eku.patch
+ gcc9-fix-warnings.patch
+ shim-fix-gnu-efi-3.0.11.patch
+ shim-bsc1177404-fix-a-use-of-strlen.patch
+ shim-do-not-write-string-literals.patch
+ shim-VLogError-Avoid-Null-pointer-dereferences.patch
+ shim-bsc1092000-fallback-menu.patch
+ shim-bsc1175509-tpm2-fixes.patch
+ shim-bsc1174512-correct-license-in-headers.patch
+ shim-bsc1182776-fix-crash-at-exit.patch
- Drop shim-opensuse-cert-prompt.patch
+ All newly released openSUSE kernels enable kernel lockdown
and signature verification, so there is no need to add the
prompt anymore.
==== snapper ====
Version update (0.8.16 -> 0.9.0)
Subpackages: libsnapper5
- fix build on 32 bit musl systems (gh#openSUSE/snapper#644)
- improved error handling (see gh#openSUSE/snapper#626)
- version 0.9.0
- move org.opensuse.Snapper.conf from /etc to /usr (bsc#1183398 and
gh#openSUSE/snapper#492)
- run boot.service iff root config exists (gh#openSUSE/snapper#630)
- avoid redundant quota rescans for same btrfs (see
gh#openSUSE/snapper#507)
- allow absolute sizes for SPACE_LIMIT and FREE_LIMIT
(gh#openSUSE/snapper#507)
==== solid ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5Solid5 solid-imports
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Run clang-format
* Prevent clang-format uglification
* Add clang-format pre-commit hook
* Add trailing comma to enum
* Minor: Port some sources to nullptr
* Fix build under Qt 5.15
==== sonnet ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5SonnetCore5 libKF5SonnetUi5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* Add assert as discussed in merge request !2
==== sqlite3 ====
Version update (3.35.2 -> 3.35.5)
- SQLite3 3.35.5:
* Fix defects in the new ALTER TABLE DROP COLUMN feature that
could corrupt the database file
* Fix an obscure query optimizer problem that might cause an
incorrect query result
- Fix build on SLE-12
- use https urls
- SQLite 3.35.4:
* Fix a defect in the query planner optimization
* Fix a defect in the new RETURNING syntax
* Fix the new RETURNING feature so that it raises an error if one
of the terms in the RETURNING clause references a unknown
table, instead of silently ignoring that error
* Fix an assertion associated with aggregate function processing
that was incorrectly triggered by the push-down optimization
- SQLite 3.35.3:
* Enhance the OP_OpenDup opcode of the bytecode engine so that
it works even if the cursor being duplicated itself came from
OP_OpenDup
* When materializing correlated common table expressions, do so
separately for each use case, as that is required for
correctness. This fixes a problem that was introduced by the
MATERIALIZED hint enhancement.
* Fix a problem in the filename normalizer of the unix VFS
* Fix the "box" output mode in the CLI so that it works with
statements that returns one or more rows of zero columns
(such as PRAGMA incremental_vacuum)
* Improvements to error messages generated by faulty common
table expressions
* Fix some incorrect assert() statements
* Fix to the SELECT statement syntax diagram so that the FROM
clause syntax is shown correctly
* Fix the EBCDIC character classifier so that it understands
newlines as whitespace
* Improvements the xBestIndex method in the implementation of the
(unsupported) wholenumber virtual table extension so that it
does a better job of convincing the query planner to avoid
trying to materialize a table with an infinite number of rows
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Move sssctl command from sssd to sssd-tools package; (bsc#1184289);
- Add missing /var/lib/sss/pubconf/krb5.include.d directory (bsc#1184285).
- Make cifs-idmap plugin (cifs_idmap_sss.so) use update-alternatives
mechanism to be able to switch between cifs-utils and sssd;
(bsc#1182682).
==== sudo ====
Version update (1.9.5p2 -> 1.9.6p1)
- update to 1.9.6p1
* Fixed a regression introduced in sudo 1.9.6 that resulted in an
error message instead of a usage message when sudo is run with
no arguments.
* Fixed a sudo_sendlog compilation problem with the AIX xlC compiler.
* Fixed a regression introduced in sudo 1.9.4 where the
- -disable-root-mailer configure option had no effect.
* Added a --disable-leaks configure option that avoids some
memory leaks on exit that would otherwise occur. This is intended
to be used with development tools that measure memory leaks. It
is not safe to use in production at this time.
* Plugged some memory leaks identified by oss-fuzz and ASAN.
* Fixed the handling of sudoOptions for an LDAP sudoRole that
contains multiple sudoCommands. Previously, some of the options
would only be applied to the first sudoCommand.
* Fixed a potential out of bounds read in the parsing of NOTBEFORE
and NOTAFTER sudoers command options (and their LDAP equivalents).
* The parser used for reading I/O log JSON files is now more
resilient when processing invalid JSON.
* Fixed typos that prevented "make uninstall" from working.
* Fixed a regression introduced in sudo 1.9.4 where the last line
in a sudoers file might not have a terminating NUL character
added if no newline was present.
* Integrated oss-fuzz and LLVM's libFuzzer with sudo. The new
- -enable-fuzzer configure option can be combined with the
- -enable-sanitizer option to build sudo with fuzzing support.
Multiple fuzz targets are available for fuzzing different parts
of sudo. Fuzzers are built and tested via "make fuzz" or as part
of "make check" (even when sudo is not built with fuzzing support).
Fuzzing support currently requires the LLVM clang compiler (not gcc).
* Fixed the --enable-static-sudoers configure option.
* Fixed a potential out of bounds read sudo when is run by a user
with more groups than the value of "max_groups" in sudo.conf.
* Added an "admin_flag" sudoers option to make the use of the
~/.sudo_as_admin_successful file configurable on systems where
sudo is build with the --enable-admin-flag configure option.
This mostly affects Ubuntu and its derivatives.
* The "max_groups" setting in sudo.conf is now limited to 1024.
This setting is obsolete and should no longer be needed.
* Fixed a bug in the tilde expansion of "CHROOT=dir" and "CWD=dir"
sudoers command options. A path "~/foo" was expanded to
"/home/userfoo" instead of "/home/user/foo". This also affects
the runchroot and runcwd Defaults settings.
* Fixed a bug on systems without a native getdelim(3) function
where very long lines could cause parsing of the sudoers file
to end prematurely.
* Fixed a potential integer overflow when converting the
timestamp_timeout and passwd_timeout sudoers settings to a
timespec struct.
* The default for the "group_source" setting in sudo.conf is now
"dynamic" on macOS. Recent versions of macOS do not reliably
return all of a user's non-local groups via getgroups(2), even
when _DARWIN_UNLIMITED_GETGROUPS is defined.
* Fixed a potential use-after-free in the PAM conversation function.
* Fixed potential redefinition of sys/stat.h macros in sudo_compat.h.
==== suse-module-tools ====
Version update (15.3.5 -> 15.4.1)
- Update to version 15.4.1:
* dm-crypt requires essiv in SLE15 SP3 (boo#1183063 bsc#1184134 ltc#192244).
- Update to version 15.4.0:
* Enable f2fs (bsc#1184415)
==== syntax-highlighting ====
Version update (5.80.0 -> 5.81.0)
Subpackages: libKF5SyntaxHighlighting5
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Too many changes to list here.
==== systemd ====
Version update (246.11 -> 246.13)
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit 14581e01203df7aa63c7c8383a12e6ebe258476f (merge of v246.13)
423b1e759c Revert "resolved: gracefully handle with packets with too large RR count" (bsc#1183745)
4723778738 meson.build: make xinitrcdir configurable (bsc#1183408)
[...]
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/9753d1c17545a5d46530696cb14254f…
- Drop 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch
as it's part of v246.13.
- Make use of the new build option to ship xinitrc in
/usr/etc/X11/xinit/xinitrc.d (bsc#1183408)
- Add 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch
Temporary workaround for bsc#1183745 (upstream issue 18917) until an
actual fix is found.
- Default to the "unified" cgroup hierarchy. At this point, most
users of cgroup (such as docker, libvirt, kubernetes) should be
ready for this change. It's still possible to switch back to the
old "hybrid" hierarchy by passing "systemd.unified_cgroup_hierarchy=0"
option to the kernel command line.
==== systemd-presets-common-SUSE ====
- Enable hcn-init.service for HNV on POWER (bsc#1184136 ltc#192155).
==== systemsettings5 ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== sysvinit ====
- (re)add also support for SLE-15-SP3
==== talloc ====
Version update (2.3.1 -> 2.3.2)
Subpackages: libtalloc2 python3-talloc
- Update to 2.3.2
==== threadweaver ====
Version update (5.80.0 -> 5.81.0)
- Update to 5.81.0
* New feature release
* For more details please see:
* https://kde.org/announcements/frameworks/5/5.81.0
- Changes since 5.80.0:
* exception.h: fix export header include to work in namespace-prefixed include
==== tiff ====
Version update (4.2.0 -> 4.3.0)
- version update to 4.3.0
* Build and usage of the library and its utilities requires a C99
capable compiler.
* New optional codec for the LERC (Limited Error Raster Compression)
compression scheme. To have it available, configure libtiff against
the SDK available at https://github.com/esri/lerc
* Removal of unused, or now useless due to C99 availability,
functions in port/
* tiffcmp: fix comparaison with pixels that are
fractional number of bytes
* tiff2ps: exit the loop in case of error
* tiff2pdf: check that tiff_datasize fits in a signed tsize_t
==== toolbox ====
Version update (2.1+git20210311.15cb3ad -> 2.1+git20210329.d14ac82)
- Update to version 2.1+git20210329.d14ac82:
* Fix localtime and mount sys, e.g., for tracing
* Fix 'toolbox list' returning an error code even if working
==== tracker ====
Version update (3.0.3 -> 3.1.1)
Subpackages: libtracker-sparql-3_0-0 tracker-data-files
- Update to version 3.1.1:
+ Better error handling during database initialization.
+ Implemented tracker_sparql_connection_update_array_async
over TrackerBatch, resulting in lower memory usage.
+ VAPI updates.
+ Updated tracker_sparql_connection_update_array docs.
+ Leak and double free fixes.
- Update to version 3.1.0:
+ Add build-time warning for SQLite 3.35.
+ Workaround other SQLite 3.35 bug.
- Update to version 3.1.0.rc:
+ Add tracker_sparql_connection_bus_new_async().
+ Fix TrackerNotifier signal subscriptions across the portal.
+ Fix race condition / crash when performing SELECT queries.
+ Propagate errors better when updating the database.
+ Do not miss valid prefixed names in TrackerResource.
+ Sparql 1.1 correctness fixes.
+ Handle nesting of multivalued property functions.
+ CI improvements in JUnit test results.
- Update to version 3.1.0.beta:
+ Fix possible crash in fts:offsets function.
+ Handle variables as service URIs, e.g.
SERVICE ?s { ... } VALUES ?s { ... }.
+ Add more g-i-r annotations.
+ Improve ellipsizing in CLI tools.
+ Updated translations.
- Update to version 3.1.0.alpha:
+ Add TrackerBatch, object made to hold multiple updates
(in SPARQL string form, or TrackerResource) that will
be performed atomically.
+ Add TrackerEndpointHttp, a TrackerEndpoint subclass to
implement a (readonly) SPARQL HTTP endpoint as per
https://www.w3.org/TR/2013/REC-sparql11-protocol-20130321/.
+ Add tracker:strip-punctuation SPARQL function.
+ Specify that nfo:duration is expressed in seconds.
+ Fix portal initialization order.
+ Improve TTL parser.
+ Improve date/time parsing.
+ Make handling of large series of UPDATEs iteratively
to avoid stack size limits.
+ Improve parallelization of queries.
+ Optimize idempotent DELETE operations.
+ Optimize insert operations.
+ Optimize database resource refcount management.
+ Fix tracker_notifier_signal_subscribe annotation.
+ Fix possible race conditions handling ontology objects.
+ Handle NULL arguments in tracker:uri-is-parent.
+ Avoid FTS5 table inconsistency with SQLite >= 3.34.0.
==== tracker-miners ====
Version update (3.0.4 -> 3.1.1)
Subpackages: tracker-miner-files
- Update to version 3.1.1:
+ Block gstreamer nvcodec decoders.
+ Fall back if no modification date is found.
+ Handle new poppler enum value.
+ Be more robust with broken EXIF GPS metadata.
+ Test suite improvements.
+ Updated translations.
- Update to version 3.1.0:
+ Updated translations.
- Update to version 3.1.0.rc:
+ Dispatch monitor events on a private thread.
+ Fix After= usage in systemd service files.
+ Fix compiler warnings.
- Update to version 3.1.0.beta:
+ Fix tracker-miner-fs-control-3 stall on shutdown.
+ Improve ellipsizing in CLI tools.
+ Update list of game-related mimetypes.
+ Add disc-generic extractor guessing data for CUE files,
supported so far:
- Playstation images
- Turbografx images
+ Updated translations.
- Update to version 3.1.0.alpha:
+ Fix "tracker3 search --folders".
+ Allow "tracker3 search" to look for filenames.
+ Improve "tracker3 info" to show file eligibility if not
indexed.
+ Many performance improvements to tracker-miner-fs-3.
+ Fix systemd unit files to depend on gnome-session.
+ Improve time_t interpretation for negative timestamps.
==== u-boot-rpiarm64 ====
Version update (2021.01 -> 2021.04)
Subpackages: u-boot-rpiarm64-doc
Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.04
* Patches added:
0014-fs-btrfs-fix-the-false-alert-of-dec.patch - boo#1183717
Fix SMBIOS table entries (bsc#1183079)
Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.04
* Patches added:
0013-configs-rpi-Enable-SMBIOS-sysinfo-d.patch
- Add u-boot-zturnv5 flavour instead of u-boot-zturn.
I've failed to find anybody who has v4 zturn board.
- mx53loco now uses u-boot-dtb.imx instead of u-boot.imx
- Update to 2021.04
- Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.04
* Patches dropped:
0006-boo-1123170-Remove-ubifs-support-fr.patch
0007-boo-1144161-Remove-nand-mtd-spi-dfu.patch
0008-Kconfig-add-btrfs-to-distro-boot.patch
0009-configs-Re-sync-with-CONFIG_DISTRO_.patch
0010-configs-am335x_evm-disable-BTRFS.patch
0011-sunxi-dts-OrangePi-Zero-Add-SPI-ali.patch
0012-sunxi-dts-OrangePi-Zero-Enable-SPI-.patch
0013-sunxi-Enable-SPI-support-on-Orange-.patch
0014-Disable-CONFIG_CMD_BTRFS-in-xilinx_.patch
0015-rpi-Add-identifier-for-the-new-RPi4.patch
0016-rpi-Add-identifier-for-the-new-CM4.patch
0017-pci-pcie-brcmstb-Fix-inbound-window.patch
0018-dm-Introduce-xxx_get_dma_range.patch
0019-dm-test-Add-test-case-for-dev_get_d.patch
0020-dm-Introduce-DMA-constraints-into-t.patch
0021-dm-test-Add-test-case-for-dev-dma_o.patch
0022-dm-Introduce-dev_phys_to_bus-dev_bu.patch
0023-dm-test-Add-test-case-for-dev_phys_.patch
0024-xhci-translate-virtual-addresses-in.patch
0025-mmc-Introduce-mmc_phys_to_bus-mmc_b.patch
0026-configs-rpi4-Enable-DM_DMA-across-a.patch
0027-video-arm-rpi-Add-brcm-bcm2711-hdmi.patch
0028-usb-xhci-pci-Add-DM_FLAG_OS_PREPARE.patch
0029-pci-brcmstb-Cleanup-controller-stat.patch
0030-fs-btrfs-Select-SHA256-in-Kconfig.patch
0031-efi_loader-Avoid-emitting-efi_var_b.patch
0032-configs-BPI-R2-Disable-EFI-Grub-wor.patch
0033-configs-RPi2-Disable-EFI-Grub-worka.patch
0034-smbios-Fix-table-whit-no-string-is-.patch
* Patches added:
0006-Kconfig-add-btrfs-to-distro-boot.patch
0007-configs-Re-sync-with-CONFIG_DISTRO_.patch
0008-sunxi-dts-OrangePi-Zero-Add-SPI-ali.patch
0009-sunxi-dts-OrangePi-Zero-Enable-SPI-.patch
0010-sunxi-Enable-SPI-support-on-Orange-.patch
0011-Disable-CONFIG_CMD_BTRFS-in-xilinx_.patch
0012-smbios-Fix-table-when-no-string-is-.patch
==== vim ====
Version update (8.2.2607 -> 8.2.2800)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.2800, fixes the following problems
* Vim9: message about compiling is wrong when using try/catch.
* Confusing error message with white space before comma in the arguments
of a function declaration.
* Function test fails.
* Special key names don't work if 'isident' is cleared.
* Vim9: wrong error message for referring to legacy script variable.
* Coverity complains about not restoring character.
* Prompt for s///c in Ex mode can be wrong.
* Detecting Lua version is not reliable.
* Vim9: cannot use legacy script-local var from :def function.
* Vim9: function reference found with prefix, not without.
* Vim9: for loop over string is a bit slow.
* Status line not updated when local 'statusline' option set.
* Extending a list with itself can give wrong result.
* Vim9: a lambda accepts too many arguments at the script level.
* Vim9: lambda with varargs doesn't work.
* Vim9: Partial call does not check right arguments.
* Vim9: when compiling a function fails it is cleared.
* Vim9: function state stuck when compiling with ":silent!".
* Vim9: no way to explicitly ignore an argument.
* Vim9: missing part of the argument change.
* Check for duplicate arguments does not work.
* Vim9: not always an error for too many function arguments.
* Vim9: memory leak when calling :def function fails.
* Vim9: test for error can be a bit flaky.
* Vim9: error for using underscore in nested function.
* Coverity warns for using NULL pointer.
* Vim9: cannot ignore an item in assignment unpack.
* :sleep! does not always hide the cursor.
* Vim9: no error for using a number in a condition.
* Vim9: blob index and slice not implemented yet.
* Vim9: blob tests for legacy and Vim9 script are separate.
* Vim9: wrong line number for autoload function with wrong name.
* Vim9: for loop infers type of loop variable.
* Vim9: no error for changing a for loop variable.
* Using "syn include" does not work properly.
* Vim9: function line truncated when compiling.
* Vim9: cannot use type in for loop unpack at script level.
* Memory leak when default function argument is allocated.
* Vim9: not all blob operations work.
* Test failure.
* Compiler warning for unused argument.
* Vim9: memory leak with blob range error.
* Modula-3 config files are not recognized.
* Vim9: type of loop variable is not used.
* Vim9: assignment not recognized if declaration was skipped.
* Problems when restoring 'runtimepath' from a session file.
* PSL filetype not recognized.
* Vim9: cannot import an existing name even when using "as".
* Vim9: wrong line number used for some commands.
* :mksession uses current value of 'splitbelow' and 'splitright' even though
"options" is not in 'sessionoptions'. (Maxim Kim)
* Vim9: blob operations not tested in all ways.
* Problem restoring 'packpath' in session.
* Memory access error in remove() for blob.
* Vim9: for loop over blob doesn't work.
* Add() silently skips when adding to null list or blob.
* Vim9: blob operations not fully tested.
* Duplicate code for setting byte in blob, blob test may fail.
* Vim9: cannot use \=expr in :substitute.
* Vim9: cannot redirect to local variable.
* Vim9: memory leak when using :s with expression.
* Raku is now the only name what once was called perl6.
* Vim9: using \=expr in :substitute does not handle jumps.
* filetype test fails
* Vim9: memory leak when using \=expr in :substitute.
* Vim9: :disas shows instructions for default args but no text.
* Linux users don't know how to get ncurses.
* Coverity warns for not using return value.
* Vim9: redir to variable does not accept an index.
* Search highlight disappears in the Visual area.
* Vim9: redir to variable with append does not accept an index.
* Vim9: type casts don't fully work at the script level.
* After a timer displays text a hit-enter prompt is given.
- Updated to version 8.2.2725, fixes the following problems
* strcharpart() cannot include composing characters.
* Character input not fully tested.
* Test disabled on MS-Windows even though it should work.
* Mouse click test fails when using remote connection.
* Conditions for startup tests are not exactly right.
* col('.') may get outdated column value.
* New test throws exception.
* Vim9: function is deleted while executing.
* Test is sourcing the wrong file.
* Vim9: if 'cpo' is changed in Vim9 script it may be restored.
* Vim9: script variable in a block scope not found by a nested function.
* Vim9: cannot use a normal list name to store function refs.
* Vim9: no test for return type of lambda.
* Vim9: Using #{ for a dictionary gives strange errors.
* typval2type() cannot handle recursive structures.
* GTK: error when starting up and -geometry is given. (Dominique Pellé)
* Some tests fail when run as root.
* Atom files not recognized.
* Rss files not recognized.
* GTK3: error when starting up and -geometry is given. (Dominique Pellé)
* No need to check for BSD after checking for not root.
* Vim9: #{ can still be used at the script level.
* Vim9: error for #{{ is not desired.
* Hard to see where a test gets stuck.
* Commands from winrestcmd() do not always work properly. (Leonid
V. Fedorenchik)
* Not all command line arguments are tested.
* Multi-byte 'fillchars' for folding do not show properly.
* 'tagfunc' does not indicate using a pattern.
* Vim9: cannot define an inline function.
* Memory leak when compiling inline function.
* prop_remove() causes a redraw even when nothing changed.
* Cannot write a message to the terminal from the GUI.
* Build failure when fsync() is not available.
* screenstring() returns non-existing composing characters.
* Display test fails because of lacking redraw.
* Vim9: no clear error for wrong inline function.
* Various code not covered by tests.
* prop_clear() causes a screen update even when nothing changed.
* Using inline function is not properly tested.
* Vim9: error for not using string doesn't mention argument.
* Terminal test sometimes hangs.
* Terminal resize test sometimes hangs.
* Vim9: some wincmd arguments cause a white space error.
* Vim9: command modifiers not handled in nested function.
* Vim9: restoring command modifiers happens after jump.
* Vim9: can use command modifier without an effect.
* Build failure.
* Vim9: getting a character from a string can be slow.
* The -w command line argument doesn't work.
* Some command line arguments and regexp errors not tested.
* Vim9: error message for declaring variable in for loop.
* :for cannot loop over a string.
* Eval test fails because for loop on string works.
* Vim9: no error for declaration with trailing text.
* Leaking memory when looping over a string.
* There is no way to avoid some escape sequences.
* Vim9: leaking memory when inline function has an error.
* Vim9: not enough function arguments checked for string.
* Test failures.
* Vim9: not enough function arguments checked for string.
* prop_find() cannot find item matching both id and type.
* Vim9: omitting "call" for "confirm()" does not give an error.
* Command line completion does not work after "vim9".
* Vim9: error for append(0, text).
* Error for line number in legacy script.
* Vim9: cannot use :lockvar and :unlockvar in compiled script.
* Vim9: script-local funcref can have lower case name.
* Directory change in a terminal window shell is not followed.
* Missing error message.
* Vim9: cannot use only some of the default arguments.
* Test for 'autoshelldir' does not reset the option.
* Winbar drawn over status line for non-current window with winbar if
frame is zero height. (Leonid V. Fedorenchik)
* Vim9: problem defining a script variable from legacy function.
* Vim9: test fails for redeclaring script variable.
* Vim9: cannot find Name.Func from "import * as Name". (Alexander Goussas)
* Build failure without the +eval feature.
* Not enough folding code is tested.
* Custom statusline not drawn correctly with WinBar.
* Status line is not updated when going to cmdline mode.
* Vim9: cannot use "const" for global variable in :def function.
* Vim9: crash when using s: for script variable.
* Tiny build fails.
* PowerShell files are not recognized.
* Autoconf may mess up compiler flags.
* Vim9: locked script variable can be changed.
* Vim9: locked script variable can be changed.
* When 'matchpairs' is empty every character beeps. (Marco Hinz)
* Cursor position reset with nested autocommands.
* Lua test fails with Lua 5.4.3 and later.
* Function list test fails.
* Lua test fails on MS-Windows.
* Lua test fails.
* Nested autocmd test fails sometimes.
* Order of removing FORTIFY_SOURCE is wrong.
* Compiler completion test fails when more scripts are added.
* Vim9: memory leak when failing on locked variable.
* Adding a lot of completions can be a bit slow.
* Vim9: misleading reported line number for wrong type.
* Vim9: wrong line number reported for boolean operator.
* Adding a lot of completions can still be a bit slow.
* Test sometimes fails waiting for shell in terminal.
* The GTK GUI has a gap next to the scrollbar.
* Vim9: not all tests cover script and :def function.
* "gj" in a closed fold does not move out of the fold. (Marco Hinz)
* Memory leak when adding to a blob fails.
* Folding code not sufficiently tested.
* Filetype pattern ending in star is too far up.
* Vim9: tests fail without the channel feature. (Dominique Pellé)
* The equivalent class regexp is missing some characters.
* GTK menu items don't show a tooltip.
* Vim9: no explicit test for using a global function without the g: prefix.
* Vim9: appending to dict item doesn't work in a :def function.
* GTK menu tooltip moves the cursor.
* Vim9: cannot have a linebreak inside a lambda.
* Vim9: crash when using LHS with double index.
* Assignment test fails.
* Vim9: concatenating to list in dict not tested.
* Vim9: message about compiling is wrong when using try/catch.
==== webkit2gtk3 ====
Version update (2.30.5 -> 2.32.0)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Add webkit2gtk3-icu69.patch: Fix build with ICU 69:
+ ICU 69 deprecates ubrk_safeClone in favor of ubrk_clone.
- Update to version 2.32.0 (boo#1184155):
+ Fix the authentication request port when URL omits the port.
+ Fix iframe scrolling when main frame is scrolled in async
scrolling mode.
+ Stop using g_memdup.
+ Show a warning message when overriding signal handler for
threading suspension.
- Fix the build on RISC-V with GCC 11.
- Fix several crashes and rendering issues.
+ Security fixes: CVE-2021-1788, CVE-2021-1844, CVE-2021-1871
- Drop old-wayland-scanner.patch and webkit-process.patch, and also
drop support for Leap 15.0 and 15.1, since they are no longer
supported.
- Update to version 2.31.91:
+ Make WebKitSecurityOrigin a simple data store for <protocol,
host, port> and deprecate webkit_security_origin_is_opaque().
+ Fix user agent again to work on several google websites.
+ Fix web view url on web process terminate signals.
+ Fix preferred language overrides sent to the web process.
+ Fix the build in i386.
+ Translation updates: Simplified Chinese.
- Drop webkitgtk-i586-build-fix.patch: fixed upstream.
- Disable webkit-process.patch: needs to be rebased or dropped.
- Add webkitgtk-i586-build-fix.patch: fix build on i586
(webkit#222480).
- Update to version 2.31.90:
+ Add permission request API for MediaKeySystem access.
+ Fix rendering when using opacity filters on hardware
accelerated layers.
+ Fix flatpak-spawn subsandbox to not clear environment
variables.
+ Ensure a URI scheme handler can't be registered multiple times.
+ Fix several crashes and rendering issues.
+ The minimum required GStreamer version is now 1.14.
+ CEA-608 closed captions support (requires
WEBKIT_GST_USE_PLAYBIN3=1 environment variable).
- Advertise CBCS decryption and VP9 support in Thunder.
- Advertise DASH as supported in the media player.
- Improved support for playbin3.
- Translation updates: Ukrainian.
- Up required gstreamer and gtk3 versions.
- Update to version 2.31.1:
+ Remove support for NPAPI plugins.
+ Enable the web process cache when PSON is enabled too.
+ TLS errors and proxy settings APIs have been moved from
WebKitContext to WebKitWebsiteDataManager.
+ Add new API to remove individual scripts/stylesheets using
WebKitUserContentManager.
+ Correctly apply the system font scaling factor.
+ Show main loop frames information in the web inspector.
- Remove webkit-font-scaling.patch: contained in upstream
- New build requirement: pkgconfig(manette-0.2).
- Update to version 2.30.6 (boo#1184262):
+ Update user agent quirks again for Google Docs and Google Drive.
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2020-27918, CVE-2020-29623, CVE-2021-1765
CVE-2021-1789, CVE-2021-1799, CVE-2021-1801, CVE-2021-1870.
==== wpa_supplicant ====
- Add CVE-2021-30004.patch -- forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c
(bsc#1184348)
==== xdg-desktop-portal-kde ====
Version update (5.21.3 -> 5.21.4)
- Update to 5.21.4
* New bugfix release
* For more details please see:
* https://kde.org/announcements/plasma/5/5.21.4
- No code changes since 5.21.3
==== xf86-input-libinput ====
Version update (0.30.0 -> 1.0.1)
- Update to version 1.0.1
* Only one fix, the code to set the tap button mapping property
didn't correctly check for a valid device, causing memory
corruption and a crash if called after a device was disabled.
Or, in more user-friendly terms: if your X session crashed
after calling `xinput disable $touchpad-device`, this release
has the fix for it.
- Update to version 1.0.0
* The biggest change here is the license change to MIT. Due to an unfortunate
copy/paste error, the actual license text used was the Historical Permission
Notice and Disclaimer license. With the ack of the various contributors, the
driver is now using the MIT license text as intended. The actual impact is
low, the HPND is virtually identical to the MIT license anyway (ianal,
consult your legal dept if you have one).
* The only other notable change: cancelled touch points are now lifted
correctly. Where libinput cancels a touch, e.g. in response to a palm being
detected, the touch point previously got stuck in the down state. This is
fixed now.
==== xinit ====
- modernize spec file (move license to licensedir, use https)
==== xmessage ====
- modernize spec file (move license to licensedir)
==== xmodmap ====
- modernize spec-file (move license to licensedir)
==== xorg-x11-server ====
Version update (1.20.10 -> 1.20.11)
Subpackages: xorg-x11-server-Xvfb
- disable build of Xwayland, which is now being built in separate
xwayland package with more recent sources (boo#1182677)
- Update to version 1.20.11
* bugfix release
- supersedes U_Fix-XChangeFeedbackControl-request-underflow.patch,
U_xkb-Fix-heap-overflow-caused-by-optimized-away-min.patch
- U_Fix-XChangeFeedbackControl-request-underflow.patch
* Fix XChangeFeedbackControl() request underflow (CVE-2021-3472,
ZDI-CAN-1259, bsc#1180128)
==== xterm ====
Version update (366 -> 367)
- update to Patch #367 - 2021/03/26
* add OSC 22 to allow programs to select different pointer cursor at
runtime.
* change configuration for no-return functions to use _Noreturn when
it is available, because clang --analyze does not properly handle
the gcc noreturn attribute.
* add cursorTheme resource to provide a way to enable or disable the
cursor theme feature.
* modified CopyWait event retries to use shorter sleeps, to improve
responsiveness (tmux #2556).
* improve quoting/escaping in demo-scripts per shellcheck.
* add resizeByPixel resource, to permit disabling window manager
resizing-hints (patch by Tim Oehl).
* corrected printOptsImmediate handling of alternate-screen (report
by Abhijit Dasgupta).
* update sample terminfo to more closely match ncurses.
* add/improve limit-checks for Xlib calls (report by Roman Fiedler).
* fix a typo in the help-message (report by Tomas Korbar).
==== yast2 ====
Version update (4.3.60 -> 4.4.2)
- Add to yast2 mixin Yast2::SecretAttributes for hiding sensitive
information (bsc#1141017)
- 4.4.2
- The location given to the Y2Issue::Issue constructor can be a
string or a location object.
- Add a mechanism to report issues to the user (related to
bsc#1181295).
- 4.4.1
- Updated manual page ("man yast2") (bsc#1184681)
- 4.4.0
- Add a default value for file_path argument in ::new and ::load
methods of CFA::LoginDefs class.
==== yelp ====
Version update (3.38.3 -> 40.0)
Subpackages: libyelp0
- Update to version 40.0:
+ Stable release. No changes since release candidate.
- Update to version 40.rc:
+ Updated translations.
- Update to version 40.beta:
+ Fix crashes from setting automatic IDs in DocBook 5 documents.
+ Fix links to search results for ghelp documents.
+ Fix crash when reloading Mallard document.
+ Handle mouse back/forward buttons.
+ Updated translations.
==== yelp-xsl ====
Version update (3.38.3 -> 40.0)
- Update to version 40.0:
+ Stable release. No changes since release candidate.
- Update to version 40.rc:
+ Updated translations.
- Update to version 40.beta:
+ Added new text templates for easier CSS editing.
+ Updated bundled highlight.js and added SML highlighter.
+ Added experimental links styles for the GNOME 40 help.
+ Added html.grid.size parameter to templatize CSS grid size.
+ Hide sidebars by default at 720px.
+ Updated COPYING file, which was pretty out of date.
+ Some documentation updates and improvements.
+ Updated translations.
==== zchunk ====
Version update (1.1.5 -> 1.1.9)
- Update to version 1.1.9
* Handle zstd 1.4.7+
* Update documentation
* unzck: require a *.zck extension
* General bug fixes
- Dropped upstream merged
d2eae512bee09a4047cfe586de12f644d73b0736.patch
- Add fix-test-argp.patch: Fix argp detection
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
PackageKit
apparmor
ceph (16.1.0.1217+g8e1da7347e -> 16.2.0.91+g24bd0c4acf)
cloud-init
cni-plugins (0.9.0 -> 0.9.1)
conmon (2.0.26 -> 2.0.27)
container-selinux (2.158.0 -> 2.160.1)
containers-systemd (0.0+git20210318.fea98a6 -> 0.0+git20210407.9384691)
cri-o (1.19.1 -> 1.21.0)
cri-tools (1.20.0 -> 1.21.0)
curl (7.75.0 -> 7.76.1)
dbus-1
dnf (4.6.1 -> 4.7.0)
dracut (053+suse.90.gb89b6347 -> 053+suse.93.g039ac07d)
etcd
expat (2.2.10 -> 2.3.0)
file (5.39 -> 5.40)
filesystem
findutils
fuse3 (3.10.2 -> 3.10.3)
gdk-pixbuf (2.42.2 -> 2.42.6)
glib-networking (2.66.0 -> 2.68.0)
glib2 (2.66.7 -> 2.68.1)
glibc
gmp
gobject-introspection (1.66.1 -> 1.68.0)
grub2
gsettings-desktop-schemas (3.38.0 -> 40.0)
hwinfo (21.72 -> 21.73)
installation-images-MicroOS (16.56 -> 17.0)
irqbalance (1.7.0+git20210222.9db8d5c -> 1.8.0)
k9s (0.24.2 -> 0.24.7)
kdump
kernel-firmware (20210315 -> 20210419)
kexec-tools (2.0.20 -> 2.0.21)
krb5
kubectl-who-can (0.0+git20190606.c185aaa -> 0.3.0)
kubernetes (1.20.2 -> 1.21.0)
kubernetes1.20 (1.20.2 -> 1.20.6)
kubic-control
ldb (2.2.1 -> 2.3.0)
less (563 -> 581)
libapparmor
libassuan (2.5.4 -> 2.5.5)
libcap
libcontainers-common
libdnf (0.60.0 -> 0.62.0)
libeconf (0.3.8+git20200710.5126fff -> 0.4.0+git20210413.fdb8025)
libfido2 (1.6.0 -> 1.7.0)
libgcrypt (1.9.2 -> 1.9.3)
libhugetlbfs
libjpeg-turbo
libksba (1.5.0 -> 1.5.1)
libpeas (1.28.0 -> 1.30.0)
librepo (1.13.0 -> 1.14.0)
libselinux
libsolv (0.7.17 -> 0.7.19)
libxcrypt (4.4.18 -> 4.4.19)
libzypp (17.25.8 -> 17.25.9)
lua54 (5.4.2 -> 5.4.3)
lvm2
lvm2-device-mapper
makedumpfile (1.6.7 -> 1.6.8)
microdnf (3.7.1 -> 3.8.0)
mozilla-nss (3.62 -> 3.63.1)
multipath-tools (0.8.5+29+suse.5dabcd2 -> 0.8.5+30+suse.633836e)
ncurses (6.2.20210313 -> 6.2.20210424)
openSUSE-build-key
openssl (1.1.1j -> 1.1.1k)
openssl-1_1 (1.1.1j -> 1.1.1k)
pam
patterns-microos
pcre2
perl-Bootloader (0.933 -> 0.934)
pkgconf
podman (3.0.1 -> 3.1.2)
python-M2Crypto
python-MarkupSafe
python-cryptography
python-gobject (3.38.0 -> 3.40.1)
python-importlib-metadata (3.7.0 -> 3.7.2)
python-jsonpatch (1.28 -> 1.31)
python-rpm (4.16.0 -> 4.16.1.3)
raspberrypi-firmware-config
raspberrypi-firmware-dt
rbac-lookup (0.6.3 -> 0.6.4)
rook (1.5.7+git4.gae949004e -> 1.5.10+git4.g309ad2f64)
rpcbind
rpm (4.16.0 -> 4.16.1.3)
rpm-config-SUSE (0.g64 -> 0.g76)
runc
salt
selinux-policy (20210309 -> 20210419)
sg3_utils (1.45~815+5.6aa67ed -> 1.46)
shadow
shim (15+git47 -> 15.4)
snapper (0.8.16 -> 0.9.0)
sqlite3 (3.35.2 -> 3.35.5)
sssd
sudo (1.9.5p2 -> 1.9.6p1)
suse-module-tools (15.3.5 -> 15.4.1)
systemd (246.11 -> 246.13)
systemd-presets-common-SUSE
talloc (2.3.1 -> 2.3.2)
tiff (4.2.0 -> 4.3.0)
toolbox (2.1+git20210311.15cb3ad -> 2.1+git20210329.d14ac82)
u-boot-rpiarm64 (2021.01 -> 2021.04)
vim (8.2.2607 -> 8.2.2800)
wpa_supplicant
yast2 (4.3.60 -> 4.4.2)
zchunk (1.1.5 -> 1.1.9)
=== Details ===
==== PackageKit ====
Subpackages: PackageKit-backend-dnf libpackagekit-glib2-18
- Add PackageKit-cancel-transaction-if-daemon-disappears.patch:
Fix hangs in packagekit-glib2 client if daemon crashes
(gh#hughsie/PackageKit#464).
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add crypto-policies-mr720.diff to allow reading crypto policies
in abstractions/ssl_certs (boo#1183597)
- replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in
systemd into containers just because apparmor-parser ships a *.service file
==== ceph ====
Version update (16.1.0.1217+g8e1da7347e -> 16.2.0.91+g24bd0c4acf)
Subpackages: ceph-common libcephfs2 librados2 librbd1 librgw2 python3-ceph-argparse python3-ceph-common python3-cephfs python3-rados python3-rbd python3-rgw
- _constraints: raise s390x disk constraint to 42G after seeing a build fail
with "write error: No space left on device"
- Update to 16.2.0-91-g24bd0c4acf:
+ rebase on top of upstream pacific SHA1 4cbaf866034715d053e6259dcd5bd8e4e1d1e1ed
- Update to 16.2.0-31-g5922b2b9c1:
+ rebase on top of upstream v16.2.0 (first stable release in Pacific series)
see https://ceph.io/releases/v16-2-0-pacific-released/
==== cloud-init ====
- Add cloud-init-bonding-opts.patch (bsc#1184085)
+ Write proper bonding option configuration for SLE/openSUSE
- Fix application and inclusion of
use_arroba_to_include_sudoers_directory-bsc_1181283.patchfix (bsc#1181283)
==== cni-plugins ====
Version update (0.9.0 -> 0.9.1)
- Update to version 0.9.1:
* ipam/dhcp: Add broadcast flag
* add flannel to support dual stack ip
* bandwidth: fix panic in tests
* host-device: Add support for DPDK device
* [main/vlan] Fix error handling for delegate IPAM plugin
* dhcp: default dhcp clien timeout is 10s
* vlan: fix error message text by removing ptp references
* dhcp: daemon dhcp client timeout is configurable
* dhcp: timeout value is set in DHCP daemon
* remove unused function
* deps: go mod tidy coreos/go-iptables
* deps: bump coreos/go-iptables
==== conmon ====
Version update (2.0.26 -> 2.0.27)
- Update to version 2.0.27:
* bump to v2.0.27
* Add CRI-O integration test GitHub action
* exec: don't fail on EBADFD
* close_fds: fix close of external fds
* Add arm64 static build binary
* bump to v2.0.27-dev
==== container-selinux ====
Version update (2.158.0 -> 2.160.1)
- Fix container runtime binary labels (bsc#1185030). You need to
relable at least /usr/sbin if you're affected
==== containers-systemd ====
Version update (0.0+git20210318.fea98a6 -> 0.0+git20210407.9384691)
- Update to version 0.0+git20210407.9384691:
* Add service for wsdd
==== cri-o ====
Version update (1.19.1 -> 1.21.0)
Subpackages: cri-o-kubeadm-criconfig
- Update to version 1.21.0:
* bump to v1.21.0
* config: drop registries field as it is no longer supported
* Revert "test: drop unneeded sed statement"
* WIP: add debug print
* test: drop unneeded sed statement
* config: fix template insecure_registries field
* config: drop commented config lines
* build(deps): bump google.golang.org/grpc from 1.36.1 to 1.37.0
* Bump OpenShift CI cri-tools version and fix build path
* build(deps): bump github.com/containers/image/v5 from 5.10.5 to 5.11.0
* Bump cri-tools to v1.21.0
* Update Kubernetes to v1.21.0
* Add container out of memory metrics
* [CLI] "crio config" only prints the fields that are differet than the default.
* Set short name mode to permissive
* docs-validation: update to handle workloads
* Fix unnecessary conversion lint report
* add tests for workloads
* integrate with server
* config: update workloads structure
* Clarify release cadence and version skew
* Add correct start time to initial log output
* Add support for workload settings
* refactor handling of allowed_annotations
* Do not push main binary into cachix cache
* resourcestore: introduce ResourceCleaner
* Use internal logging when context available
* build(deps): bump github.com/coreos/go-systemd/v22 from 22.3.0 to 22.3.1
* server: remove dead code
* sandbox: use defined CRI type for NamespaceOption
* config: remove dead code
* oci: remove dead code
* lib: remove dead code
* build(deps): bump github.com/containers/podman/v3
* build(deps): bump k8s.io/client-go from 0.20.1 to 0.20.5
* update pause image to 3.5 for non-root
* build(deps): bump github.com/soheilhy/cmux from 0.1.4 to 0.1.5
* build(deps): bump google.golang.org/grpc from 1.34.0 to 1.36.1
* build(deps): bump github.com/containers/buildah from 1.19.8 to 1.20.0
* build(deps): bump github.com/prometheus/client_golang
* build(deps): bump github.com/godbus/dbus/v5 from 5.0.3 to 5.0.4
* build(deps): bump k8s.io/cri-api from 0.20.1 to 0.20.5
* build(deps): bump github.com/containers/podman/v3
* build(deps): bump k8s.io/kubernetes from 1.13.0 to 1.20.5
* crio-wipe: only clear storage if CleanShutdownFile is supported
* Add static bundle node e2e tests to GitHub actions
* Reload the main config file when reloading configs
* crio wipe: only completely wipe storage after a reboot
* Bump static binary dependency versions
* Add dependabot config file
* runtimeVM: Fix shimv2 binary name construction
* config,runtimeVM: Improve runtime_path validation
* oci_test: Add basic coverage to "RuntimeType()"
* oci_test: Add basic coverage to "privileged_without_host_devices"
* oci_test: Leave invalidRuntime on its own line
* tweak scope dependencies
* Do not return `<none>` placeholders for images any more
* Fix invalid libcontainer GetExecUser call
* Update dependencies
* config: Don't fail if the non default runtime doesn't pass validation
* Remove check for CI env variable for release-notes and dependencies
* cgmgr: add CreateSandboxCgroup method
* inspect: send container PID for dropped infra sandbox
* oci: specify sbox id when creating spoofed container
* Run GitHub actions on release branches
* Update bats to v1.3.0 (#4661)
* use happy-eyeballs for port-forwarding
* fix mock issues
* fix lint issues
* install: drop support matrix and update instructions
* do not store context in runtime vm
* Fix lint GitHub action
* pkg/container: take process args
* Use and publish version marker for CRI-O
* Add GitHub API pages support to `get` script
* add libbtrfs-dev to unit tests
* Revert "server: use IsAlive() more"
* Fix GitHub actions cache key
* Bug 1881694: Add pull source as info level log
* test: use latest conmon
* runtime_vm: Create the global fifo inside the runtime root path
* stats: fix log spam
* Support CRI seccomp security profiles
* oci: add unit tests for stop timeouts
* oci: don't update stop timeout if it's earlier than old one
* oci: update timeout even if we're ignoring kill
* oci: don't wait too long on a long stop
* oci: check process is still around with kill
* Add integration test for started/finished container time
* fix: Don't set `image-endpoint` in crictl config
* feat: Add CLI option to set registries.conf.d path
* Add allowed io.containers.trace-syscall annotation to static bundle
* Make `get` script independent from `make`
* test: correct the env variable for dropping the infra container
* Add metric to grab latency of individual cri calls
* Fix `get` script commit SHA retrieval
* Add arm64 static build to GitHub actions
* Fix GitHub actions workflow syntax
* Updates yq commnands for yq v4
* gh-actions: also run on release branches
* pkg/sandbox: add InitInfraContainer endpoint
* test: reconfigure how runtimes are passed in
* test: add runtime() function
* sandbox/container: drop context
* test: drop workaround for crun
* pkg/sandbox: cleanup unused funcs/files
* fix doc log_level adding trace option
* Fix oci container update config
* Update e2e-aws logic for 4.8
* nsmgr: take Initalize method
* Switch to go 1.16 for GitHub actions and remove scripts/build-test-image
* config: remove and create the correct dir
* Update nix pin with `make nixpkgs`
* server: mount cgroup with rslave
* crio wipe: ensure a clean shutdown
* Move integration tests to GitHub actions
* Run release-notes GitHub action after dependencies
* Bumps github.com/containers/ocicrypt from 1.0.3 to 1.1.0.
* config/node: refactor checking for CollectMode
* Fix GitHub actions checkout permissions
* change binary version to 1.21.0-dev
* Set conmon scope KillSignal to SIGPIPE
* Move repo modification jobs to GitHub actions
* bump protobuf to 1.3.2
* Log container stop timeout
* ResourceStore: add close method
* Allow seccomp hook tracing for separate containers
* ResourceStore: extend tests to test WatcherForResource
* ResourceStore: update tests to all run
* ResourceStore: update docs for WatcherForResource
* ResourceStore: don't segfault
* server: support setting raw unified cgroupv2 settings
* vendor: update runtime-specs
* cgroup: implement fix for swap memcg on cgroup v2
* server: leave swap mem limit unset if not supported
* test: skip ServiceAccountIssuerDiscovery test
* hostport manager clean up host ports
* allows stream timeout to be set from config
* config: pre-create pinns directories
* Bump containers image to v5.10.1
* Move unit tests to GitHub actions
* Move go1.14 and 386 builds to GitHub actions
* set kubelet node IP
* Fix validate-completions GitHub action
* Add integration test for pprof over unix socket
* Add a flag for enabling profile over unix socket
* Lookup echo command for unit tests
* Move static build to GitHub actions
* pinns: Fixup 'pwarn' output to match 'pwarnf' output
* pinns: Don't put errno in the exit message for argument checks
* nsmgr: use host option
* nsmgr: Use config struct for NewPodNamespaces
* pinns: support pinning host ns
* Remove implicit GitHub action `name` fields
* Move docs and completions validation to GitHub actions
* Bump golangci-lint to v1.35.2
* Make config tests work rootless
* Make rootless namespace unit test execution work
* config: fix template to show infra_ctr_cpus option
* Do not log file path on ioutil.ReadFile
* fixes version_test.go
* Close the stdin/tty on server start to avoid shortname prompts
* docs: fix http link
* docs: update kubeadm tutorial
* Fix `make lint`
* Return runtime API version based on protocol
* Update compatibility matrix to mention v1.20
* add method comment
* restore irqbalance config only on system restart
* add blurb in doc and more informative name for unit tests
* add is-enabled check for irqbalance service
* fix unit tests
* add unit tests
* fix bash/zsh completions
* fix the docs validation
* handle irqbalance service
* runtime_vm: set finished time when containers stop
* nsmgr: fix/add calls to GetNamespace
* managed namespaces: move to dedicated package
* Provide integration test for infra-ctr-cpuset feature
* Set CPUs for the infra containers during the creation
* Add shell completion for infra-containers-cpu flag
* Add new infra-containers-cpus to the CLI and config file
* refine `registries` deprecation message
* Circle CI: install test/registries.conf
* crio.8.md: runroot defaults to /run/containers/storage
* support short-name aliases
* pull: do check for blocked registries
* config: deprecate registries
* Rollback gocapability vendor bump
* vendor: bump containers/storage to v1.24.4
* Update nix pin with `make nixpkgs`
* contrib/test/int: add Kata Containers runtime support
* contrib/test/int: enforce linking in parallel build process
* contrib/test/int: build parallel from sources in CentOS
* contrib/test/int: allow to skip user namespace testing
* contrib/test/int: allow to configure test timeout
* Capitalize Kubernetes
* modify the error url of podctl
* Add Digital Science to adopters
* crio.service: Request to be run before kubelet.service
* pinns: make binary not always static
* server: use IsAlive() more
* Support CRI v1 and v1alpha2 at the same time
* drop support for ManageNSLifecycle
* test/timeout.bats: increase timeout to fix flakes
* release-notes: fix flags
* test/timeout.bats: fix comments
* int/resourcestore: fix comment about Put
* test/image.bats: simplify some loops
* test/helpers.bats: simplify cleanup_*
* contrib/test/int: rm node-e2e test
* contrib/test/int: fix iptables rule
* critest: add unix:// prefix
* critest.yml: don't skip test on RHEL
* test: add timeout.bats
* bump network creation timeout to 5 minutes
* resourcecache: add watcher idiom
* server: use ResourceCache instead of dropping progress
* Add unit tests for ResourceCache
* Introduce ResourceCache
* moves shmsize to a handler allowed annotation
* image pull: close progress chan
* test/ctr.bats: fix a "ctr execsync" flake
* Fix the functions' name in completions
* make: drop link to crio.service
* test: rm "run ctr with image with Config.Volumes"
* test: add no-pull-on-run=true
* test/devices.bats: fix "additional device permissions" case
* test/devices.bats: rm unneeded run
* test/devices.bats: skip earlier
* Bandwidht CNI plugin reserved an upper limit on burst,in which banned include boundary. See: https://github.com/containernetworking/plugins/blob/v0.8.7/plugins/meta/ban…
- Drop config-fix-tz.patch as upstream dependency was patched
- Update to version 1.20.2:
* bump to latest c/storage 1.24 branch
* Remove check for CI env variable for release-notes and dependencies
* fix lint
* test: pin cri-tools to 1.20
* bump to v1.20.2
* Run GitHub actions on release branches
* Pin gocapability to v0.0.0-20180916011248-d98352740cb2
* [PATCH 9/9] add method comment
* [PATCH 8/9] restore irqbalance config only on system restart
- Add vendor.tar.gz to avoid dependency downloads
- Add config-fix-tz.patch to fix crio validation error while building
==== cri-tools ====
Version update (1.20.0 -> 1.21.0)
- Update to version 1.21.0:
* Bump README versions to v1.21.0
* Update dependencies
* Add dependabot config file
* Simplify test image build process for user images
* Move from gcr.io/cri-tools to gcr.io/k8s-staging-cri-tools
* Fix UID/GID and username values for test images
* Bump gcb-docker-gcloud image to v20210331-c732583
* Fix CRI-O master installation in GitHub actions
==== curl ====
Version update (7.75.0 -> 7.76.1)
Subpackages: libcurl4
- update to 7.76.1:
- ngtcp2: Use ALPN h3-29 for now
- TODO: remove 18.22 --fail-with-body
- Update to 7.76.0
* Security fixes:
- [bsc#1183933, CVE-2021-22876]: strip credentials from the
auto-referer header field
- [bsc#1183934, CVE-2021-22890]: add 'isproxy' argument to
Curl_ssl_get/addsessionid()
* Changes:
- cookies: Support multiple -b parameters
- curl: add --fail-with-body
- doh: add options to disable ssl verification
- http: add support to read and store the referrer header
- sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl
- vtls: initial implementation of rustls backend
* Bugfixes:
- CVE-2021-22876: strip credentials from the auto-referer header field
- CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid()
- c-hyper: support automatic content-encoding
- configure: only add OpenSSL paths if they are defined
- configure: provide Largefile feature for curl-config
- curl: set CURLOPT_NEW_FILE_PERMS if requested
- doh: Fix sharing user's resolve list with DOH handles
- doh: Inherit CURLOPT_STDERR from user's easy handle
- dynbuf: bump the max HTTP request to 1MB
- ftp: add 'list_only' to the transfer state struct
- ftp: add 'prefer_ascii' to the transfer state struct
- ftp: allow SIZE to fail when doing (resumed) upload
- ftp: avoid SIZE when asking for a TYPE A file
- ftp: fix memory leak in ftp_done
- ftp: never set data->set.ftp_append outside setopt
- gnutls: assume nettle crypto support
- http2: don't set KEEP_SEND when there's no more data to be sent
- http2: fail if connection terminated without END_STREAM
- http: do not add a referrer header with empty value
- http: strip default port from URL sent to proxy
- http: use credentials from transfer, not connection
- lib: remove 'conn->data' completely
- multi: close the connection when h2=>h1 downgrading
- multi: do once-per-transfer inits in before_perform in DID state
- multi: rename the multi transfer states
- multi: update pending list when removing handle
- ngtcp2: adapt to the new recv_datagram callback
- ngtcp2: clarify calculation precedence
- ngtcp2: sync with recent API updates
- openssl: adapt to v3's new const for a few API calls
- openssl: ensure to check SSL_CTX_set_alpn_protos return values
- openssl: remove get_ssl_version_txt in favor of SSL_get_version
- parse_proxy: fix a memory leak in the OOM path
- url: fix memory leak if OOM in the HSTS handling
- url: fix possible use-after-free in default protocol
- urldata: don't touch data->set.httpversion at run-time
- urldata: merge "struct DynamicStatic" into "struct UrlState"
- urldata: remove the 'rtspversion' field
- urldata: remove the _ORIG suffix from string names
- wolfssl: don't store a NULL sessionid
==== dbus-1 ====
Subpackages: libdbus-1-3
- avoid listing cmake directory - owned by cmake package
==== dnf ====
Version update (4.6.1 -> 4.7.0)
- Update to version 4.7.0
+ Improve repo config path ordering to fix a comps merging issue (rh#1928181)
+ Keep reason when package is removed (rh#1921063)
+ Improve mechanism for application of security filters (rh#1918475)
+ [doc] Add description for new API
+ [API] Add new method for reset of security filters
+ [doc] Improve documentation for Hotfix repositories
+ [doc] fix: "makecache" command downloads only enabled repositories
+ Use libdnf.utils.checksum_{check,value}
+ [doc] Add info that maximum parallel downloads is 20
+ Increase loglevel in case of invalid config options
+ [doc] installonly_limit documentation follows behavior
+ Prevent traceback (catch ValueError) if pkg is from cmdline
+ Add documentation for config option sslverifystatus (rh#1814383)
+ Check for specific key string when verifing signatures (rh#1915990)
+ Use rpmkeys binary to verify package signature (rh#1915990)
+ Bugs fixed (rh#1916783)
+ Preserve file mode during log rotation (rh#1910084)
==== dracut ====
Version update (053+suse.90.gb89b6347 -> 053+suse.93.g039ac07d)
Subpackages: dracut-ima
- Update to version 053+suse.93.g039ac07d:
* fix(kernel-modules): optionally add /usr/lib/modules.d to initramfs
- Update to version 053+suse.91.g4a0bdda1:
* fix(kernel-modules): optionally add /usr/lib/modules.d to initramfs (bsc#1180822)
==== etcd ====
- update etcd.service: avoid args from commandline and environment
as it leads to start failure (bsc#1183703)
==== expat ====
Version update (2.2.10 -> 2.3.0)
- Do not BuildRequire cmake: expat is part of the distro bootstrap
cycle and any additional dependency makes the ring larger. In
this case here, cmake was even only used to own a directory.
- update to 2.3.0:
* When calling XML_ParseBuffer without a prior successful call to
XML_GetBuffer as a user, no longer trigger undefined behavior
(by adding an integer to a NULL pointer) but rather return
XML_STATUS_ERROR and set the error code to (new) code
XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer)
of Clang 11 (but not Clang 9).
* xmlwf: Exit status 2 was used for both:
- malformed input files (documented) and
- invalid command-line arguments (undocumented).
case of invalid command-line arguments now
has its own exit status 4, resolving the ambiguity.
* Other changes
==== file ====
Version update (5.39 -> 5.40)
Subpackages: file-magic libmagic1
- Add patch file-5.40-ascii.patch
* fix regressions on dection of smaller ASCII files (boo#1184899)
- Add upstream comitts as patches
* file-5.40-9b0459af.patch
put attributes inside the xz magic. (boo#1184888, boo#1184891)
* file-5.40-749e1ecf.patch
If the file is less than 3 bytes, use the file length to determine type
* file-5.40-f0601504.patch
Fix regression after unsigned/signed printing changes
* file-5.40-f7705dca.patch
fix previous (cast >>)
* file-5.40-3096f87f.patch
Correct return values to exptexted
* file-5.40-4c5fe1ad.patch
Add missing parens
- Port patch
* file-5.28-btrfs-image.dif
due patch file-5.40-f0601504.patch
- Add upstream commits as patches
* file-5.40-1c677c04.patch
Don't count each byte encounter as 1, count the total number
of bytes found (Anatol Belski). This makes it behave like 5.39
* file-5.40-6b34436a.patch
remove "u" from the pattern (Joerg Jenderek)
* file-5.40-9e2becec.patch
Encoding bug fix
- Fix offsets of patches
* file-5.17-option.dif
* file-5.19-biorad.dif
* file-5.19-printf.dif
* file-5.19-zip2.0.dif
* file-5.22-elf.dif
* file-5.23-endian.patch
* file-5.28-btrfs-image.dif
* file-5.38-allow-readlinkat.dif
* file-secure_getenv.patch
- update to 5.40:
* Add limit to the number of bytes to scan for encoding
* Fix /T (trim flag) for regex
* Trim trailing separator.
* Convert system read errors from corrupt ELF
files into human readable error messages
* Exclude surrogate pairs from utf-8 detection
- drop upstreamed patches:
* file-5.16-ocloexec.patch
* file-5.39-alternate_format.dif
==== filesystem ====
- also fix /var/lib/empty to be readonly
- make bindir/ _lib and _libdir readonly (mode 0555) to avoid
runpath-to-writeable-directory warning
==== findutils ====
- Use new Group Release Keyring
==== fuse3 ====
Version update (3.10.2 -> 3.10.3)
- Update to release 3.10.3
* Fix returning d_ino and d_type from readdir(3) in non-plus mode
==== gdk-pixbuf ====
Version update (2.42.2 -> 2.42.6)
Subpackages: gdk-pixbuf-query-loaders libgdk_pixbuf-2_0-0
- Update to stable 2.42.6
+ Yield gtk_doc option value in subprojects
+ Always initialise locale on thumbnailer startup
+ Add fallback subproject for libjpeg
+ Use type:array for the builtin_loaders option
+ Default to using builtin png and jpeg loaders
- Disable building of docs: creates a cycle with python:
+ Drop python3-gi-docgen BuildRequires.
+ Pass gtk_doc=false to meson
- Update to version 2.42.4:
+ Make enum type registration thread safe.
+ Do not install skipped test files.
+ Fix GIF initialization.
+ Always run GIF loader tests.
+ Fix leaks discovered via ASan.
+ Expose GdkPixbufLoader API via introspection.
+ Fix revert-to-previous first frame behaviour for GIF files.
+ Link to libintl if needed.
+ Improve support for using gdk-pixbuf as a subproject.
+ Fix build with GModule disabled.
+ Use gi-docgen to generate the API reference from introspection
data.
- Replace gtk-doc BuildRequires with python3-gi-docgen: follow
upstreams port.
- As a workaround to
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/177, delete
the installed gi-docgen program files.
==== glib-networking ====
Version update (2.66.0 -> 2.68.0)
- Update to version 2.68.0:
+ Fix double free in GnuTLS client certificate request code.
- Update to version 2.68.rc:
+ Improve heuristic for returning
G_TLS_ERROR_CERTIFICATE_REQUIRED.
+ Fix check for certain handshake failure conditions.
- Update to version 2.68.alpha:
+ Download and validate missing intermediate certificates
(requires GnuTLS 3.7).
+ OpenSSL backend now uses system crypto policy.
+ Remove use of g_assert in testsuite.
+ Restore support for old versions of OpenSSL.
+ Implement TLS channel bindings API.
+ Implement PKCS#11 API.
+ Update testsuite for Fedora 33 crypto policy.
+ Fix NULL dereference in g_tls_connection_base_read_message.
+ Fix a couple code issues found by Coverity.
==== glib2 ====
Version update (2.66.7 -> 2.68.1)
Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0
- Update to version 2.68.1:
+ Fix a crash in `GKeyFile` when parsing a file which contains
translations using a `GKeyFile` instance which has loaded
another file previously.
+ Pin GIO DLL in memory on Windows.
+ Updated translations.
- Update to version 2.68.0:
+ Bugs fixed:
- build: Drop gconstructor_as_data_h usage from
glib-compile-schemas.
- glib.supp: Generalize some suppressions.
- gbytesicon: Fix error in g_bytes_icon_new() documentation.
- glocalfileoutputstream: Tidy up error handling.
- tests: Fix copy/paste error in queue test.
- Update to version 2.67.6:
+ Fix a security issue when using `g_file_replace()` with
`G_FILE_CREATE_REPLACE_DESTINATION`.
+ Disallow operations on the empty path with
`g_file_new_from_path()`.
+ Various fixes for GLib when building with clang-cl on Windows.
+ Updated translations.
- Update to version 2.67.5:
+ Fix more issues with `glib_typeof` macro from 2.67.3?2.67.4.
+ Fix regression with some FD mappings passed to
`g_subprocess_launcher_spawnv()` caused by changes for #2097 in
GLib 2.67.4.
+ Fix detection of `str[n]casecmp()` when building with
`clang-cl`.
+ Use zlib from subproject if configured with
`wrap_mode=forcefallback`.
+ Updated translations.
- Update to version 2.67.4:
+ Add a `g_string_replace()` function.
+ Add `G_DBUS_SERVER_FLAGS_AUTHENTICATION_REQUIRE_SAME_USER` flag
to simplify the common case for writing a D-Bus authentication
observer, allowing most uses of `GDBusAuthObserver` to be
dropped.
+ Add a new `g_spawn_with_pipes_and_fds()` variant which supports
renumbering FDs.
+ Add new g_memdup2() API to replace g_memdup(), which is
vulnerable to a silent integer truncation and heap overflow
problem if not used carefully.
+ Fix various regressions caused by rushed security fixes in
2.66.6.
+ Fix a silent integer truncation when calling
g_byte_array_new_take() for byte arrays bigger than G_MAXUINT.
+ Fix `g_utf8_strdown()` to fix some issues in Turkish.
+ Updated translations.
==== glibc ====
Subpackages: glibc-locale glibc-locale-base
- Enable support for static PIE (bsc#1184646)
- select-modify-timeout.patch: linux: always update select timeout
(bsc#1184339, BZ #27706)
- Don't remove -f[asynchronous-]unwind-tables during configure run, no
longer needed
==== gmp ====
- Compute FIPS hmac for libgmp.so.10 [bsc#1184555]
- do not break SLE 12 build when applying spec-cleaner
==== gobject-introspection ====
Version update (1.66.1 -> 1.68.0)
Subpackages: girepository-1_0 libgirepository-1_0-1
- Update to version 1.68.0:
+ Update GLib annotations.
+ docs: cleanup.
+ Fix syntax errors in gir-1.2.rnc.
- Update to version 1.67.1:
+ Requires Python 3.6+.
+ Update GLib annotations.
+ Fix compatibility with Python 3.10.
+ Fix build with GIR data disabled.
+ Add test object for signal marshallers.
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix obsolete syslog in systemd unit file and updating to use journal as
StandardOutput (bsc#1185149)
* grub2-once.service
- Fix build error on armv6/armv7 (bsc#1184712)
* 0001-emu-fix-executable-stack-marking.patch
- Fix error grub_file_filters not found in Azure virtual machine (bsc#1182012)
* 0001-Workaround-volatile-efi-boot-variable.patch
==== gsettings-desktop-schemas ====
Version update (3.38.0 -> 40.0)
- Update to version 40.0:
+ Updated translations.
- Update to version 40.rc:
+ Updated translations.
- Update to version 40.beta:
+ Use pgUp/Down shortcuts for horizontal workspace switching.
+ Add super-based workspace navigation shortcuts.
+ Remove ?gnome-fallback? as a valid session name.
+ Fix summary of `two-finger-scroll-enabled` key.
+ Updated translations.
- Update to version 40.alpha:
+ Add scroll button locking to trackballs.
+ Move mouse drag-threshold/double-click settings here.
+ Move antialiasing/hinting/rgba-order settings here.
+ Updated translations.
==== hwinfo ====
Version update (21.72 -> 21.73)
- merge gh#openSUSE/hwinfo#95
- don't rely on select() updating its timeout arg (bsc#1184339)
- 21.73
==== installation-images-MicroOS ====
Version update (16.56 -> 17.0)
- merge gh#openSUSE/installation-images#498
- rescue: make sure /var/run is a link to /run
- rescue: link modules and firmware from correct location
- 17.0
- merge gh#openSUSE/installation-images#504
- no more libstoragemgmt-netapp-plugin
- 16.74
- merge gh#openSUSE/installation-images#503
- make usrmerge case depend on /lib link in filesystem package
- 16.73
- merge gh#openSUSE/installation-images#502
- extend 'exists' operator to test for a specfic type
- merge gh#openSUSE/installation-images#500
- fix NVMf autoconnect udev rule (bsc#1184908)
- 16.72
- merge gh#openSUSE/installation-images#490
- re-enable SecureBoot on AARCH64 on SLE Micro enable building the
SLE Micro flavor based on OBS macro
- 16.71
- merge gh#openSUSE/installation-images#497
- add udev rules for NVMf autoconnect in the installation system
(bsc#1184908)
- 16.70
- merge gh#openSUSE/installation-images#496
- add even more USB Type-C modules (bsc#1185010)
- 16.69
- merge gh#openSUSE/installation-images#492
- allow loading of unsupported modules (bsc#1184413, bsc#1183140)
- 16.68
- merge gh#openSUSE/installation-images#491
- build with kernel-default-optional on Leap (bsc#1184413)
- 16.67
- merge gh#openSUSE/installation-images#487
- gefrickel: don't skip non-existing
- 16.66
- merge gh#openSUSE/installation-images#484
- add USB Type-C modules (bsc#1184867)
- 16.65
- merge gh#openSUSE/installation-images#481
- enable multipathd in rescue system (bsc#1184686)
- merge gh#openSUSE/installation-images#480
- build with kernel-default-extra on Leap (bsc#1184413, bsc#1183140)
- 16.64
- merge gh#openSUSE/installation-images#478
- Fix grub branding for %{arm}
- 16.63
- merge gh#openSUSE/installation-images#473
- adjust NVME config initialisation (bsc#1183230)
- 16.62
- merge gh#openSUSE/installation-images#470
- Fix firmware dir for usrmerge (boo#1029961)
- remote_log_setup: support loghost with port
- 16.61
- merge gh#openSUSE/installation-images#450
- Add support for riscv64
- 16.60
- merge gh#openSUSE/installation-images#475
- remove bind-libs BuildRequires
- 16.59
- merge gh#openSUSE/installation-images#474
- remove changelog file
- update git2log script to latest version
- clean up VERSION
- remove .gitignore
- 16.58
- merge gh#openSUSE/installation-images#472
- handle update-alternative symlinks automatically
- remove update-alternative hacks
- 16.57
==== irqbalance ====
Version update (1.7.0+git20210222.9db8d5c -> 1.8.0)
- Add _service file pointing to github sources
A _service
- Update to version 1.8.0:
* Add return value check of opendir in do_one_cpu
* Hotplug may occur again during sleep, so wait until there is no hotplug
==== k9s ====
Version update (0.24.2 -> 0.24.7)
- Update to version 0.24.7:
* cleaning up
* bump rev
* maintenance #1067 #1061 #1060
* rev up
* merge prs + dep updates
* ISSUE-957 - Add a simple pause button to stop auto-refresh on ConfigMap and Secrets (#1062)
* bugs #1063 #1061 #1059 #177
* Add release tag (#1058)
* fix #1056 #1024
* fix po feature col + lockouts?
- Update to version 0.24.6:
* rev up
* merge prs + dep updates
* ISSUE-957 - Add a simple pause button to stop auto-refresh on ConfigMap and Secrets (#1062)
* bugs #1063 #1061 #1059 #177
* Add release tag (#1058)
* fix #1056 #1024
* fix po feature col + lockouts?
* fix #1024
* update deps and image
- Rename Makefile.diff to Makefile.patch
==== kdump ====
- kdump-Add-bootdev-to-dracut-command-line.patch: Add 'bootdev=' to
dracut command line (bsc#1182309).
==== kernel-firmware ====
Version update (20210315 -> 20210419)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20210419 (git commit 940b7f42d45d):
* cxgb4: Update firmware to revision 1.25.4.0
* Mellanox: Add new mlxsw_spectrum firmware xx.2008.2438
* brcm: Link CM4's WiFi firmware with DMI machine name.
* linux-firmware: Update firmware file for Intel Bluetooth AX201
* amdgpu: update navi14 smc firmware
* amdgpu: update navi10 SMC firmware
* QCA: Update Bluetooth firmware for QCA6174
* WHENCE: link to similar config file for rtl8821a support
* nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.14.A.6
* amdgpu: add arcturus firmware
* rtl_bt: Add rtl8723bs_config-OBDA0623.bin symlink
* brcm: Add nvram for the Chuwi Hi8 (CWI509) tablet
* brcm: Add nvram for the Predia Basic tablet
* qcom: sm8250: update remoteproc firmware
* qcom: update a650 firmware files
* rtl_bt: Update RTL8822C BT(UART I/F) FW to 0x59A_76A3
* amdgpu: update sienna cichlid firmware for 20.50
* amdgpu: update vega20 firmware for 20.50
* amdgpu: update picasso firmware for 20.50
* amdgpu: update navi14 firmware for 20.50
* amdgpu: update vega12 firmware for 20.50
* amdgpu: update navi12 firmware for 20.50
* amdgpu: update vega10 firmware for 20.50
* amdgpu: update renoir firmware for 20.50
* amdgpu: update navi10 firmware for 20.50
* amdgpu: update raven2 firmware for 20.50
* amdgpu: update raven firmware for 20.50
* amdgpu: add initial support for navy flounder
- Update aliases
==== kexec-tools ====
Version update (2.0.20 -> 2.0.21)
- kexec-tools-remove-duplicate-ramdisk-definition.patch:
Remove duplicate definition of ramdisk (fix ppc build).
- Bump version to 2.0.21
- Drop patches from upstream git:
* kexec-tools-add-variant-helper-functions.patch
* kexec-tools-arm64-kexec-allocate-memory-space-avoiding-reserved-regions.patch
* kexec-tools-arm64-kdump-deal-with-resource-entries-in-proc-iomem.patch
* kexec-tools-build-multiboot2-for-i386.patch
* kexec-tools-fix-kexec_file_load-error-handling.patch
* kexec-tools-reset-getopt-before-falling-back-to-legacy.patch
* kexec-tools-s390-Reset-kernel-command-line-on-syscal.patch
* kexec-tools-Remove-duplicated-variable-declarations.patch
- Hardening: Link as PIE (bsc#1185020).
==== krb5 ====
- Use /run instead of /var/run for daemon PID files; (bsc#1185163);
- do not own %sbindir, it comes from filesystem package
==== kubectl-who-can ====
Version update (0.0+git20190606.c185aaa -> 0.3.0)
- Update to version 0.3.0:
* chore: Bump up Go to v1.15 (#82)
* feat: Add JSON export functionality (#81)
* chore: Switch to main branch (#80)
* feat: Add -o wide flag to print the ROLE column (#79)
* chore: Add krew-release-bot for publishing plugin releases (#78)
* refactor: Use KIND to run integration tests (#77)
* chore: Bump up Go from 1.12 to 1.14 (#76)
* chore: Remove Travis CI config (#75)
* chore: Migrate from Travis CI to GitHub Actions (#74)
* chore: Replace google/glog with kubernetes/klog (#71)
==== kubernetes ====
Version update (1.20.2 -> 1.21.0)
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet
- Remove BuildRequires for Go, bump kubernetes to 1.21.0 and 1.20.5
- add BuildRequires for go >= 1.15.5, to align with kubernetes1.20 package
==== kubernetes1.20 ====
Version update (1.20.2 -> 1.20.6)
- Update to version 1.20.6:
* azure: fix node public IP not able to fetch issues from IMDS
* Fix test now that empty struct are tracked in mangaed fields
* make generated_files
* Update bazel and dependencies.
* Update to use cliflag.NamedFlagSets
* Address comments.
* Update NodeIPAM wrapper
* Delete build file based on latest changes.
* Update extension mechanism and related sample.
* Address review comments
* Address review comments
* Modify integration test to fill CCM test gap
* Update test
* Move initialize cloud provider with client builder reference inside controller start func
* Separate example func and add README.md
* Separate func
* Add demonstration of wiring nodeIPAMController config object
* Remove cloud provider name as input parameter.
* Fix flag passing in CCM.
* Use apply to create objects in TestApplyStatus
* Stop skipping APIService in apply test
* Stop clearing OpenAPIConfig for kube-aggregator
* Declare TCP default for service port protocol
* Add ability to skip OpenAPI handler installation
* do not tag user created public IPs
* apf: fix test flake
* update gogo/protobuf to v1.3.2
* Fixed describe ingress causing SEGFAULT
* Update sigs.k8s.io/structured-merge-diff to v4.0.3
* Stop probing a pod during graceful shutdown
* apf: handle error from PollImmediateUntil
* staging/publishing: Set default go version to go1.15.10
* webhook config manager: HasSynced returns true when the manager is synced with existing webhookconfig objects at startup
* update metadata-concealment to 1.6 for removing legacy checking
* slice mirroring controller mirror annotations
* additional subnet configuration for AWS ELB
* Revert "Automated cherry pick of #97417: fix azure file secret not found issue"
* Use the correct volum handle format for GCE regional PD.
* Increasing maximum number of ports allowed in EndpointSlice
* Support > 5 ports in L4 ILB.
* build: Update to k/repo-infra(a)v0.1.5 (supports go1.15.10)
* Use go-runner:v2.3.1-go1.15.10-buster.0 image (built on go1.15.10)
* Update to go1.15.10
* Update CHANGELOG/CHANGELOG-1.20.md for v1.20.5
* fix a bug where only service with less than 100 ports can have GCE load balancer
* bazel
* deepcopy statefulsets
* full deepcopy on munged pod spec
* remove pod toleration toleration seconds mutation
* add markers for inspected validation mutation hits
* move secret mutation from validation to prepareforupdate
* remove unnecessary mutations in validation
* tweak validation to avoid mutation
* For LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP
* Moving docker options to daemon.json
* e2e fix: loosen configmap to 10 in resource quota
* api-server add --lease-max-object-count
* apiserver add metric etcd_lease_object_counts
* apiserver add --lease-reuse-duration-seconds to config lease reuse duration
* Bump Cluster Autoscaler to v1.20.0
- Rebase opensuse-version-checks.patch
- Update to version 1.20.5:
* Updating EndpointSliceMirroring controller to wait for cache to be updated
* Updating EndpointSlice controller to wait for cache to be updated
* Add tests for populated volumes
* Fix comment on getPodVolumeSubpathListFromDisk
* Fix tests to test for new behavior
* Add warnings after cleanup back
* Automatically remove orphaned pod's dangling volumes
* Count pod overhead as an entity's resource usage
* Ensure only one LoadBalancer rule is created when HA mode is enabled
* Fix issue in checking domain socket for plugin watcher
* Use Lstat in plugin watcher to avoid Windows problem
* Skip visiting empty secret and configmap names
* Number of sockets is assumed to be same as NUMA nodes
* disables APF if the aggregated apiserver cannot locate the core kube-apiserver
* Fix repeatedly aquire the inhibit lock
* Sync node status during kubelet node shutdown
* remove executable permission bits
* Upgrading vendored dependencies
* Upgrading cAdvisor to 0.38.8
* Update CHANGELOG/CHANGELOG-1.20.md for v1.20.4
* build/OWNERS: Add Dan and Sascha as reviewers
* OWNERS(CHANGELOG): Move reviewers/approvers to CHANGELOG/ dir
* Bump konnectivity-client to v0.0.15 in release-1.20
* Storage e2e: Remove pd csi driver installation in GKE
* Update CHANGELOG/CHANGELOG-1.20.md for v1.20.3
* kube-cross: update image to use v1.15.8-legacy-1
* [go1.15] build: Update to k/repo-infra(a)v0.1.4 (supports go1.15.8)
* Use go-runner:buster-v2.3.1 image (built on go1.15.8)
* staging/publishing: Set default go version to go1.15.8
* Update to go1.15.8
* Fix dbus shutdown events not continuing if they are not valid
* Revert "make hostPort match test linuxonly"
* Revert "conformance changes"
* kube-proxy: clear conntrack entries after rules are in place
* Use -LiteralPath instead of -Path
* Escape the special character in vsphere windows path
* Include unit test
* Adjust defer to correctly call
* do not remove volume dir when saveVolumeData fails
* kubeadm: drop explicit constant override in version test
* kubeadm: get k8s CI version markers from k8s infra bucket
* dockershim hostport respect IPFamily
* dockershim hostport manager use HostIP
* Balance nodes in scheduling e2e
* e2e: Pod should avoid nodes that have avoidPod annotation: clean remaining pods
* Cherry pick of #98254:Fix the kube-scheduler binary's description of the --config parameter is inaccurate
* fix kube-scheduler cannot send event because the Note field is too large
* Fix nil pointer dereference in disruption controller
* Update region_pd e2e test to support PV have GA topology
* Recover CSI volumes from dangling attachments
* IsVolumeAttachedToNode() renamed to GetAttachState(), and returns 3 states instead of combining "uncertain" and "detached" into "false"
* Fixes Attach Detach Controller reconciler race reading ActualStateOfWorld and operation pending states; fixes reconciler_test mock detach to account for multiple attaches on a node
* Fix translation of Cinder storage classess to CSI
* OWNERS(CHANGELOG): Add release-engineering-reviewers as reviewers
* OWNERS(CHANGELOG): Add release-engineering-reviewers as approvers
* Resolve IP addresses of host-only in filtered dialer
* Deflake ingress updates
* make podTopologyHints protected by lock
* ignore cgroup driver check in windows node upgrade
* OWNERS(sig-release): Add CHANGELOG aliases
* OWNERS(build-image): Add Release Managers as reviewers
* OWNERS(releng): Sync Release Managers
* OWNERS(sig-release): Remove SIG Release approvers alias
* aggregate errors when putting vmss
* fix azure file migration issue
* kubelet: Fix mirrorPodTerminationMap leak
* kubelet: Delete static pods gracefully
* kubeadm: change the default image repository for CI images from gcr.io/kubernetes-ci-images to gcr.io/k8s-staging-ci-images
* kubelet logs print 'kubelet nodes sync' frequently
* reduce buckets for etcd_request_duration_seconds
* Merge pull request #96876 from howieyuen/no-execute-taint-missing
* cleanup subnet in frontend ip configs
* conformance changes
* make hostPort match test linuxonly
* Clean up namespaced children of missing virtual parents with incorrectly cluster-scoped nodes
* Add unit test for child scope mismatch with missing parent
* vendor: update cAdvisor to v0.38.7
* Use volumeHandle as PV name when translating EBS inline volume
* Update CHANGELOG/CHANGELOG-1.20.md for v1.20.2
* kubectl-convert import known versions
* Revert "Merge pull request #92817 from kmala/kubelet"
* WIP: node sync at least once
* fixes nil panic for nil delegated auth options
* Lower the frequency of volume plugin deprecation warning
* handle webhook authenticator and authorizer error
* fix the panic when kubelet registers if a node object already exists with no Status.Capacity or Status.Allocatable
* Avoid checking the entire backend service URL for FR equality.
* Use non privileged ports
==== kubic-control ====
Subpackages: kubic-haproxycfg kubicctl kubicd
- kubicd: require kubernetes-kubeadm
- pin to go 1.14, the certificate handling changes in 1.15 are
incompatible (issues/30)
==== ldb ====
Version update (2.2.1 -> 2.3.0)
- Update to ldb 2.3.0
==== less ====
Version update (563 -> 581)
- less 581:
* Change ESC-u command to toggle, not disable, highlighting per
man page
* Add ESC-U command
* Add ctrl-W search modifier for wrapping search
* F command can be interrupted by ^X
* Support OSC 8 hyperlinks when -R is in effect
* g command with no number will ignore -j and put first line at
top of screen
* Multiple + or -p command line options are handled better
* Add the --incsearch option
* Add the --line-num-width option
* Add the --status-col-width option
* Add the --use-color and --color options
* Display -w highlight even if highlighted line is empty
* If search result is in a long line, scroll to ensure it is
visible
* Editing the same file under different names now creates only
one entry in the file list.
* Make visual bell more visible on some terminals
* Ring end-of-file bell no more than once per second
* Build can use either Python or Perl for Makefile.aut operations
* Fix crash when using the @ search modifier.
* Fix crash in the 's' command due to duplicate free
- drop less-429-save_line_position.patch which was never accepted
upstream due to solving one problem and creating others
==== libapparmor ====
- add crypto-policies-mr720.diff to allow reading crypto policies
in abstractions/ssl_certs (boo#1183597)
- replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in
systemd into containers just because apparmor-parser ships a *.service file
==== libassuan ====
Version update (2.5.4 -> 2.5.5)
- update to 2.5.5:
* Fix a crash in the logging code
* Upgrade autoconf
==== libcap ====
- Add explicit dependency on libcap2 with version to libcap-progs
(bsc#1184690)
==== libcontainers-common ====
- Force overlay as default storage driver if system is not btrfs
(gh#containers/buildah#3153)
- Update common to 0.36.0
- Update podman to 3.1.1
- Update storage to 1.29.0
- Update image to 5.11.0
- Update common to 0.35.3
- Update podman to 3.1.0
- Update storage to 1.28.1
- Update image to 5.10.5
==== libdnf ====
Version update (0.60.0 -> 0.62.0)
Subpackages: libdnf-repo-config-zypp libdnf2
- Add patch to fix crash when loading DVD repositories
+ Patch: 0001-Fix-a-crash-when-repoId-not-found-in-loaded-conf-gke.patch
- Update to 0.62.0
+ Change order of TransactionItemReason (rh#1921063)
+ Add two new comperators for security filters (rh#1918475)
+ Apply security filters for candidates with lower priority
+ Fix: Goal - translation of messages in global maps
+ Enhance description of modular solvables
+ Improve performance for module query
+ Change mechanism of modular errata applicability (rh#1804234)
+ dnf_transaction_commit(): Remove second call to rpmtsSetVSFlags
+ Fix a couple of memory leaks
+ Fix: Setting of librepo handle in newHandle function
+ Remove failsafe data when module is not enabled (rh#1847035)
+ Expose librepo's checksum functions via SWIG
+ Fix: Mising check of "hy_split_nevra()" return code
+ Do not allow 1 as installonly_limit value (rh#1926261)
+ Fix check whether the subkey can be used for signing
+ Hardening: add signature check with rpmcliVerifySignatures
(CVE-2021-3445, CVE-2021-3421, CVE-2021-20271, rh#1932079, rh#1932089, rh#1932090, boo#1183779)
+ Add a config option sslverifystatus, defaults to false (rh#1814383)
+ [context] Add API for distro-sync
==== libeconf ====
Version update (0.3.8+git20200710.5126fff -> 0.4.0+git20210413.fdb8025)
- Removed doxygen from build requires.
- Update to version 0.4.0+git20210413.fdb8025:
* Installing man pages via meson. (#147)
- Update to version 0.4.0+git20210412.1513a26:
* Added econftool cat option (#146)
* new API call: econf_readDirsHistory (showing ALL locations)
* new API call: econf_getPath (absolute path of the configuration file)
- Update to version 0.4.0+git20210408.6d33e5e:
* Man pages libeconf.3 and econftool.8.
* Handling multiline strings.
* Added libeconf_ext which returns more information like
line_nr, comments, path of the configuration file,...
* Econftool, an command line interface for handling configuration
files.
* Generating HTML API documentation with doxygen.
* Improving error handling and semantic file check.
* Joining entries with the same key to one single entry if
env variable ECONF_JOIN_SAME_ENTRIES has been set.
==== libfido2 ====
Version update (1.6.0 -> 1.7.0)
Subpackages: libfido2-1 libfido2-udev
- Update to version 1.7.0:
* hid_win: detect devices with vendor or product IDs > 0x7fff
* Support for FIDO 2.1 authenticator configuration.
* Support for FIDO 2.1 UV token permissions.
* Support for FIDO 2.1 "credBlobs" and "largeBlobs" extensions.
* New API calls
* New fido_init flag to disable fido_dev_open?s U2F fallback
* Experimental NFC support on Linux.
- Enabled hidapi again, issues related to hidapi are fixed upstream
* Added fix-cmake-linking.patch to fix linking
==== libgcrypt ====
Version update (1.9.2 -> 1.9.3)
- libgcrypt 1.9.3:
* Bug fixes:
- Fix build problems on i386 using gcc-4.7.
- Fix checksum calculation in OCB decryption for AES on s390.
- Fix a regression in gcry_mpi_ec_add related to certain usages
of curve 25519.
- Fix a symbol not found problem on Apple M1.
- Fix for Apple iOS getentropy peculiarity.
- Make keygrip computation work for compressed points.
* Performance:
- Add x86_64 VAES/AVX2 accelerated implementation of Camellia.
- Add x86_64 VAES/AVX2 accelerated implementation of AES.
- Add VPMSUMD acceleration for GCM mode on PPC.
* Internal changes.
- Harden MPI conditional code against EM leakage.
- Harden Elgamal by introducing exponent blinding.
==== libhugetlbfs ====
- Hardening: Link as PIE (bsc#1184123).
==== libjpeg-turbo ====
- version update to 2.1.0
lot of changes, see
* https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.90
* https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.1.0
==== libksba ====
Version update (1.5.0 -> 1.5.1)
- libksba 1.5.1:
* Support Brainpool curves specified by ECDomainParameters
==== libpeas ====
Version update (1.28.0 -> 1.30.0)
- Update to version 1.30.0:
+ Build system improvements.
+ Improvements when running on Windows.
+ Updated translations.
==== librepo ====
Version update (1.13.0 -> 1.14.0)
- Update to 1.14.0
+ Fix LRO_PRESERVETIME behavior
+ Support multiple checksums in xattr (rh#1931904)
+ Return "calculated" checksum if requested w/caching
+ Fix lr_yum_download_url in case lr_handle is NULL
==== libselinux ====
Subpackages: libselinux1 selinux-tools
- Remove Recommends for selinux-autorelabel. It's better to have this
in the policy package itself (bsc#1181837)
==== libsolv ====
Version update (0.7.17 -> 0.7.19)
- fix rare segfault in resolve_jobrules() that could happen
if new rules are learnt
- fix a couple of memory leaks in error cases
- fix error handling in solv_xfopen_fd()
- bump version to 0.7.19
- fixed regex code on win32
- fixed memory leak in choice rule generation
- repo_add_conda: add flag to skip v2 packages
- bump version to 0.7.18
==== libxcrypt ====
Version update (4.4.18 -> 4.4.19)
- Update to 4.4.19
* Improve fallback implementation of explicit_bzero.
* Add glibc-on-CSKY, ARC, and RISCV-32 entries to libcrypt.minver.
These were added in GNU libc 2.29, 2.32, and 2.33 respectively
* Do not build xcrypt.h if we?re not going to install it.
* Do not apply --enable-obsolete-api-enosys mode to fcrypt.
* Compilation fix for NetBSD. NetBSD?s <unistd.h> declares encrypt
and setkey to return int, contrary to POSIX (which says they return
void). Rename those declarations out of the way with macros.
* Compilation fixes for building with GCC 11.
Basically fixes for explicit type-casting.
* Force update of existing symlinks during installation
==== libzypp ====
Version update (17.25.8 -> 17.25.9)
- Add missing includes for GCC 11 (bsc#1181874)
- Fix unsafe usage of static in media verifier.
- Solver: Avoid segfault if no system is loaded (bsc#1183628)
- MediaVerifier: Relax media set verification in case of a single
not-volatile medium (bsc#1180851)
- Do no cleanup in custom cache dirs (bsc#1182936)
- ZConfig: let pubkeyCachePath follow repoCachePath.
- version 17.25.9 (22)
==== lua54 ====
Version update (5.4.2 -> 5.4.3)
- Add upstream-bugs.patch and upstream-bugs-test.patch to fix
bugs 1,2,3 for build and tests respectively.
- Update to version 5.4.3:
* Fixes bugs found in Lua 5.4.2
- Removed upstream-bugs.patch: new release (no bugs found yet)
- Removed upstream-bugs-test.patch: new release (no bugs found yet)
==== lvm2 ====
Subpackages: liblvm2cmd2_03
- Honor lvm.conf event_activation=0 on "pvscan --cache -aay" (bsc#1185190)
+ bug-1185190_01-pvscan-support-disabled-event_activation.patch
+ bug-1185190_02-config-improve-description-for-event_activation.patch
- LVM cannot be disabled on boot (bsc#1184687)
+ bug-1184687_Add-nolvm-for-kernel-cmdline.patch
- Update patch for avoiding apply warning message
+ bug-1012973_simplify-special-case-for-md-in-69-dm-lvm-metadata.patch
- Add metadata-based autoactivation property for VG and LV (bsc#1178680)
+ bug-1178680_add-metadata-based-autoactivation-property-for-VG-an.patch
==== lvm2-device-mapper ====
Subpackages: device-mapper libdevmapper-event1_03 libdevmapper1_03
- Honor lvm.conf event_activation=0 on "pvscan --cache -aay" (bsc#1185190)
+ bug-1185190_01-pvscan-support-disabled-event_activation.patch
+ bug-1185190_02-config-improve-description-for-event_activation.patch
- LVM cannot be disabled on boot (bsc#1184687)
+ bug-1184687_Add-nolvm-for-kernel-cmdline.patch
- Update patch for avoiding apply warning message
+ bug-1012973_simplify-special-case-for-md-in-69-dm-lvm-metadata.patch
- Add metadata-based autoactivation property for VG and LV (bsc#1178680)
+ bug-1178680_add-metadata-based-autoactivation-property-for-VG-an.patch
==== makedumpfile ====
Version update (1.6.7 -> 1.6.8)
- Update patch metadata.
- Fix guessing of va_bits (bsc#1183977)
* makedumpfile-1-3-Use-vmcoreinfo-note-in-proc-kcore-for-mem-.patch
* makedumpfile-2-3-arm64-Make-use-of-NUMBER-VA_BITS-in-vmcore.patch
* makedumpfile-3-3-arm64-support-flipped-VA-and-52-bit-kernel.patch
- Support kernel 5.11:
* makedumpfile-use-uts_namespace.name-offset-VMCOREINFO.patch:
make use of 'uts_namespace.name' offset in VMCOREINFO.
- Update upstream project location (URL and Source).
- Update to version 1.6.8:
* Support newer kernels up to v5.9
* arm64: Add support for ARMv8.2-LPA (52-bit PA support)
* Retrieve MAX_PHYSMEM_BITS from vmcoreinfo
* sadump, kaslr: fix failure of calculating kaslr_offset
* Introduce --check-params option
* cope with not-present mem section
- Drop upstreamed patches:
* makedumpfile-Fix-cd_header-offset-overflow-with-large-pfn.patch
* makedumpfile-arm64-Align-PMD_SECTION_MASK-with-PHYS_MASK.patch
* makedumpfile-sadump-Fix-failure-of-reading.patch
- Allow to read kernel log from the lockless ringbuffer (bsc#1183965):
* makedumpfile-printk-add-support-for-lockless-ringbuffer.patch
* makedumpfile-printk-use-committed-finalized-state-value.patch
==== microdnf ====
Version update (3.7.1 -> 3.8.0)
- Update to 3.8.0
+ Add "makecache" command
+ Add "distro-sync" command
==== mozilla-nss ====
Version update (3.62 -> 3.63.1)
- update to NSS 3.63.1
* no upstream release notes for 3.63.1 (yet)
Fixed in 3.63
* bmo#1697380 - Make a clang-format run on top of helpful contributions.
* bmo#1683520 - ECCKiila P384, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual
scalar multiplication.
* bmo#1683520 - ECCKiila P521, change syntax of nested structs
initialization to prevent build isses with GCC 4.8.
* bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual
scalar multiplication.
* bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683.
* bmo#1694214 - tstclnt can't enable middlebox compat mode.
* bmo#1694392 - NSS does not work with PKCS #11 modules not supporting
profiles.
* bmo#1685880 - Minor fix to prevent unused variable on early return.
* bmo#1685880 - Fix for the gcc compiler version 7 to support setenv
with nss build.
* bmo#1693217 - Increase nssckbi.h version number for March 2021 batch
of root CA changes, CA list version 2.48.
* bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's
'Chambers of Commerce' and 'Global Chambersign' roots.
* bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER.
* bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS.
* bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS.
* bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs
from NSS.
* bmo#1687822 - Turn off Websites trust bit for the ?Staat der
Nederlanden Root CA - G3? root cert in NSS.
* bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce
Root - 2008' and 'Global Chambersign Root - 2008?.
* bmo#1694291 - Tracing fixes for ECH.
- required for Firefox 88
==== multipath-tools ====
Version update (0.8.5+29+suse.5dabcd2 -> 0.8.5+30+suse.633836e)
Subpackages: kpartx libmpath0
- Update to version 0.8.5+30+suse.633836e:
* multipathd: give up "add missing path" after multiple failures
(bsc#1183963)
==== ncurses ====
Version update (6.2.20210313 -> 6.2.20210424)
Subpackages: libncurses6 ncurses-utils terminfo-base
- Add ncurses patch 20210424
+ avoid using broken system macros for snprintf which interfere with
_nc_SLIMIT's conditionally adding a parameter when the string-hacks
configure option is enabled.
+ add a "all::" rule before the new "check" rule in test/Makefile.in
- Add ncurses patch 20210418
+ improve CF_LINK_FUNCS by ensuring that the source-file is closed
before linking to the target.
+ add "check" rules for headers in c++, progs and test-directories.
+ build-fix for termsort module when configured with termcap (reports
by Rajeev V Pillai, Rudi Heitbaum).
- Add ncurses patch 20210417
+ extend --disable-pkg-ldflags option to also control whether $LDFLAGS
from the build is provided in -config and .pc files (Debian #986764).
+ fix some cppcheck warnings, mostly style, in ncurses and c++
libraries and progs directory.
+ fix off-by-one limit for tput's processing command-line arguments
(patch by Hadrien Lacour).
- Do not strip examples
- Install available manual pages of examples as well
- Add ncurses patch 20210403
+ fix some cppcheck warnings, mostly style, in ncurses library and
progs directory.
+ improve description of BSD-style padding in curs_termcap.3x
+ improved CF_C11_NORETURN macro, from byacc changes.
+ fix "--enable-leak" in CF_DISABLE_LEAKS to allow turning
leak-checking off later in a set of options.
+ relax modification-time comparison in CF_LINK_FUNCS to allow it to
accept link() function with NFS filesystems which change the mtime
on the link target, e.g., several BSD systems.
+ call delay_output_sp to handle BSD-style padding when tputs_sp is
called, whether directly or internally, to ensure that the SCREEN
pointer is passed correctly (reports by Henric Jungheim, Juraj
Lutter).
- Correct offsets of patch ncurses-6.2.dif
- Disable pcre support for now (boo#1183960, boo#1184083)
- Add ncurses patch 20210327
+ build-fixes for Solaris10 /bin/sh
+ fix some cppcheck warnings, mostly style, in ncurses test-programs,
form and menu libraries.
- Add ncurses patch 20210323
+ add configure option --enable-stdnoreturn, making the _Noreturn
keyword optional to ease transition (prompted by report by
Rajeev V Pillai).
- Enhence cursescheck script
- Disable _Noreturn usage as it breaks build of e.g. dialog
- Add ncurses patch 20210320
+ improve parameter-checking in tput by forcing it to analyze any
extended string capability, e.g., as used in the Cs and Ms
capabilities of the tmux description (report by Brad Town,
cf: 20200531).
+ remove an incorrect free in the fallback (non-checking) version of
_nc_free_and_exit (report by Miroslav Lichvar).
+ correct use-ordering in some xterm-direct flavors -TD
+ add hterm, hterm-256color (Mike Frysinger)
+ if the build-time compiler accepts c11's _Noreturn keyword, use that
rather than gcc's attribute.
+ change configure-check for gcc's noreturn attribute to assume it is
a prefix rather than suffix, matching c11's _Noreturn convention.
+ add "lint" rule to c++/Makefile, e.g., with cppcheck.
- Port patch ncurses-6.2.dif by correcting offsets
==== openSUSE-build-key ====
- fixed s390x key install (bsc#1185245)
==== openssl ====
Version update (1.1.1j -> 1.1.1k)
- Update to 1.1.1k release
==== openssl-1_1 ====
Version update (1.1.1j -> 1.1.1k)
Subpackages: libopenssl1_1
- Update to 1.1.1k
* Fixed a problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag. This flag enables additional
security checks of the certificates present in a certificate
chain. It is not set by default. ([CVE-2021-3450])
[bsc#1183851]
* Fixed an issue where an OpenSSL TLS server may crash if sent a
maliciously crafted renegotiation ClientHello message from a
client. If a TLSv1.2 renegotiation ClientHello omits the
signature_algorithms extension (where it was present in the
initial ClientHello), but includes a signature_algorithms_cert
extension then a NULL pointer dereference will result, leading
to a crash and a denial of service attack.
A server is only vulnerable if it has TLSv1.2 and renegotiation
enabled (which is the default configuration). OpenSSL TLS
clients are not impacted by this issue. ([CVE-2021-3449])
[bsc#1183852]
==== pam ====
Subpackages: pam_unix
- If "LOCAL" is configured in access.conf, and a login attempt from
a remote host is made, pam_access tries to resolve "LOCAL" as
a hostname and logs a failure.
Checking explicitly for "LOCAL" and rejecting access in this case
resolves this issue.
[bsc#1184358, bsc1184358-prevent-LOCAL-from-being-resolved.patch]
- pam_limits: "unlimited" is not a legitimate value for "nofile"
(see setrlimit(2)). So, when "nofile" is set to one of the
"unlimited" values, it is set to the contents of
"/proc/sys/fs/nr_open" instead.
Also changed the manpage of pam_limits to express this.
[bsc#1181443, pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch]
==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap
- Suggest libdnf-repo-config-zypp explicitly
- Fix dependency on systemd-icon-branding-openSUSE
- Use only kernel-firmware-all instead of kernel-firmware to avoid
duplicate firmware on the DVD
- spice-vdagent is available on all archs
- hyper-v and open-vm-tools are available on AArch64 as well
- A fresh install does not have xdg-open & friends. Fix by adding xdg-utils
- while there, fix the comment, as they're common tools, but not
necessarily useful only "during initial setup"
- Add packages to the desktop commons pattern:
systemd-icons-branding-openSUSE (to list the MicroOS logo on the
Gnome Settings About page)
- Add packages to the DVD:
- instead of adding firmware-all, add specific firmware packages for
common hardware (or at least, for hardware for which we have bugs
open, see bsc#1184767 and bsc#1184403)
- Add some packages in the DVD:
- Spice guest driver so graphics works properly out of the box,
when installing in VMs (mostly for desktops)
- firmwares so that (wireless mostly, bot also wired) networking
works in the installer and on the installed system
==== pcre2 ====
- Remove regcomp, regexec etc. from libpcre2-posix.
(Add pcre2-symbol-clash.patch)
==== perl-Bootloader ====
Version update (0.933 -> 0.934)
- merge gh#openSUSE/perl-bootloader#134
- install with --removable if efivars are not writable
(bsc#1182749, bsc#1174111, bsc#1184160)
- fix whitespace
- 0.934
==== pkgconf ====
Subpackages: libpkgconf3 pkgconf-m4 pkgconf-pkg-config
- do not own directories provided by filesystem
- small cleanups inspired by spec-cleaner
==== podman ====
Version update (3.0.1 -> 3.1.2)
Subpackages: podman-cni-config
- Update to version 3.1.2:
* Bump to v3.1.2
* Update release notes for v3.1.2
* Ensure mount destination is clean, no trailing slash
* Fixes podman-remote save to directories does not work
* [CI:DOCS] Add missing dash to verbose option
* [CI:DOCS] Fix Markdown table layout bugs
* [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md
* rmi: don't break when the image is missing a manifest
* Bump containers/image to v5.11.1
* Bump github.com/coreos/go-systemd from 22.2.0 to 22.3.1
* Fix lint
* Bump to v3.1.2-dev
- Split podman-remote into a subpackage
- Add missing scriptlets for systemd units
- Escape macros in comments
- Drop some obsolete workarounds, including %{go_nostrip}
- Update to version 3.1.1:
* Bump to v3.1.1
* Update release notes for v3.1.1
* podman play kube apply correct log driver
* Fix build with GO111MODULE=off
* [CI:DOCS] Set all operation id to be compatibile
* Move operationIds to swagger:operation line
* swagger: add operationIds that match with docker
* Fix missing podman-remote build options
* [NO TESTS NEEDED] Shrink the size of podman-remote
* Move socket activation check into init() and set global condition.
* rootless: use is_fd_inherited
* Recreate until container prune tests for bindings
* System tests: special case for RHEL: require runc
* Document --volume from podman-remote run/create client
* Containers prune endpoint should use only prune filters
* Trim white space from /top endpoint results
* Fix unmount doc reference in image.rst
* Fix handling of remove --log-rusage param
* Makefile: introduce install.docker-full
* Makefile: ensure install.docker creates BINDIR
* Should send the OCI runtime path not just the name to buildah
* Fixed podman-remote --network flag
* podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns
* Fix typos --uidmapping and --gidmapping
* Add default template functions
* Don't relabel volumes if running in a privileged container
* Allow users to override default storage opts with --storage-opt
* Add transport and destination info to manifest doc
* Verify existence of auth file if specified
* Ensure that `--userns=keep-id` sets user in config
* [CI:DOCS] Update swagger definition of inspect manifest
* Volumes prune endpoint should use only prune filters
* Adjust libpod API Container Wait documentation to the code
* Add missing return
* [CI:DOCS] Fix formatting of podman-build man page
* cgroups: force 64 bits to ParseUint
* Fix slashes in socket URLs
* [CI:DOCS] Correct status code for /pods/create
* cgroup: do not set cgroup parent when rootless and cgroupfs
* Reflect current state of prune implementation in docs
* Do not delete container twice
* Test that we don't error out on advertised --log-level values
* At trace log level, print error text using %+v instead of %v
* pkg/errorhandling.JoinErrors: don't throw away context for lone errors
* Recognize --log-level=trace
* Fix message about runtime to show only the actual runtime
* Fix handling of $NAME and $IMAGE in runlabel
* Fix flake on failed podman-remote build : try 2
* Fix flake on failed podman-remote build
* Update documentation of podman-run to reflect volume "U" option
* Fixes invalid expression in save command
* Fix possible panic in libpod/image/prune.go
* Update all containers/ project vendors
* Fix tests
* Bump to v3.1.1-dev
- Update to version 3.1.0:
* Bump to v3.1.0
* Fix test failure
* Update release notes for v3.1.0 final release
* [NO TESTS NEEDED] Turn on podman-remote build --isolation
* Fix long option format on docs.podman.io
* Fix containers list/prune http api filter behaviour
* [CI:DOCS] Add note to mappings for user/group userns in build
* Validate passed in timezone from tz option
* Generate Kubernetes PersistentVolumeClaims from named volumes
* libpod/image: unit tests: use a `registries.conf` for aliases
- Require systemd 241 or newer due to podman dependency go-systemd v22,
otherwise build will fail with unknown C name errors
- Create docker subpackage to allow replacing docker with
corresponding aliases to podman.
==== python-M2Crypto ====
- Add no-need-parameterized.patch ... we don't need run-time requirement
of parameterized package (bsc#1185150).
==== python-MarkupSafe ====
- allow tests to be disabled (still on by default)
==== python-cryptography ====
- Remove unnecessary %ifpython3 construct
==== python-gobject ====
Version update (3.38.0 -> 3.40.1)
- Update to version 3.40.1:
+ Fix tests with glib 2.68.
+ Fix a regression with marshalling partial() objects.
- Update to version 3.40.0:
+ GTK 4 compatibility fixes.
+ Python 3.9 and 3.10 compatibility fixes.
+ New minimal dependency requirements.
- Up glib2, gobject-introspection, and cairo required versions.
==== python-importlib-metadata ====
Version update (3.7.0 -> 3.7.2)
- update to 3.7.2:
* Cleaned up cruft in entry_points docstring.
* Internal refactoring to facilitate ``entry_points() -> dict``
deprecation.
==== python-jsonpatch ====
Version update (1.28 -> 1.31)
- update to 1.31:
* Add support for preserving Unicode charaters
* remove pypy build
==== python-rpm ====
Version update (4.16.0 -> 4.16.1.3)
- update to rpm-4.16.1.3
==== raspberrypi-firmware-config ====
- Use smbios overlay to get minimal SMBIOS information through dmidecode (bsc#1183079)
==== raspberrypi-firmware-dt ====
- Add overlay for smbios information (bsc#1183079)
* smbios-overlay.dts
==== rbac-lookup ====
Version update (0.6.3 -> 0.6.4)
- Update to version 0.6.4:
* Update documentation from template (#176)
* Managed by Terraform
* Add documentation site (#175)
* Bump google.golang.org/api from 0.40.0 to 0.41.0 (#172)
* Bump google.golang.org/api from 0.39.0 to 0.40.0 (#164)
* Bump k8s.io/client-go from 0.20.2 to 0.20.4 (#168)
* Bump google.golang.org/api from 0.38.0 to 0.39.0 (#163)
* Bump google.golang.org/api from 0.37.0 to 0.38.0 (#162)
* Update GoReleaser to version 0.155, add Linux/arm and Windows builds (#161)
* Bump google.golang.org/api from 0.36.0 to 0.37.0 (#160)
==== rook ====
Version update (1.5.7+git4.gae949004e -> 1.5.10+git4.g309ad2f64)
- Update to v1.5.10
* Ceph
* Update Ceph-CSI to v3.2.1 (#7506)
* Use latest Ceph API for setting dashboard and rgw credentials (#7641)
* Redact secret info from reconcile diffs in debug logs (#7630)
* Continue to get available devices if failed to get a device info (#7608)
* Include RGW pods in list for rescheduling from failed node (#7537)
* Enforce pg_auto_scaler on rgw pools (#7513)
* Prevent voluntary mon drain while another mon is failing over (#7442)
* Avoid restarting all encrypted OSDs on cluster growth (#7489)
* Set secret type on external cluster script (#7473)
* Fix init container "expand-encrypted-bluefs" for encrypted OSDs (#7466)
* Fail pool creation if the sub failure domain is the same as the failure domain (#7284)
* Set default backend for vault and remove temp key for encrypted OSDs (#7454)
==== rpcbind ====
- Specify the appropriate set of local nss modules (boo#1177461)
==== rpm ====
Version update (4.16.0 -> 4.16.1.3)
Subpackages: librpmbuild9
- Use --dwz-single-file-mode for packages that use
baselibs.conf mechanism.
- Add add-dwz-single-file-mode-option.patch patch.
- change dump_posttrans mechanism to imply --noposttrans so that
libzypp can be compatible with older rpm versions
changed patch: posttrans.diff
- auto-config-update-aarch64-ppc64le.diff: Use timestamp in file instead
of searching for arch name, which cannot handle all cases
- update to rpm-4.16.1.3
* security fixes for CVE-2021-3421, CVE-2021-20271, CVE-2021-20266
* fix bdb_ro failing to open database with missing secondary indexes
* dropped: finddebuginfo-check-res-file.patch
* dropped: empty_dbbackend.diff
- require the exact version of librpmbuild in the rpm-build
package [bnc#1180965]
- reformat dwarf5.diff
- add dump_posttrans and --runposttrans options to make it possible
for libzypp to implement file triggers
new patch: posttrans.diff
==== rpm-config-SUSE ====
Version update (0.g64 -> 0.g76)
- Update to version 0.g76:
* Prepare usrmerge (boo#1029961)
* scripts/find-provides.ksyms: Handle XZ compressed kernel (boo#1179251).
* find-requires.ksyms: use "if kernel" conditional for modules-load.d
* find-requires.ksyms: actually generate modules-load.d dependencies
* find-requires.ksyms: Silence the awk warning
* find-provides.ksyms: Fix kernel version test
* find-provides.ksyms: Fix ksym-provides test
==== runc ====
- Backport patch to fix build on SLE-12 ppc64le.
+ 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch
==== salt ====
Subpackages: python3-salt salt-master salt-minion salt-standalone-formulas-configuration
- Improvements on "ansiblegate" module:
* New methods: ansible.targets / ansible.discover_playbooks
* General bugfixes
- Added:
* improvements-on-ansiblegate-module-354.patch
- Regression fix of salt-ssh on processing some targets
- Added:
* regression-fix-of-salt-ssh-on-processing-targets-353.patch
- Add support for Alibaba Cloud Linux 2 (Aliyun Linux)
- Added:
* add-alibaba-cloud-linux-2-by-backporting-upstream-s-.patch
- Update target fix for salt-ssh to process targets list (bsc#1179831)
- Added:
* update-target-fix-for-salt-ssh-to-process-targets-li.patch
- Add notify beacon for Debian/Ubuntu systems
- Add core grains support for AlmaLinux and Alibaba Could Linux
- Added:
* add-almalinux-and-alibaba-cloud-linux-to-the-os-fami.patch
* notify-beacon-for-debian-ubuntu-systems-347.patch
- Allow vendor change option with zypper
- Added:
* allow-vendor-change-option-with-zypper-313.patch
==== selinux-policy ====
Version update (20210309 -> 20210419)
Subpackages: selinux-policy-targeted
- Added Recommends for selinux-autorelabel (bsc#1181837)
- Prevent libreoffice fonts from changing types on every relabel
(bsc#1185265). Added fix_libraries.patch
- Transition unconfined users to ldconfig type (bsc#1183121).
Extended fix_unconfineduser.patch
- Update to version 20210419
- Refreshed:
* fix_dbus.patch
* fix_hadoop.patch
* fix_init.patch
* fix_unprivuser.patch
==== sg3_utils ====
Version update (1.45~815+5.6aa67ed -> 1.46)
- Update to version 1.46:
* sg_rep_pip: new utility: report provisioning initialization
pattern command
* sg_turs: estimated time-to-ready [spc6r03]
- add --delay=MS option
* sg_requests: substantial cleanup
* sg_vpd: add Format presets and Concurrent positioning ranges
- add hot-pluggable field in standard Inquiry [spc6r05]
- fix vendor struct opts_t alignment
* sg_inq: add hot-pluggable field in standard Inquiry
* sg_dd: --verify : separate category for miscompare errors
- --verify : oflag=coe continue on miscompares, counts them
- add cdl= operand for command duration limit indexes
- add oflag=nocreat and conv=nocreat : OFILE must exist
- add iflag=00, ff, random flags
- setup conditional auto rule for getrandom()
- add command timeout after comma in time= operand
* sg_get_elem_status: add ralwd bit sbc4r20a
* sg_write_x: add dld bits to write(32) [sbc4r19a]
* sg_rep_zones: print invalid write pointer LBA as -1 rather
than 16 "f"s
* sg_opcodes: improve handling of RWCDLP field
* sg_ses: use fan speed factor field for calculation [ses4r04]
- add --all (-a) option, same action as --join
* sg_compare_and_write: add examples section to its manpage
* sg_modes: document '-s' option (same as '-6')
* sg_sanitize + sg_format: when --verbose given once report
probable success; without --verbose 'no news is good news'
* sg_zone: add Remove element and modify zones command
* sg_raw: increase maximum data-in and data-out buffer size
from 64 KB to 1 MB
- fix --cmdfile= handling
- add --nvm option to send commands from the NVM command set
- add --cmdset option to bypass cdb heuristic
- add --scan= first_opcode,last_opcode
* sg_pt_freebsd: allow device names without leading /dev/
thus fix for regression introduced in rev 731 (ver: 1.43)
* sg_pt_solaris+sg_pt_osf1: fix problem with clear_scsi_pt_obj()
which needs to remember is_nvme and dev_fd values
* sg_lib: add ZBC (2020) feature set entries
* sg_lib: restore elements and rebuild command added
* sg_lib,sg_pt: add partial_clear_scsi_pt_obj(),
get_scsi_pt_cdb_len() and get_scsi_pt_cdb_buf()
- add do_nvm_pt() for the NVM (sub-)command set
- tweak transport error handling in Linux
* sg_lib: Linux NVMe SNTL: add read, write and verify;
synchronize cache and write same translations
- add dummy start stop unit and test unit ready commands
- wire cache mpage's WCE to nvme 'volatile write cache'
- fix crash in sg_f2hex_arr() when fname not found
* sg_lib: reprint cdb with illegal request sense key
- asc/ascq match asc-num.txt @t10 20200708 [spc6r02]
* gcc-10: suppress warnings
* autoconf: upgrade version 2.69 to 2.70
* remove space from end of source lines for git-svn
* testing/sg_mrq_testing: new, for blocking mrq usage
* testing/sgs_dd: add evfd flags and eventfd processing
* testing: remove master-slave terminology for sgv4
* examples: add nvme_read_ctl.hex and nvme_write_ctl.hex
==== shadow ====
- Do not require libeconf-devel on products without /usr/etc.
- Split login.defs configuration file into own sub-package, which
allows to install util-linux or pam on small embedded/edge
systems or container without the need to pull in the full shadow
suite.
- Amend patches/useradd-userkeleton.patch to also write into
existing directories and prefer files from /etc
- Add patch useradd-userkeleton.patch to extend original C code
of useradd to handle /usr/etc/skel (boo#1173321)
- Remove /usr/etc/skel support in useradd.local script
==== shim ====
Version update (15+git47 -> 15.4)
- Add shim-bsc1184454-allocate-mok-config-table-BS.patch to avoid
the error message during linux system boot (bsc#1184454)
- Add remove_build_id.patch to prevent the build id being added to
the binary. That can cause issues with the signature
- Update to 15.4 (bsc#1182057)
+ Rename the SBAT variable and fix the self-check of SBAT
+ sbat: add more dprint()
+ arm/aa64: Swizzle some sections to make old sbsign happier
+ arm/aa64 targets: put .rel* and .dyn* in .rodata
- Drop upstreamed patch:
+ shim-bsc1182057-sbat-variable-enhancement.patch
- Add shim-bsc1182057-sbat-variable-enhancement.patch to change
the SBAT variable name and enhance the handling of SBAT
(bsc#1182057)
- Update to 15.3 for SBAT support (bsc#1182057)
+ Drop gnu-efi from BuildRequires since upstream pull it into the
tar ball.
- Generate vender-specific SBAT metadata
+ Add dos2unix to BuildRequires since Makefile requires it for
vendor SBAT
- Update dbx-cert.tar.xz and vendor-dbx.bin to block the following
sign keys:
+ SLES-UEFI-SIGN-Certificate-2020-07.crt
+ openSUSE-UEFI-SIGN-Certificate-2020-07.crt
- Refresh patches
+ shim-arch-independent-names.patch
+ shim-change-debug-file-path.patch
+ shim-bsc1177315-verify-eku-codesign.patch
- Unified with shim-bsc1177315-fix-buffer-use-after-free.patch
- Drop upstreamed fixes
+ shim-correct-license-in-headers.patch
+ shim-always-mirror-mok-variables.patch
+ shim-bsc1175509-more-tpm-fixes.patch
+ shim-bsc1173411-only-check-efi-var-on-sb.patch
+ shim-fix-verify-eku.patch
+ gcc9-fix-warnings.patch
+ shim-fix-gnu-efi-3.0.11.patch
+ shim-bsc1177404-fix-a-use-of-strlen.patch
+ shim-do-not-write-string-literals.patch
+ shim-VLogError-Avoid-Null-pointer-dereferences.patch
+ shim-bsc1092000-fallback-menu.patch
+ shim-bsc1175509-tpm2-fixes.patch
+ shim-bsc1174512-correct-license-in-headers.patch
+ shim-bsc1182776-fix-crash-at-exit.patch
- Drop shim-opensuse-cert-prompt.patch
+ All newly released openSUSE kernels enable kernel lockdown
and signature verification, so there is no need to add the
prompt anymore.
==== snapper ====
Version update (0.8.16 -> 0.9.0)
Subpackages: libsnapper5
- fix build on 32 bit musl systems (gh#openSUSE/snapper#644)
- improved error handling (see gh#openSUSE/snapper#626)
- version 0.9.0
- move org.opensuse.Snapper.conf from /etc to /usr (bsc#1183398 and
gh#openSUSE/snapper#492)
- run boot.service iff root config exists (gh#openSUSE/snapper#630)
- avoid redundant quota rescans for same btrfs (see
gh#openSUSE/snapper#507)
- allow absolute sizes for SPACE_LIMIT and FREE_LIMIT
(gh#openSUSE/snapper#507)
==== sqlite3 ====
Version update (3.35.2 -> 3.35.5)
- SQLite3 3.35.5:
* Fix defects in the new ALTER TABLE DROP COLUMN feature that
could corrupt the database file
* Fix an obscure query optimizer problem that might cause an
incorrect query result
- Fix build on SLE-12
- use https urls
- SQLite 3.35.4:
* Fix a defect in the query planner optimization
* Fix a defect in the new RETURNING syntax
* Fix the new RETURNING feature so that it raises an error if one
of the terms in the RETURNING clause references a unknown
table, instead of silently ignoring that error
* Fix an assertion associated with aggregate function processing
that was incorrectly triggered by the push-down optimization
- SQLite 3.35.3:
* Enhance the OP_OpenDup opcode of the bytecode engine so that
it works even if the cursor being duplicated itself came from
OP_OpenDup
* When materializing correlated common table expressions, do so
separately for each use case, as that is required for
correctness. This fixes a problem that was introduced by the
MATERIALIZED hint enhancement.
* Fix a problem in the filename normalizer of the unix VFS
* Fix the "box" output mode in the CLI so that it works with
statements that returns one or more rows of zero columns
(such as PRAGMA incremental_vacuum)
* Improvements to error messages generated by faulty common
table expressions
* Fix some incorrect assert() statements
* Fix to the SELECT statement syntax diagram so that the FROM
clause syntax is shown correctly
* Fix the EBCDIC character classifier so that it understands
newlines as whitespace
* Improvements the xBestIndex method in the implementation of the
(unsupported) wholenumber virtual table extension so that it
does a better job of convincing the query planner to avoid
trying to materialize a table with an infinite number of rows
==== sssd ====
Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap
- Move sssctl command from sssd to sssd-tools package; (bsc#1184289);
- Add missing /var/lib/sss/pubconf/krb5.include.d directory (bsc#1184285).
- Make cifs-idmap plugin (cifs_idmap_sss.so) use update-alternatives
mechanism to be able to switch between cifs-utils and sssd;
(bsc#1182682).
==== sudo ====
Version update (1.9.5p2 -> 1.9.6p1)
- update to 1.9.6p1
* Fixed a regression introduced in sudo 1.9.6 that resulted in an
error message instead of a usage message when sudo is run with
no arguments.
* Fixed a sudo_sendlog compilation problem with the AIX xlC compiler.
* Fixed a regression introduced in sudo 1.9.4 where the
- -disable-root-mailer configure option had no effect.
* Added a --disable-leaks configure option that avoids some
memory leaks on exit that would otherwise occur. This is intended
to be used with development tools that measure memory leaks. It
is not safe to use in production at this time.
* Plugged some memory leaks identified by oss-fuzz and ASAN.
* Fixed the handling of sudoOptions for an LDAP sudoRole that
contains multiple sudoCommands. Previously, some of the options
would only be applied to the first sudoCommand.
* Fixed a potential out of bounds read in the parsing of NOTBEFORE
and NOTAFTER sudoers command options (and their LDAP equivalents).
* The parser used for reading I/O log JSON files is now more
resilient when processing invalid JSON.
* Fixed typos that prevented "make uninstall" from working.
* Fixed a regression introduced in sudo 1.9.4 where the last line
in a sudoers file might not have a terminating NUL character
added if no newline was present.
* Integrated oss-fuzz and LLVM's libFuzzer with sudo. The new
- -enable-fuzzer configure option can be combined with the
- -enable-sanitizer option to build sudo with fuzzing support.
Multiple fuzz targets are available for fuzzing different parts
of sudo. Fuzzers are built and tested via "make fuzz" or as part
of "make check" (even when sudo is not built with fuzzing support).
Fuzzing support currently requires the LLVM clang compiler (not gcc).
* Fixed the --enable-static-sudoers configure option.
* Fixed a potential out of bounds read sudo when is run by a user
with more groups than the value of "max_groups" in sudo.conf.
* Added an "admin_flag" sudoers option to make the use of the
~/.sudo_as_admin_successful file configurable on systems where
sudo is build with the --enable-admin-flag configure option.
This mostly affects Ubuntu and its derivatives.
* The "max_groups" setting in sudo.conf is now limited to 1024.
This setting is obsolete and should no longer be needed.
* Fixed a bug in the tilde expansion of "CHROOT=dir" and "CWD=dir"
sudoers command options. A path "~/foo" was expanded to
"/home/userfoo" instead of "/home/user/foo". This also affects
the runchroot and runcwd Defaults settings.
* Fixed a bug on systems without a native getdelim(3) function
where very long lines could cause parsing of the sudoers file
to end prematurely.
* Fixed a potential integer overflow when converting the
timestamp_timeout and passwd_timeout sudoers settings to a
timespec struct.
* The default for the "group_source" setting in sudo.conf is now
"dynamic" on macOS. Recent versions of macOS do not reliably
return all of a user's non-local groups via getgroups(2), even
when _DARWIN_UNLIMITED_GETGROUPS is defined.
* Fixed a potential use-after-free in the PAM conversation function.
* Fixed potential redefinition of sys/stat.h macros in sudo_compat.h.
==== suse-module-tools ====
Version update (15.3.5 -> 15.4.1)
- Update to version 15.4.1:
* dm-crypt requires essiv in SLE15 SP3 (boo#1183063 bsc#1184134 ltc#192244).
- Update to version 15.4.0:
* Enable f2fs (bsc#1184415)
==== systemd ====
Version update (246.11 -> 246.13)
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Import commit 14581e01203df7aa63c7c8383a12e6ebe258476f (merge of v246.13)
423b1e759c Revert "resolved: gracefully handle with packets with too large RR count" (bsc#1183745)
4723778738 meson.build: make xinitrcdir configurable (bsc#1183408)
[...]
For a complete list of changes, visit:
https://github.com/openSUSE/systemd/compare/9753d1c17545a5d46530696cb14254f…
- Drop 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch
as it's part of v246.13.
- Make use of the new build option to ship xinitrc in
/usr/etc/X11/xinit/xinitrc.d (bsc#1183408)
- Add 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch
Temporary workaround for bsc#1183745 (upstream issue 18917) until an
actual fix is found.
- Default to the "unified" cgroup hierarchy. At this point, most
users of cgroup (such as docker, libvirt, kubernetes) should be
ready for this change. It's still possible to switch back to the
old "hybrid" hierarchy by passing "systemd.unified_cgroup_hierarchy=0"
option to the kernel command line.
==== systemd-presets-common-SUSE ====
- Enable hcn-init.service for HNV on POWER (bsc#1184136 ltc#192155).
==== talloc ====
Version update (2.3.1 -> 2.3.2)
- Update to 2.3.2
==== tiff ====
Version update (4.2.0 -> 4.3.0)
- version update to 4.3.0
* Build and usage of the library and its utilities requires a C99
capable compiler.
* New optional codec for the LERC (Limited Error Raster Compression)
compression scheme. To have it available, configure libtiff against
the SDK available at https://github.com/esri/lerc
* Removal of unused, or now useless due to C99 availability,
functions in port/
* tiffcmp: fix comparaison with pixels that are
fractional number of bytes
* tiff2ps: exit the loop in case of error
* tiff2pdf: check that tiff_datasize fits in a signed tsize_t
==== toolbox ====
Version update (2.1+git20210311.15cb3ad -> 2.1+git20210329.d14ac82)
- Update to version 2.1+git20210329.d14ac82:
* Fix localtime and mount sys, e.g., for tracing
* Fix 'toolbox list' returning an error code even if working
==== u-boot-rpiarm64 ====
Version update (2021.01 -> 2021.04)
Subpackages: u-boot-rpiarm64-doc
Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.04
* Patches added:
0014-fs-btrfs-fix-the-false-alert-of-dec.patch - boo#1183717
Fix SMBIOS table entries (bsc#1183079)
Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.04
* Patches added:
0013-configs-rpi-Enable-SMBIOS-sysinfo-d.patch
- Add u-boot-zturnv5 flavour instead of u-boot-zturn.
I've failed to find anybody who has v4 zturn board.
- mx53loco now uses u-boot-dtb.imx instead of u-boot.imx
- Update to 2021.04
- Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2021.04
* Patches dropped:
0006-boo-1123170-Remove-ubifs-support-fr.patch
0007-boo-1144161-Remove-nand-mtd-spi-dfu.patch
0008-Kconfig-add-btrfs-to-distro-boot.patch
0009-configs-Re-sync-with-CONFIG_DISTRO_.patch
0010-configs-am335x_evm-disable-BTRFS.patch
0011-sunxi-dts-OrangePi-Zero-Add-SPI-ali.patch
0012-sunxi-dts-OrangePi-Zero-Enable-SPI-.patch
0013-sunxi-Enable-SPI-support-on-Orange-.patch
0014-Disable-CONFIG_CMD_BTRFS-in-xilinx_.patch
0015-rpi-Add-identifier-for-the-new-RPi4.patch
0016-rpi-Add-identifier-for-the-new-CM4.patch
0017-pci-pcie-brcmstb-Fix-inbound-window.patch
0018-dm-Introduce-xxx_get_dma_range.patch
0019-dm-test-Add-test-case-for-dev_get_d.patch
0020-dm-Introduce-DMA-constraints-into-t.patch
0021-dm-test-Add-test-case-for-dev-dma_o.patch
0022-dm-Introduce-dev_phys_to_bus-dev_bu.patch
0023-dm-test-Add-test-case-for-dev_phys_.patch
0024-xhci-translate-virtual-addresses-in.patch
0025-mmc-Introduce-mmc_phys_to_bus-mmc_b.patch
0026-configs-rpi4-Enable-DM_DMA-across-a.patch
0027-video-arm-rpi-Add-brcm-bcm2711-hdmi.patch
0028-usb-xhci-pci-Add-DM_FLAG_OS_PREPARE.patch
0029-pci-brcmstb-Cleanup-controller-stat.patch
0030-fs-btrfs-Select-SHA256-in-Kconfig.patch
0031-efi_loader-Avoid-emitting-efi_var_b.patch
0032-configs-BPI-R2-Disable-EFI-Grub-wor.patch
0033-configs-RPi2-Disable-EFI-Grub-worka.patch
0034-smbios-Fix-table-whit-no-string-is-.patch
* Patches added:
0006-Kconfig-add-btrfs-to-distro-boot.patch
0007-configs-Re-sync-with-CONFIG_DISTRO_.patch
0008-sunxi-dts-OrangePi-Zero-Add-SPI-ali.patch
0009-sunxi-dts-OrangePi-Zero-Enable-SPI-.patch
0010-sunxi-Enable-SPI-support-on-Orange-.patch
0011-Disable-CONFIG_CMD_BTRFS-in-xilinx_.patch
0012-smbios-Fix-table-when-no-string-is-.patch
==== vim ====
Version update (8.2.2607 -> 8.2.2800)
Subpackages: vim-data-common vim-small
- Updated to version 8.2.2800, fixes the following problems
* Vim9: message about compiling is wrong when using try/catch.
* Confusing error message with white space before comma in the arguments
of a function declaration.
* Function test fails.
* Special key names don't work if 'isident' is cleared.
* Vim9: wrong error message for referring to legacy script variable.
* Coverity complains about not restoring character.
* Prompt for s///c in Ex mode can be wrong.
* Detecting Lua version is not reliable.
* Vim9: cannot use legacy script-local var from :def function.
* Vim9: function reference found with prefix, not without.
* Vim9: for loop over string is a bit slow.
* Status line not updated when local 'statusline' option set.
* Extending a list with itself can give wrong result.
* Vim9: a lambda accepts too many arguments at the script level.
* Vim9: lambda with varargs doesn't work.
* Vim9: Partial call does not check right arguments.
* Vim9: when compiling a function fails it is cleared.
* Vim9: function state stuck when compiling with ":silent!".
* Vim9: no way to explicitly ignore an argument.
* Vim9: missing part of the argument change.
* Check for duplicate arguments does not work.
* Vim9: not always an error for too many function arguments.
* Vim9: memory leak when calling :def function fails.
* Vim9: test for error can be a bit flaky.
* Vim9: error for using underscore in nested function.
* Coverity warns for using NULL pointer.
* Vim9: cannot ignore an item in assignment unpack.
* :sleep! does not always hide the cursor.
* Vim9: no error for using a number in a condition.
* Vim9: blob index and slice not implemented yet.
* Vim9: blob tests for legacy and Vim9 script are separate.
* Vim9: wrong line number for autoload function with wrong name.
* Vim9: for loop infers type of loop variable.
* Vim9: no error for changing a for loop variable.
* Using "syn include" does not work properly.
* Vim9: function line truncated when compiling.
* Vim9: cannot use type in for loop unpack at script level.
* Memory leak when default function argument is allocated.
* Vim9: not all blob operations work.
* Test failure.
* Compiler warning for unused argument.
* Vim9: memory leak with blob range error.
* Modula-3 config files are not recognized.
* Vim9: type of loop variable is not used.
* Vim9: assignment not recognized if declaration was skipped.
* Problems when restoring 'runtimepath' from a session file.
* PSL filetype not recognized.
* Vim9: cannot import an existing name even when using "as".
* Vim9: wrong line number used for some commands.
* :mksession uses current value of 'splitbelow' and 'splitright' even though
"options" is not in 'sessionoptions'. (Maxim Kim)
* Vim9: blob operations not tested in all ways.
* Problem restoring 'packpath' in session.
* Memory access error in remove() for blob.
* Vim9: for loop over blob doesn't work.
* Add() silently skips when adding to null list or blob.
* Vim9: blob operations not fully tested.
* Duplicate code for setting byte in blob, blob test may fail.
* Vim9: cannot use \=expr in :substitute.
* Vim9: cannot redirect to local variable.
* Vim9: memory leak when using :s with expression.
* Raku is now the only name what once was called perl6.
* Vim9: using \=expr in :substitute does not handle jumps.
* filetype test fails
* Vim9: memory leak when using \=expr in :substitute.
* Vim9: :disas shows instructions for default args but no text.
* Linux users don't know how to get ncurses.
* Coverity warns for not using return value.
* Vim9: redir to variable does not accept an index.
* Search highlight disappears in the Visual area.
* Vim9: redir to variable with append does not accept an index.
* Vim9: type casts don't fully work at the script level.
* After a timer displays text a hit-enter prompt is given.
- Updated to version 8.2.2725, fixes the following problems
* strcharpart() cannot include composing characters.
* Character input not fully tested.
* Test disabled on MS-Windows even though it should work.
* Mouse click test fails when using remote connection.
* Conditions for startup tests are not exactly right.
* col('.') may get outdated column value.
* New test throws exception.
* Vim9: function is deleted while executing.
* Test is sourcing the wrong file.
* Vim9: if 'cpo' is changed in Vim9 script it may be restored.
* Vim9: script variable in a block scope not found by a nested function.
* Vim9: cannot use a normal list name to store function refs.
* Vim9: no test for return type of lambda.
* Vim9: Using #{ for a dictionary gives strange errors.
* typval2type() cannot handle recursive structures.
* GTK: error when starting up and -geometry is given. (Dominique Pellé)
* Some tests fail when run as root.
* Atom files not recognized.
* Rss files not recognized.
* GTK3: error when starting up and -geometry is given. (Dominique Pellé)
* No need to check for BSD after checking for not root.
* Vim9: #{ can still be used at the script level.
* Vim9: error for #{{ is not desired.
* Hard to see where a test gets stuck.
* Commands from winrestcmd() do not always work properly. (Leonid
V. Fedorenchik)
* Not all command line arguments are tested.
* Multi-byte 'fillchars' for folding do not show properly.
* 'tagfunc' does not indicate using a pattern.
* Vim9: cannot define an inline function.
* Memory leak when compiling inline function.
* prop_remove() causes a redraw even when nothing changed.
* Cannot write a message to the terminal from the GUI.
* Build failure when fsync() is not available.
* screenstring() returns non-existing composing characters.
* Display test fails because of lacking redraw.
* Vim9: no clear error for wrong inline function.
* Various code not covered by tests.
* prop_clear() causes a screen update even when nothing changed.
* Using inline function is not properly tested.
* Vim9: error for not using string doesn't mention argument.
* Terminal test sometimes hangs.
* Terminal resize test sometimes hangs.
* Vim9: some wincmd arguments cause a white space error.
* Vim9: command modifiers not handled in nested function.
* Vim9: restoring command modifiers happens after jump.
* Vim9: can use command modifier without an effect.
* Build failure.
* Vim9: getting a character from a string can be slow.
* The -w command line argument doesn't work.
* Some command line arguments and regexp errors not tested.
* Vim9: error message for declaring variable in for loop.
* :for cannot loop over a string.
* Eval test fails because for loop on string works.
* Vim9: no error for declaration with trailing text.
* Leaking memory when looping over a string.
* There is no way to avoid some escape sequences.
* Vim9: leaking memory when inline function has an error.
* Vim9: not enough function arguments checked for string.
* Test failures.
* Vim9: not enough function arguments checked for string.
* prop_find() cannot find item matching both id and type.
* Vim9: omitting "call" for "confirm()" does not give an error.
* Command line completion does not work after "vim9".
* Vim9: error for append(0, text).
* Error for line number in legacy script.
* Vim9: cannot use :lockvar and :unlockvar in compiled script.
* Vim9: script-local funcref can have lower case name.
* Directory change in a terminal window shell is not followed.
* Missing error message.
* Vim9: cannot use only some of the default arguments.
* Test for 'autoshelldir' does not reset the option.
* Winbar drawn over status line for non-current window with winbar if
frame is zero height. (Leonid V. Fedorenchik)
* Vim9: problem defining a script variable from legacy function.
* Vim9: test fails for redeclaring script variable.
* Vim9: cannot find Name.Func from "import * as Name". (Alexander Goussas)
* Build failure without the +eval feature.
* Not enough folding code is tested.
* Custom statusline not drawn correctly with WinBar.
* Status line is not updated when going to cmdline mode.
* Vim9: cannot use "const" for global variable in :def function.
* Vim9: crash when using s: for script variable.
* Tiny build fails.
* PowerShell files are not recognized.
* Autoconf may mess up compiler flags.
* Vim9: locked script variable can be changed.
* Vim9: locked script variable can be changed.
* When 'matchpairs' is empty every character beeps. (Marco Hinz)
* Cursor position reset with nested autocommands.
* Lua test fails with Lua 5.4.3 and later.
* Function list test fails.
* Lua test fails on MS-Windows.
* Lua test fails.
* Nested autocmd test fails sometimes.
* Order of removing FORTIFY_SOURCE is wrong.
* Compiler completion test fails when more scripts are added.
* Vim9: memory leak when failing on locked variable.
* Adding a lot of completions can be a bit slow.
* Vim9: misleading reported line number for wrong type.
* Vim9: wrong line number reported for boolean operator.
* Adding a lot of completions can still be a bit slow.
* Test sometimes fails waiting for shell in terminal.
* The GTK GUI has a gap next to the scrollbar.
* Vim9: not all tests cover script and :def function.
* "gj" in a closed fold does not move out of the fold. (Marco Hinz)
* Memory leak when adding to a blob fails.
* Folding code not sufficiently tested.
* Filetype pattern ending in star is too far up.
* Vim9: tests fail without the channel feature. (Dominique Pellé)
* The equivalent class regexp is missing some characters.
* GTK menu items don't show a tooltip.
* Vim9: no explicit test for using a global function without the g: prefix.
* Vim9: appending to dict item doesn't work in a :def function.
* GTK menu tooltip moves the cursor.
* Vim9: cannot have a linebreak inside a lambda.
* Vim9: crash when using LHS with double index.
* Assignment test fails.
* Vim9: concatenating to list in dict not tested.
* Vim9: message about compiling is wrong when using try/catch.
==== wpa_supplicant ====
- Add CVE-2021-30004.patch -- forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c
(bsc#1184348)
==== yast2 ====
Version update (4.3.60 -> 4.4.2)
- Add to yast2 mixin Yast2::SecretAttributes for hiding sensitive
information (bsc#1141017)
- 4.4.2
- The location given to the Y2Issue::Issue constructor can be a
string or a location object.
- Add a mechanism to report issues to the user (related to
bsc#1181295).
- 4.4.1
- Updated manual page ("man yast2") (bsc#1184681)
- 4.4.0
- Add a default value for file_path argument in ::new and ::load
methods of CFA::LoginDefs class.
==== zchunk ====
Version update (1.1.5 -> 1.1.9)
- Update to version 1.1.9
* Handle zstd 1.4.7+
* Update documentation
* unzck: require a *.zck extension
* General bug fixes
- Dropped upstream merged
d2eae512bee09a4047cfe586de12f644d73b0736.patch
- Add fix-test-argp.patch: Fix argp detection
1
0