openSUSE Kubic
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
March 2022
- 12 participants
- 75 discussions
Hi,
I have installed a fresh "Kubic Admin Node" in a VM using the latest
openSUSE-Kubic-DVD-x86_64-Snapshot20220320-Media.iso image.
Continuing with the instructions at
https://en.opensuse.org/Kubic:kubeadm
I run "kubeadm init", and it seems to work fine, so I continue with
setting up the network plugin
master:~ # mkdir .kube
master:~ # cp /etc/kubernetes/admin.conf .kube/config
master:~ # kubectl get nodes
NAME STATUS ROLES AGE VERSION
master NotReady control-plane,master 25m v1.23.4
master:~ # kubectl apply -f /usr/share/k8s-yaml/weave/weave.yaml
serviceaccount/weave-net created
clusterrole.rbac.authorization.k8s.io/weave-net created
clusterrolebinding.rbac.authorization.k8s.io/weave-net created
role.rbac.authorization.k8s.io/weave-net created
rolebinding.rbac.authorization.k8s.io/weave-net created
daemonset.apps/weave-net created
master:~ #
After this, it starts crash-looping, seemingly trying to start a pod
named kube-system_coredns.
In the following system log, the kubic admin VM starts up, and goes
through the steps listed above, after which the crash loop starts:
https://drive.google.com/file/d/1xzLrRfi6_7zpHrEOsI1fwLrioUiiCRdL/view?usp=…
Does anyone have an idea what's going on here?
Regards,
Olav
2
4
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
NetworkManager (1.36.0 -> 1.36.2)
busybox-links
cockpit
container-selinux (2.171.0 -> 2.180.0)
cri-o (1.22.0 -> 1.23.2)
cri-tools (1.22.0 -> 1.23.0)
dbus-1
grep
grub2
kernel-source (5.16.14 -> 5.16.15)
kubernetes (1.23.0 -> 1.23.4)
kubernetes1.22 (1.22.4 -> 1.22.7)
kubernetes1.23 (1.23.0 -> 1.23.4)
libepoxy (1.5.9 -> 1.5.10)
libnvme (1.0~6 -> 1.0~7)
librsvg (2.52.7 -> 2.52.8)
libsigc++2 (2.10.7 -> 2.10.8)
nvme-cli (2.0~6 -> 2.0~7)
openSUSE-build-key
p11-kit (0.23.22 -> 0.24.1)
protobuf
toolbox
=== Details ===
==== NetworkManager ====
Version update (1.36.0 -> 1.36.2)
Subpackages: libnm0
- Do not requires dhcp-client, NM is using its internal client
by default for a long time now.
- Convert iproute2 and iputils requires to recommends, they
should not be hard requires.
- Update to version 1.36.2:
+ When the list of plugins is not specified via "main.plugins" in
NetworkManager.conf and no build-time default is set with
"--with-config-plugins-default" configure argument, now all
known plugins found in the plugin directory are loaded (and the
built-in "keyfile" plugin is preferred over others).
+ Preserve external ports during checkpoint rollback.
+ Fix removal of ovsdb entry when an OVS interface goes away.
+ Fix DNS configuration for WWAN connections.
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-sed busybox-xz
- replace copy from buildroot's gzip with a reimplementation
that is not GPLv3 (jsc#PM-3301)
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- re-add suse-microos-branding.patch from GitHub
- add hide-docs.patch (bsc#1197003)
- make package compatible with OBS version (bsc#1197224):
* move branding images to distribution-logos-SLE package
* re-add dependency on distribution-logos
* remove branding patch and assets (suse-microos-branding.patch,
suse-microos-branding.tar.gz); moved to GitHub fork
* remove local __python3 macro
* apply SLE specific patches only on SLE
- add hide-pcp.patch to hide references to PCP (Performance
Co-Pilot) and metric collection (bsc#1195943). The cockpit-pcp
package is not included in SLE Micro 5.2 base and these parts
require it.
- change self-signed cert group from cockpit-wsintance to
cockpit-ws on upgrade
- update to new LTS version from openSUSE:Factory
- port remove-pwscore.patch
* remove dependency on pwscore (bsc#1182924)
* remove password strenth indicator
- port branding changes as suse-microos "theme"
* remove suse_cockpit_assets.tar.gz
* add suse-microos-branding.tar.gz
* remove branding_tests.patch
* add suse-microos-branding.patch
- remove files not needed to build this version anymore
* webpack-warnings-are-not-errors.patch
* github_package.patch
* nodejs_output_helper.bash
- remove cockpit.permissions workaround (bsc#1169614)
==== container-selinux ====
Version update (2.171.0 -> 2.180.0)
- Update to version 2.180.0
* Allow container domains to read/write kvm_device_t
* Update kublet mappings to inlcude /usr/local/*
* Allow container domains to use container runtime tcp and udp sockets
* Alow containers to use unix_stream_sockets leaked from container runtimes
* Allow userdomains to execute conmon_exec_t and use it as an entrypoint
* Allow conmon_exec_t as an entrypoint
* Add container_use_devices boolean to allow containers to use any device
* Add explicit range transition for conmon
* Add missing dbus class declaration into container_runtime_run()
* Remove lockdown allow rules
* Remove k3s fcontexts
* Allow container domains to be used by user roles
- Changed source url to allow for download via source service
==== cri-o ====
Version update (1.22.0 -> 1.23.2)
Subpackages: cri-o-kubeadm-criconfig
- Update to version 1.23.2:
* config/sysctl: fail if there is a + in the value
* Revert "config/sysctl: fail if there is a + in the value"
* bump to version 1.23.2
* config/sysctl: fail if there is a + in the value
* config/sysctls: validate against invalid spaces
* server: stop deleting pod from idIndex if already gone
* [1.23] ci: use kubernetes 1.23, cri-tools 1.23
* contrib/test/int/build/kubernetes: rm deprecated RunAsGroup
* hack/build-rpms.sh: fix yum-builddep failures
* image: use imageCache value for ImageStatus()
* oci: fix a leaked goroutine
* Reuse createContainerIO in CreateContainer
* Fix vm containers couldn't restore after CRI-O restart
* release-notes: add args for checksum fields
* Updated format
* Generate checksum files for artifacts
* bump to v1.23.1
* test: add test for skipped sysctls
* server: skip sysctls that would affect the host
* server: don't set memory swap when it's not enabled
* deep copy List{PodSandbox,Container} structs
* ci: use main branch for conmon
* server: fix race with kubelet
* Fix runtime panic on pod sandbox stats retrieval
* ci: use main version of runc
* openshift e2e: bump ci image
* server: fix a potential NULL-pointer dereference.
* pass the main mount point to fix crypto profiles binding
* test: update tests for allowed_devices
* config: add AllowedDevices option
* server: drop duplicate log message
* test: add test ensuring a stopped pod is restored
* sandbox stop: remove namespaces
* restore: handle removed namespaces
* Partially revert "restore: restore stop before managing namespace"
* restore: ensure containers are wiped on reboot
* use cmdrunner singleton
* conmonmgr: refactor for new CommandRunner
* cmdrunner: update mocks and add target to makefile
* config: prepend commands with taskset if InfraCtrCPUSet is configured
* cmdrunner: add tests for prepended commands
* cmdrunner: create singleton
* Use timeout for conmon cgroup move
* Fixed a problem where metricImagePullsBytesTotal was getting updated twice and on second call getting incorrect labels
* vendor: bump c/image to 5.17.0
* Add new metrics that match Prometheus best practices and reduce cardinality * add metrics with new names that match naming best practices * use _total for all counters * use base unit seconds, bytes * metrics that do not follow best practices have been marked deprecated, these can be removed in a future release, it is to ensure non-breaking change for couple of releases
* unit test: fix relative log test
* unit tests: update pinns path in case it isn't found in PATH
* test: skip target tests for userns
* test: add test for target namespace
* add support for target PID namespaces
* test: give testunit sudo
* oci: add managed pidns to container object
* pkg/container: take container namespace configuration
* nsmgrtest: take some namespace related test code
* nsmgr: add function to pin existing namespace
* nsmgr: take (and rename) NamespacePathFromProc
* pkg/sandbox: take config initialization
* Bump Kubernetes to v1.23.0
* set user.max_user_namespaces in case it's not
* lint: bump cyclo complexity
* gh-actions/contrib: setup sub{g,u}id
* docs: add tutorial for setting up user namespaces
* oci: put conmon in infra ctr cpuset if it is in the pod cgroup
* test: add tests for user namespace annotations
* test: move workload creation function to helpers
* cni manager: catch server shutdown
* server: notify user when network isn't ready yet
* stop using hardcoded "pod" const
* oci: always reap conmon zombies
* clarify some error messages
* Drop intermediate CRI types
* Relabel containerenv files
* Add minimum_mappable_(u|g)id settings
* Fix runtime panic on stats server shutdown
* restore: restore stop before managing namespace
* server: add {,List}SandboxStats
* server: refactor sandbox list
* server: use stats server to get container stats
* container server: use stats server
* stats: add stats server
* config: add StatsCollectionPeriod field
* cgmgr: move most of stats handling to cgmgr
* oci: make changes in preparation for moving stats functionality:
* server: stub {List,}PodSandboxStats
* server/cri: add PodSandboxStats support
* vendor: bump cri-api
* server/cri: refactor to make stats processing unified
* pkg/config: use iota
* Add go 1.17+ go:build tags
* Remove redundant build tags
* Add containerenv file to containers This file indicates that the current environment is inside a container environment. The same technique is used by podman and docker. The same file name/path as podman was used, as it is vendor agnostic.
* build(deps): bump github.com/containerd/containerd from 1.5.7 to 1.5.8
* config: merge runtime and workload allowed annotations
* Updates kubeadm.md: The cgroup property is removed in [kubeadm-config.v1beta3](https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta3/)
* build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
* Specify runtime table format in the error message
* build(deps): bump github.com/containerd/ttrpc from 1.0.2 to 1.1.0
* server: fix segfault when using cgroupv2
* gh-actions: add sed for kube e2e
* release-notes: update to main
* build(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0
* build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
* Bug 2012838: fix override storage options from storage.conf
* oci: fix deadlock in container stop code
* build(deps): bump google.golang.org/grpc from 1.41.0 to 1.42.0
* oci: always close chControl
* oci: make some channels buffered
* build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
* build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
* build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
* Add annotation that makes /sys/fs/cgroup writable
* Add support for CNI plugins v1.0.1
* bump(deps-opentelemetry)
* pin go.opentelemetry grpc/otelgrpc v0.25.0
* opentelemetry: add gRPC tracing
* build(deps): bump k8s.io/klog/v2 from 2.20.0 to 2.30.0
* build(deps): bump github.com/go-logr/logr from 1.1.0 to 1.2.0
* version: bump to 1.23.0
* build(deps): bump github.com/containers/podman/v3 from 3.3.1 to 3.4.1
* build(deps): bump github.com/containers/common from 0.43.2 to 0.46.0
* test: drop swap disable playbook
* server: add support for CRI unified field
* server: implement swap support
* server/cri: add support for 1.22 features
* test: bump cri-tools version
* scripts: pin cri-tools version
* server: reduce needless copying for sb.NamespaceOptions
* oci: refactor internal structure to use CRI type
* oci: use server CRI metadata type for containers
* sandbox: refactor internal structure to use CRI type
* sandbox: save createdAt as a int64
* build(deps): bump github.com/containerd/cgroups from 1.0.1 to 1.0.2
* build(deps): bump github.com/creack/pty from 1.1.16 to 1.1.17
* build(deps): bump github.com/Microsoft/go-winio from 0.5.0 to 0.5.1
* Bump Kubernetes to v1.22.2
* sandbox: use server CRI metadata type
* docs: emphasize deprecation notice
* update documentation for workloads
* add allowed annotations to workloads
* Log HTTP response writer message instead an error
* oci: use c/common signal parsing function
* Skip volume relabel for super privileged containers
* oci: chown stdin pipe to user in the container
* test: fix selinux test failures
* build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
* Fix runtime handler docs
* build(deps): bump github.com/containers/image/v5 from 5.15.2 to 5.16.1
* scripts: fix release branch forward script
* server: FilterDisallowedAnnotations of containers earlier
* server: conditionally relabel volumes given annotation
* build(deps): bump github.com/containers/storage from 1.36.0 to 1.37.0
* test: refactor allowed_annotation tests
* server: reduce args in addOCIBindMounts
* build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
* test: add label for openshift e2e in dockerfile
* build(deps): bump github.com/containerd/containerd from 1.5.5 to 1.5.7
* test: skip certificate check for downloading parallel
* Remove usge of deprecated apt-key in Ubuntu install
* Fix install.md links
* build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0
* use a more appropriate console with code block
* build(deps): bump k8s.io/api from 0.22.1 to 0.22.2
* build(deps): bump k8s.io/cri-api from 0.22.1 to 0.22.2
* build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0
* build(deps): bump github.com/creack/pty from 1.1.15 to 1.1.16
* build(deps): bump k8s.io/apimachinery from 0.22.1 to 0.22.2
* fix node e2e
* build(deps): bump github.com/intel/goresctrl from 0.1.0 to 0.2.0
* bump crio commit used by node e2e installer
* server: mount cgroup if hostNetwork
* server: use container level host network setting
* server: don't recalculate hostnet
* Fix typo in install.md
* Remove one of the explanations for `bind_mount_prefix` because it is duplicated.
* node e2e: keep infra container
* add unit test for the `server/sandbox_remove`.
* test: fix journald test for new conmon
* fix shfmt
* update `install.md` for debian and ubuntu
* build(deps): bump github.com/json-iterator/go from 1.1.11 to 1.1.12
* build(deps): bump k8s.io/client-go from 0.22.1 to 0.22.2
* fix shfmt
* server: set spec when dropping infra
* Update 'master' branch links to 'main'
* bumps pause image to 3.6
* server: don't wait forever on conmon cgroup move fail
* build(deps): bump github.com/containers/storage from 1.34.1 to 1.36.0
* Remove bashism in sh script
* Do not log if Intel RDT is not supported
* build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
* Fix cluster.yaml for kubectl create
* call cmd.Wait() in all cases we call Start()
* oci: call wait on conmon if cgroup move fails
* build(deps): bump github.com/go-logr/logr from 1.0.0 to 1.1.0
* Fix `crio_image_pulls_layer_size_` metrics docs
* Adapt to klog incompatible changes
* build(deps): bump k8s.io/klog/v2 from 2.10.0 to 2.20.0
* Add `--profile-cpu` and `--profile-mem` options
* build(deps): bump github.com/containers/podman/v3 from 3.3.0 to 3.3.1
* server: remove ineffective `updateLock`.
* Fix missing quantile in `latency_microseconds_total` metrics
* Update crio commit for node e2e
* build(deps): bump github.com/fsnotify/fsnotify from 1.4.9 to 1.5.1
* Bump runc binary to 1.0.2
* Switch to go1.17 for CI
* fix debian 10 build doc
* test/testdata/sandbox_config.json: fix the dns_config
* adds updating instructions to install.md
==== cri-tools ====
Version update (1.22.0 -> 1.23.0)
- Update to version 1.23.0:
* Bump docs to v1.23.0
* Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
* Bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
* Bump github.com/docker/docker
* Bump google.golang.org/grpc from 1.42.0 to 1.43.0
* 1.5.9
* Use same grpc max message size as Kubelet
* Add support for cri-dockerd
* Add support for specifying custom test container images.
* Fix cri-dockerd CI runs
* Fix Containerd main branch CI for Windows
* fix ci for dockershim-critest
* Update Windows images for ltsc2022
* images: use k8s-staging-test-infra/gcb-docker-gcloud
* Bump github.com/onsi/gomega from 1.16.0 to 1.17.0
* Refactor fish completion
* Rename bash and zsh completion functions
* Add zsh compinit tag
* Bump google.golang.org/grpc from 1.41.0 to 1.42.0
* Bump github.com/docker/docker
* Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
* Add release publishing workflow
* Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
* Add SHA512 sum for release files
* Bump github.com/docker/docker
* Bump google.golang.org/grpc from 1.40.0 to 1.41.0
* Bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0
* Bump k8s.io/api from 0.22.1 to 0.22.2
* Bump k8s.io/cri-api from 0.22.1 to 0.22.2
* Bump k8s.io/apimachinery from 0.22.1 to 0.22.2
* Bump k8s.io/client-go from 0.22.1 to 0.22.2
* Bump k8s.io/kubectl from 0.22.1 to 0.22.2
* Updates E2E test images registry
* Bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
* Switch to go1.17 for CI
* Bump github.com/opencontainers/runc from 1.0.1 to 1.0.2
* Added dropping/adding `ALL` capabilities case to critest
* Bump github.com/onsi/gomega from 1.15.0 to 1.16.0
* Bump k8s.io/cri-api from 0.22.0 to 0.22.1
* Bump k8s.io/client-go from 0.22.0 to 0.22.1
* Bump k8s.io/api from 0.22.0 to 0.22.1
* Bump k8s.io/apimachinery from 0.22.0 to 0.22.1
* Bump k8s.io/kubectl from 0.22.0 to 0.22.1
* Bump google.golang.org/grpc from 1.39.1 to 1.40.0
* Bump github.com/onsi/gomega from 1.14.0 to 1.15.0
* Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
* Bump google.golang.org/grpc from 1.39.0 to 1.39.1
==== dbus-1 ====
Subpackages: libdbus-1-3
- Drop use of %{with libalternatives}, there's no such bcond defined
and in many other places it's not optional anyway (boo#1197258)
==== grep ====
- Make profiling deterministic (bsc#1040589)
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix duplicated insmod part_gpt lines in grub.cfg (bsc#1197186)
* 0001-grub-probe-Deduplicate-probed-partmap-output.patch
- Fix GCC 12 build failure (bsc#1196546)
* 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch
* 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch
* 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch
- Revised
* grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
* 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch
==== kernel-source ====
Version update (5.16.14 -> 5.16.15)
- Linux 5.16.15 (bsc#1012628).
- arm64: dts: qcom: sm8350: Describe GCC dependency clocks
(bsc#1012628).
- arm64: dts: qcom: sm8350: Correct UFS symbol clocks
(bsc#1012628).
- HID: elo: Revert USB reference counting (bsc#1012628).
- HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts
(bsc#1012628).
- ARM: boot: dts: bcm2711: Fix HVS register range (bsc#1012628).
- clk: qcom: gdsc: Add support to update GDSC transition delay
(bsc#1012628).
- clk: qcom: dispcc: Update the transition delay for MDSS GDSC
(bsc#1012628).
- soc: mediatek: mt8192-mmsys: Fix dither to dsi0 path's input
sel (bsc#1012628).
- HID: vivaldi: fix sysfs attributes leak (bsc#1012628).
- HID: nintendo: check the return value of alloc_workqueue()
(bsc#1012628).
- arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias
(bsc#1012628).
- tipc: fix kernel panic when enabling bearer (bsc#1012628).
- vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET
command (bsc#1012628).
- vduse: Fix returning wrong type in vduse_domain_alloc_iova()
(bsc#1012628).
- net: phy: meson-gxl: fix interrupt handling in forced mode
(bsc#1012628).
- mISDN: Fix memory leak in dsp_pipeline_build() (bsc#1012628).
- vhost: fix hung thread due to erroneous iotlb entries
(bsc#1012628).
- virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg
is zero (bsc#1012628).
- virtio-blk: Remove BUG_ON() in virtio_queue_rq() (bsc#1012628).
- vdpa: fix use-after-free on vp_vdpa_remove (bsc#1012628).
- isdn: hfcpci: check the return value of dma_set_mask() in
setup_hw() (bsc#1012628).
- net: qlogic: check the return value of dma_alloc_coherent()
in qed_vf_hw_prepare() (bsc#1012628).
- esp: Fix BEET mode inter address family tunneling on GSO
(bsc#1012628).
- net: gro: move skb_gro_receive_list to udp_offload.c
(bsc#1012628).
- qed: return status of qed_iov_get_link (bsc#1012628).
- smsc95xx: Ignore -ENODEV errors when device is unplugged
(bsc#1012628).
- gpiolib: acpi: Convert ACPI value of debounce to microseconds
(bsc#1012628).
- drm/i915/psr: Set "SF Partial Frame Enable" also on full update
(bsc#1012628).
- drm/sun4i: mixer: Fix P010 and P210 format numbers
(bsc#1012628).
- net: dsa: mt7530: fix incorrect test in
mt753x_phylink_validate() (bsc#1012628).
- ARM: dts: aspeed: Fix AST2600 quad spi group (bsc#1012628).
- iavf: Fix handling of vlan strip virtual channel messages
(bsc#1012628).
- i40e: stop disabling VFs due to PF error responses
(bsc#1012628).
- ice: stop disabling VFs due to PF error responses (bsc#1012628).
- ice: Fix error with handling of bonding MTU (bsc#1012628).
- ice: Don't use GFP_KERNEL in atomic context (bsc#1012628).
- ice: Fix curr_link_speed advertised speed (bsc#1012628).
- ethernet: Fix error handling in xemaclite_of_probe
(bsc#1012628).
- tipc: fix incorrect order of state message data sanity check
(bsc#1012628).
- net: ethernet: ti: cpts: Handle error for clk_enable
(bsc#1012628).
- net: ethernet: lpc_eth: Handle error for clk_enable
(bsc#1012628).
- net: marvell: prestera: Add missing of_node_put() in
prestera_switch_set_base_mac_addr (bsc#1012628).
- ax25: Fix NULL pointer dereference in ax25_kill_by_device
(bsc#1012628).
- net/mlx5: Fix size field in bufferx_reg struct (bsc#1012628).
- net/mlx5: Fix a race on command flush flow (bsc#1012628).
- net/mlx5e: Lag, Only handle events from highest priority
multipath entry (bsc#1012628).
- net/mlx5e: SHAMPO, reduce TIR indication (bsc#1012628).
- NFC: port100: fix use-after-free in port100_send_complete
(bsc#1012628).
- selftests: pmtu.sh: Kill tcpdump processes launched by subshell
(bsc#1012628).
- selftests: pmtu.sh: Kill nettest processes launched in subshell
(bsc#1012628).
- gpio: ts4900: Do not set DAT and OE together (bsc#1012628).
- mm: gup: make fault_in_safe_writeable() use fixup_user_fault()
(bsc#1012628).
- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
(bsc#1012628).
- net: phy: DP83822: clear MISR2 register to disable interrupts
(bsc#1012628).
- sctp: fix kernel-infoleak for SCTP sockets (bsc#1012628).
- net: arc_emac: Fix use after free in arc_mdio_probe()
(bsc#1012628).
- net: bcmgenet: Don't claim WOL when its not available
(bsc#1012628).
- net: phy: meson-gxl: improve link-up behavior (bsc#1012628).
- selftests/bpf: Add test for bpf_timer overwriting crash
(bsc#1012628).
- swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1012628).
- usb: dwc3: pci: add support for the Intel Raptor Lake-S
(bsc#1012628).
- pinctrl: tigerlake: Revert "Add Alder Lake-M ACPI ID"
(bsc#1012628).
- KVM: Fix lockdep false negative during host resume
(bsc#1012628).
- kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always
catchup mode (bsc#1012628).
- spi: rockchip: Fix error in getting num-cs property
(bsc#1012628).
- spi: rockchip: terminate dma transmission when slave abort
(bsc#1012628).
- drm/vc4: hdmi: Unregister codec device on unbind (bsc#1012628).
- of/fdt: move elfcorehdr reservation early for crash dump kernel
(bsc#1012628).
- x86/kvm: Don't use pv tlb/ipi/sched_yield if on 1 vCPU
(bsc#1012628).
- drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
(bsc#1012628).
- net-sysfs: add check for netdevice being present to speed_show
(bsc#1012628).
- hwmon: (pmbus) Clear pmbus fault/warning bits after read
(bsc#1012628).
- nvme-tcp: send H2CData PDUs based on MAXH2CDATA (bsc#1012628).
- PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken
(bsc#1012628).
- gpio: Return EPROBE_DEFER if gc->to_irq is NULL (bsc#1012628).
- drm/amdgpu: bypass tiling flag check in virtual display case
(v2) (bsc#1012628).
- Revert "xen-netback: remove 'hotplug-status' once it has served
its purpose" (bsc#1012628).
- Revert "xen-netback: Check for hotplug-status existence before
watching" (bsc#1012628).
- ipv6: prevent a possible race condition with lifetimes
(bsc#1012628).
- tracing: Ensure trace buffer is at least 4096 bytes large
(bsc#1012628).
- tracing/osnoise: Make osnoise_main to sleep for microseconds
(bsc#1012628).
- tracing: Fix selftest config check for function graph start
up test (bsc#1012628).
- selftest/vm: fix map_fixed_noreplace test failure (bsc#1012628).
- selftests/memfd: clean up mapping in mfd_fail_write
(bsc#1012628).
- ARM: Spectre-BHB: provide empty stub for non-config
(bsc#1012628).
- fuse: fix fileattr op failure (bsc#1012628).
- fuse: fix pipe buffer lifetime for direct_io (bsc#1012628).
- staging: rtl8723bs: Fix access-point mode deadlock
(bsc#1012628).
- staging: gdm724x: fix use after free in gdm_lte_rx()
(bsc#1012628).
- net: macb: Fix lost RX packet wakeup race in NAPI receive
(bsc#1012628).
- riscv: alternative only works on !XIP_KERNEL (bsc#1012628).
- mmc: meson: Fix usage of meson_mmc_post_req() (bsc#1012628).
- riscv: Fix auipc+jalr relocation range checks (bsc#1012628).
- tracing/osnoise: Force quiescent states while tracing
(bsc#1012628).
- tracing/osnoise: Do not unregister events twice (bsc#1012628).
- arm64: dts: marvell: armada-37xx: Remap IO space to bus address
0x0 (bsc#1012628).
- arm64: Ensure execute-only permissions are not allowed without
EPAN (bsc#1012628).
- arm64: kasan: fix include error in MTE functions (bsc#1012628).
- swiotlb: rework "fix info leak with DMA_FROM_DEVICE"
(bsc#1012628).
- virtio: unexport virtio_finalize_features (bsc#1012628).
- virtio: acknowledge all features before access (bsc#1012628).
- net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE
(bsc#1012628).
- ARM: fix Thumb2 regression with Spectre BHB (bsc#1012628).
- watch_queue: Fix filter limit check (bsc#1012628).
- watch_queue, pipe: Free watchqueue state after clearing pipe
ring (bsc#1012628).
- watch_queue: Fix to release page in ->release() (bsc#1012628).
- watch_queue: Fix to always request a pow-of-2 pipe ring size
(bsc#1012628).
- watch_queue: Fix the alloc bitmap size to reflect notes
allocated (bsc#1012628).
- watch_queue: Free the alloc bitmap when the watch_queue is
torn down (bsc#1012628).
- watch_queue: Fix lack of barrier/sync/lock between post and read
(bsc#1012628).
- watch_queue: Make comment about setting ->defunct more accurate
(bsc#1012628).
- x86/boot: Fix memremap of setup_indirect structures
(bsc#1012628).
- x86/boot: Add setup_indirect support in
early_memremap_is_setup_data() (bsc#1012628).
- x86/module: Fix the paravirt vs alternative order (bsc#1012628).
- x86/sgx: Free backing memory after faulting the enclave page
(bsc#1012628).
- x86/traps: Mark do_int3() NOKPROBE_SYMBOL (bsc#1012628).
- drm/panel: Select DRM_DP_HELPER for DRM_PANEL_EDP (bsc#1012628).
- perf parse: Fix event parser error for hybrid systems
(bsc#1012628).
- btrfs: make send work with concurrent block group relocation
(bsc#1012628).
- riscv: dts: k210: fix broken IRQs on hart1 (bsc#1012628).
- vhost: allow batching hint without size (bsc#1012628).
- commit 2bd8d63
- config: enable XFS_RT (bsc#1197190)
- commit d8f0e40
- esp: Fix possible buffer overflow in ESP transformation
(CVE-2022-0886 bsc#1197131).
- commit f5ed8a3
==== kubernetes ====
Version update (1.23.0 -> 1.23.4)
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet
- Bump kubernetes-* to 1.23.4, *-minus1 to 1.22.7
==== kubernetes1.22 ====
Version update (1.22.4 -> 1.22.7)
- Update to version 1.22.7:
* Update Go to 1.16.14
* add namespace in azurefile volumeid
* fix: azurefile volumeid conflict in csi migration
* Execute sync before taking the snapshot
* Mark device as uncertain if unmount device succeeds
* Set max results if its not set
* Update CHANGELOG/CHANGELOG-1.22.md for v1.22.6
* Update k/utils to v0.0.0-20211116205334-6203023598ed
* [go] update to Go 1.16.13
* Enabling kube-proxy metrics on windows kernel mode
* fix: ignore the case when comparing azure tags in service annotation
* fix: remove outdated ipv4 route when the corresponding node is deleted
* fix: delete non existing disk issue
* fix containers order after applying
* generated: ./hack/update-vendor.sh
* upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1
* fix: azuredisk parameter lowercase translation issue
* fix: do not delete the lb that does not exist
* removed unnecessary log line
* Fix header mutation race in timeout filter
* use node informer to check volumes attachment status before backoff
* When volume is not marked in-use, do not backoff
* kubeadm: remove the restriction that the ca.crt can only contain one certificate
* flake fix: remove the error handler for cronjob integration test
* vendor: bump cAdvisor to v0.39.3
* Fix the leak of vSphere client sessions
* fix nil pointer in create secret commands
* client-go: Clear the ResourceVersionMatch on paged list calls
* Update GCE manifest to use konnectivity 0.0.27
* Update to apiserver-network-proxy v0.0.27
* add gce loadbalancer no-op finalizer and existingFwdRule tests
* disable gce service handling if has rbs forwarding rule
* add ELBRbsFinalizer
* add gce elb rbs opt-in annotation
* Improving performance of EndpointSlice controller metrics cache
* fix the error when cleaning up jobs for cronjob
* Update CHANGELOG/CHANGELOG-1.22.md for v1.22.5
* Add test to confirm containers won't start
* Check for failed sandbox and failed workload containers
* mount-utils: Detect potential stale file handle
* [go1.16] Update to go1.16.12
* Skip creating HNS loadbalancer with empty endpoints
* dependencies: Update golang.org/x/net to v0.0.0-20211209124913-491a49abca63
* kubeadm: avoid requiring a CA key during kubeconfig expiration checks
* kubeadm: print the CA of kubeconfig files in "check expiration"
* kubeadm: validate local etcd certficates during expiration checks
* kubelet: set failed phase during graceful shutdown
* [go1.16] Update to go1.16.11
* fix: ignore the case when updating tags
* Ensure deletion of pods in queues and cache
* kubelet: Rejected pods should be filtered from admission
* kube-scheduler: Increase the duration to expire an assumed pod
* Skip check for all topology labels when using system default spreading
* workqueue: fix leak in queue preventing objects from being GCed
* Fix workqueue memory leak
* Ignore 'wait: no child processes' error when calling mount/umount
* Reduce calls to docker from dockershim for stats
* Update CHANGELOG/CHANGELOG-1.22.md for v1.22.4
* Add warning about using unsupported CRON_TZ
* Fix flake caused by sampling signal counter too early.
* Ensure there is one running static pod with the same full name
* NodeConformance: Respect grace period when updating static pod
* Fix concurrent map writes error in kube-apiserver
* e2e: node: release-1.22: backport findKubeletServiceName
* node: e2e: add test for the checkpoint recovery
* devicemanager: checkpoint: support pre-1.20 data
* fix: remove VMSS and VMSS instances from SLB backend pool only when necessary
* fix: leave the probe path empty for TCP probes
* fix: skip instance not found when decoupling vmss from lb
==== kubernetes1.23 ====
Version update (1.23.0 -> 1.23.4)
Subpackages: kubernetes1.23-client kubernetes1.23-client-common kubernetes1.23-kubeadm kubernetes1.23-kubelet kubernetes1.23-kubelet-common
- Update to version 1.23.4:
* Update Go to 1.17.7
* Use serializable struct for x-kubernetes-validations in openapi
* Make JSON schema round tripping test more strict
* ignore CRI PodSandboxNetworkStatus for host network pods
* set secondary address on host-network pods
* Deeply copy JSONSchemaProps.XValidations.
* Ensure the execHostnameTest() compares hostnames
* Revert "Fix comparison between FQDN and hostname"
* service REST: Call Decorator(old) on update path
* add namespace in azurefile volumeid
* fix: azurefile volumeid conflict in csi migration
* Mark device as uncertain if unmount device succeeds
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.3
* kubelet: fix podstatus not containing pod full name
* Fix bug with node restriction blocking pvc.status.resizestatus change
* Fix regression pruning array fields with x-kubernetes-preserve-unknown-fields: true
* Set max results if its not set
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.2
* Update k/utils to v0.0.0-20211116205334-6203023598ed
* [go] update to Go 1.17.6
* fix: remove outdated ipv4 route when the corresponding node is deleted
* fix: delete non existing disk issue
* Revert "Automated cherry pick of #107554: Correct the feature gate string for RBD migration."
* fix containers order after applying
* generated: ./hack/update-vendor.sh
* upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1
* Execute sync before taking the snapshot
* Correct the feature gate string for RBD migration.
* fix: azuredisk parameter lowercase translation issue
* removed unnecessary log line
* kubectl: add integration test for result reporting
* cli: let kubectl handle error printing
* cli: avoid logging command line errors in more cases
* Fix header mutation race in timeout filter
* clear pod's .status.nominatedNodeName when necessary
* use node informer to check volumes attachment status before backoff
* When volume is not marked in-use, do not backoff
* kubeadm: remove the restriction that the ca.crt can only contain one certificate
* flake fix: remove the error handler for cronjob integration test
* Fix the leak of vSphere client sessions
* fix nil pointer in create secret commands
* Fix order of commands in the snapshot tests for persistent volumes
* client-go: Clear the ResourceVersionMatch on paged list calls
* Improving performance of EndpointSlice controller metrics cache
* fix the error when cleaning up jobs for cronjob
* Update CHANGELOG to add missing release notes.
* apf: ensure exempt request notes the classification
* Enabling kube-proxy metrics on windows kernel mode
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.1
* add gce loadbalancer no-op finalizer and existingFwdRule tests
* disable gce service handling if has rbs forwarding rule
* add ELBRbsFinalizer
* add gce elb rbs opt-in annotation
* cherry pick of knp 0.0.27
* Remove JSON logging performance regression
* Re-introduce removed kubectl --dry-run values.
* Point flowcontrol users at v1beta2
* [go1.17] Update to go1.17.5
* dependencies: Update golang.org/x/net to v0.0.0-20211209124913-491a49abca63
* mount-utils: Detect potential stale file handle
* Skip creating HNS loadbalancer with empty endpoints
* Add regression test for CPUManager distribute NUMA algorithm
* Add unit test for CPUManager distribute NUMA algorithm verifying fixes
* Fix accounting bug in CPUManager distribute NUMA policy
* Fix error handling in CPUManager distribute NUMA tests
* Add a sum() helper to the CPUManager cpuassignment logic
* Allow the map.Values() function in the CPUManager to take a set of keys
* Fix CPUManager algo to calculate min NUMA nodes needed for distribution
* Fix unit tests following bug fix in CPUManager for map functions (2/2)
* Fix unit tests following bug fix in CPUManager for map functions (1/2)
* Fix bug in CPUManager map.Keys() and map.Values() implementations
* Ensure we balance across *all* NUMA nodes in NUMA distribution algo
* Short-circuit CPUManager distribute NUMA algo for unusable cpuGroupSize
* Round the CPUManager mean and stddev calculations to the nearest 1000th
* updated deprecation messages from 1.23 to 1.24
* kubelet: set failed phase during graceful shutdown
* kubeadm: avoid requiring a CA key during kubeconfig expiration checks
* kubeadm: print the CA of kubeconfig files in "check expiration"
* kubeadm: validate local etcd certficates during expiration checks
* publishing-bot/doc: add component-helpers to the readme
* publishing-bot/rules: remove non existing component-helpers branch 1.19 from the rules
* Changelog: mention kube-scheduler bits deprication
* rbd: initialize ceph monitors slice with an empty value.
* Direct v2betaX users to migrate to HPA v2
* DelegateFSGroupToCSIDriver e2e: skip tests with chgrp
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.0
* [go1.17] Update to go1.17.4
==== libepoxy ====
Version update (1.5.9 -> 1.5.10)
- Update to version 1.5.10:
+ Fix for building with MSVC on non-English locale.
+ Fix build on Android.
+ Add the right include paths for EGL and X11 headers.
- Upstream tarball url changed, probably by mistake, so leave old
url in place, but disabled.
==== libnvme ====
Version update (1.0~6 -> 1.0~7)
- Update to version 1.0-rc7:
* linux: fixup log page offset in nvme_get_log_page()
* tree: Add support for default trsvcid for all controllers (bsc#1195858)
* tree: fixup coredump during nvme discover
==== librsvg ====
Version update (2.52.7 -> 2.52.8)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2
- Update to version 2.52.8:
+ Catch circular references when rendering patterns
(glgo#GNOME/librsvg#721).
==== libsigc++2 ====
Version update (2.10.7 -> 2.10.8)
- Update to version 2.10.8:
+ Build:
- Meson build: Perl is not required by new versions of
mm-common
- NMake Makefiles: Support building with VS2022
+ Documentation: Upgrade the manual from DocBook 4.1 to DocBook
5.0
==== nvme-cli ====
Version update (2.0~6 -> 2.0~7)
- Update to version 2.0-rc7:
* netapp-nvme: fix smdevices segfault in json output (bsc#1195937)
* fabrics: keep the backward compatibility
* nvme: Do not slash escape strings in JSON output (bsc#1195937)
* nvme: Print full device path
* nvme-print: Make JSON keys consistent with nvme-cli 1.x
* nvme-print: print generic device in list command
* fabrics: check for discovery controller instead of subsystem NQN (bsc#1197061)
* connect: Set errno to zero on nvmf_add_ctrl() success
* documenation updates
- Set path to systemctl via newly introduced config option
- Update 0100-harden_nvmf-connect@.service.patch due to upstream file rename
- Moved bash completion script to /usr/share/bash-completion/completions/nvme
==== openSUSE-build-key ====
- gpg-pubkey-307e3d54-5aaa90a5.asc: remove the RSA 1024bit SLE11 key
and try to remove it from installed systems via Obsoletes.
==== p11-kit ====
Version update (0.23.22 -> 0.24.1)
Subpackages: libp11-kit0 p11-kit-tools
- make sure p11-kit components have matching versions (boo#1196812)
- Update to version 0.24.1:
* rpc: Support protocol version negotiation.
* proxy: Support copying attribute array recursively.
* Link libp11-kit so that it cannot unload.
* Translation improvements.
* Build fixes.
- Update to version 0.24.0:
* Use inclusive language on certificate distrust. Note: This
changes the directory and attribute names to distrust certain
CAs to "blocklist".
* Fix issues spotted by coverity and ASan.
* Integrate gettext with tools more tightly.
* rpc: Forbid use of array of attributes.
* Build fixes.
- Change dirs from blacklist to blocklist ref upstream changes.
==== protobuf ====
- Change Requires: zlib-devel to pkgconfig(zlib) so as not to conflict with libz-ng-compat1.
==== toolbox ====
- adjusted the patch to the toolbox container in registry
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
NetworkManager (1.36.0 -> 1.36.2)
bash-completion
busybox-links
cockpit
container-selinux (2.171.0 -> 2.180.0)
dbus-1
dbus-1-x11
flatpak (1.12.6 -> 1.12.7)
fwupd-efi (1.1 -> 1.2)
gnome-control-center
gnome-software (41.4 -> 41.5)
grep
grub2
kernel-source (5.16.14 -> 5.16.15)
libepoxy (1.5.9 -> 1.5.10)
libgnomesu (2.0.6 -> 2.0.7)
libnvme (1.0~6 -> 1.0~7)
librsvg (2.52.7 -> 2.52.8)
libsigc++2 (2.10.7 -> 2.10.8)
mobile-broadband-provider-info (20210805 -> 20220315)
nvme-cli (2.0~6 -> 2.0~7)
openSUSE-build-key
p11-kit (0.23.22 -> 0.24.1)
protobuf
toolbox
wavpack
xdg-desktop-portal (1.12.1 -> 1.14.0)
=== Details ===
==== NetworkManager ====
Version update (1.36.0 -> 1.36.2)
Subpackages: libnm0 typelib-1_0-NM-1_0
- Do not requires dhcp-client, NM is using its internal client
by default for a long time now.
- Convert iproute2 and iputils requires to recommends, they
should not be hard requires.
- Update to version 1.36.2:
+ When the list of plugins is not specified via "main.plugins" in
NetworkManager.conf and no build-time default is set with
"--with-config-plugins-default" configure argument, now all
known plugins found in the plugin directory are loaded (and the
built-in "keyfile" plugin is preferred over others).
+ Preserve external ports during checkpoint rollback.
+ Fix removal of ovsdb entry when an OVS interface goes away.
+ Fix DNS configuration for WWAN connections.
==== bash-completion ====
- remove PS1-completion-boo903362.patch as it breaks on non-bash
shells and the original problem in
bsc#903362#c9 does not occur anymore
- add versioned dependency to bash versions that have the fix
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-sed busybox-xz
- replace copy from buildroot's gzip with a reimplementation
that is not GPLv3 (jsc#PM-3301)
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- re-add suse-microos-branding.patch from GitHub
- add hide-docs.patch (bsc#1197003)
- make package compatible with OBS version (bsc#1197224):
* move branding images to distribution-logos-SLE package
* re-add dependency on distribution-logos
* remove branding patch and assets (suse-microos-branding.patch,
suse-microos-branding.tar.gz); moved to GitHub fork
* remove local __python3 macro
* apply SLE specific patches only on SLE
- add hide-pcp.patch to hide references to PCP (Performance
Co-Pilot) and metric collection (bsc#1195943). The cockpit-pcp
package is not included in SLE Micro 5.2 base and these parts
require it.
- change self-signed cert group from cockpit-wsintance to
cockpit-ws on upgrade
- update to new LTS version from openSUSE:Factory
- port remove-pwscore.patch
* remove dependency on pwscore (bsc#1182924)
* remove password strenth indicator
- port branding changes as suse-microos "theme"
* remove suse_cockpit_assets.tar.gz
* add suse-microos-branding.tar.gz
* remove branding_tests.patch
* add suse-microos-branding.patch
- remove files not needed to build this version anymore
* webpack-warnings-are-not-errors.patch
* github_package.patch
* nodejs_output_helper.bash
- remove cockpit.permissions workaround (bsc#1169614)
==== container-selinux ====
Version update (2.171.0 -> 2.180.0)
- Update to version 2.180.0
* Allow container domains to read/write kvm_device_t
* Update kublet mappings to inlcude /usr/local/*
* Allow container domains to use container runtime tcp and udp sockets
* Alow containers to use unix_stream_sockets leaked from container runtimes
* Allow userdomains to execute conmon_exec_t and use it as an entrypoint
* Allow conmon_exec_t as an entrypoint
* Add container_use_devices boolean to allow containers to use any device
* Add explicit range transition for conmon
* Add missing dbus class declaration into container_runtime_run()
* Remove lockdown allow rules
* Remove k3s fcontexts
* Allow container domains to be used by user roles
- Changed source url to allow for download via source service
==== dbus-1 ====
Subpackages: libdbus-1-3
- Drop use of %{with libalternatives}, there's no such bcond defined
and in many other places it's not optional anyway (boo#1197258)
==== dbus-1-x11 ====
- Use --with-x=auto to actually enable X11 integration (boo#1197258,
workaround https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/263)
==== flatpak ====
Version update (1.12.6 -> 1.12.7)
Subpackages: libflatpak0 system-user-flatpak
- Update to version 1.12.7:
+ allow networked access to X11 and PulseAudio services if that
is configured, and the application has network access
+ Absolute paths in WAYLAND_DISPLAY now work
+ Allow apps that were built with Flatpak 1.13.x to export
AppStream metadata in share/metainfo
+ Most commands now work if /var/lib/flatpak exists but
/var/lib/flatpak/repo does not, and will automatically populate
the repo directory if possible
+ Consistently pass relative subpaths to libostree, working
around a bug in libostree < 2021.6 when used with GLib >= 2.71
+ Fix some memory leaks in GVariant data processing
==== fwupd-efi ====
Version update (1.1 -> 1.2)
- Update to version 1.2:
* Release fwupd-efi 1.2
* meson: use stadard objcopy binary
* meson: use find_program() to find the helper scripts we run
* meson: using local copy ldscript when local copy crt0 be used for SBAT
* sbat: clarify project URL
* trivial: Ignore some markdown issues
* Wait 5 seconds to reboot on errors
* Port pre-commit clang-format, codespell, markdownlint from fwupd
* trivial: fixup python errors by codacity/precommit
* trivial: fixup markdown format
* trivial: spelling errors
* Sleep longer when no updates to process
* README: fix typo and URL
* trivial: post release version bump
- Remove 0001-meson-using-local-copy-ldscript-when-local-copy-crt0.patch
(merged upstream)
==== gnome-control-center ====
Subpackages: gnome-control-center-goa
- Add gnome-control-center-reload-vpn-plugins.patch:
network/connection-editor: always load all available VPN plugins
(glgo#GNOME/gnome-control-center!1263).
==== gnome-software ====
Version update (41.4 -> 41.5)
- Update to version 41.5:
+ Disable scroll-by-mouse-wheel on featured carousel.
+ Ensure details page shows app provided on command line.
+ Added several appstream-related fixes.
+ Updated translations.
==== grep ====
- Make profiling deterministic (bsc#1040589)
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix duplicated insmod part_gpt lines in grub.cfg (bsc#1197186)
* 0001-grub-probe-Deduplicate-probed-partmap-output.patch
- Fix GCC 12 build failure (bsc#1196546)
* 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch
* 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch
* 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch
- Revised
* grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
* 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch
==== kernel-source ====
Version update (5.16.14 -> 5.16.15)
- Linux 5.16.15 (bsc#1012628).
- arm64: dts: qcom: sm8350: Describe GCC dependency clocks
(bsc#1012628).
- arm64: dts: qcom: sm8350: Correct UFS symbol clocks
(bsc#1012628).
- HID: elo: Revert USB reference counting (bsc#1012628).
- HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts
(bsc#1012628).
- ARM: boot: dts: bcm2711: Fix HVS register range (bsc#1012628).
- clk: qcom: gdsc: Add support to update GDSC transition delay
(bsc#1012628).
- clk: qcom: dispcc: Update the transition delay for MDSS GDSC
(bsc#1012628).
- soc: mediatek: mt8192-mmsys: Fix dither to dsi0 path's input
sel (bsc#1012628).
- HID: vivaldi: fix sysfs attributes leak (bsc#1012628).
- HID: nintendo: check the return value of alloc_workqueue()
(bsc#1012628).
- arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias
(bsc#1012628).
- tipc: fix kernel panic when enabling bearer (bsc#1012628).
- vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET
command (bsc#1012628).
- vduse: Fix returning wrong type in vduse_domain_alloc_iova()
(bsc#1012628).
- net: phy: meson-gxl: fix interrupt handling in forced mode
(bsc#1012628).
- mISDN: Fix memory leak in dsp_pipeline_build() (bsc#1012628).
- vhost: fix hung thread due to erroneous iotlb entries
(bsc#1012628).
- virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg
is zero (bsc#1012628).
- virtio-blk: Remove BUG_ON() in virtio_queue_rq() (bsc#1012628).
- vdpa: fix use-after-free on vp_vdpa_remove (bsc#1012628).
- isdn: hfcpci: check the return value of dma_set_mask() in
setup_hw() (bsc#1012628).
- net: qlogic: check the return value of dma_alloc_coherent()
in qed_vf_hw_prepare() (bsc#1012628).
- esp: Fix BEET mode inter address family tunneling on GSO
(bsc#1012628).
- net: gro: move skb_gro_receive_list to udp_offload.c
(bsc#1012628).
- qed: return status of qed_iov_get_link (bsc#1012628).
- smsc95xx: Ignore -ENODEV errors when device is unplugged
(bsc#1012628).
- gpiolib: acpi: Convert ACPI value of debounce to microseconds
(bsc#1012628).
- drm/i915/psr: Set "SF Partial Frame Enable" also on full update
(bsc#1012628).
- drm/sun4i: mixer: Fix P010 and P210 format numbers
(bsc#1012628).
- net: dsa: mt7530: fix incorrect test in
mt753x_phylink_validate() (bsc#1012628).
- ARM: dts: aspeed: Fix AST2600 quad spi group (bsc#1012628).
- iavf: Fix handling of vlan strip virtual channel messages
(bsc#1012628).
- i40e: stop disabling VFs due to PF error responses
(bsc#1012628).
- ice: stop disabling VFs due to PF error responses (bsc#1012628).
- ice: Fix error with handling of bonding MTU (bsc#1012628).
- ice: Don't use GFP_KERNEL in atomic context (bsc#1012628).
- ice: Fix curr_link_speed advertised speed (bsc#1012628).
- ethernet: Fix error handling in xemaclite_of_probe
(bsc#1012628).
- tipc: fix incorrect order of state message data sanity check
(bsc#1012628).
- net: ethernet: ti: cpts: Handle error for clk_enable
(bsc#1012628).
- net: ethernet: lpc_eth: Handle error for clk_enable
(bsc#1012628).
- net: marvell: prestera: Add missing of_node_put() in
prestera_switch_set_base_mac_addr (bsc#1012628).
- ax25: Fix NULL pointer dereference in ax25_kill_by_device
(bsc#1012628).
- net/mlx5: Fix size field in bufferx_reg struct (bsc#1012628).
- net/mlx5: Fix a race on command flush flow (bsc#1012628).
- net/mlx5e: Lag, Only handle events from highest priority
multipath entry (bsc#1012628).
- net/mlx5e: SHAMPO, reduce TIR indication (bsc#1012628).
- NFC: port100: fix use-after-free in port100_send_complete
(bsc#1012628).
- selftests: pmtu.sh: Kill tcpdump processes launched by subshell
(bsc#1012628).
- selftests: pmtu.sh: Kill nettest processes launched in subshell
(bsc#1012628).
- gpio: ts4900: Do not set DAT and OE together (bsc#1012628).
- mm: gup: make fault_in_safe_writeable() use fixup_user_fault()
(bsc#1012628).
- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
(bsc#1012628).
- net: phy: DP83822: clear MISR2 register to disable interrupts
(bsc#1012628).
- sctp: fix kernel-infoleak for SCTP sockets (bsc#1012628).
- net: arc_emac: Fix use after free in arc_mdio_probe()
(bsc#1012628).
- net: bcmgenet: Don't claim WOL when its not available
(bsc#1012628).
- net: phy: meson-gxl: improve link-up behavior (bsc#1012628).
- selftests/bpf: Add test for bpf_timer overwriting crash
(bsc#1012628).
- swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1012628).
- usb: dwc3: pci: add support for the Intel Raptor Lake-S
(bsc#1012628).
- pinctrl: tigerlake: Revert "Add Alder Lake-M ACPI ID"
(bsc#1012628).
- KVM: Fix lockdep false negative during host resume
(bsc#1012628).
- kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always
catchup mode (bsc#1012628).
- spi: rockchip: Fix error in getting num-cs property
(bsc#1012628).
- spi: rockchip: terminate dma transmission when slave abort
(bsc#1012628).
- drm/vc4: hdmi: Unregister codec device on unbind (bsc#1012628).
- of/fdt: move elfcorehdr reservation early for crash dump kernel
(bsc#1012628).
- x86/kvm: Don't use pv tlb/ipi/sched_yield if on 1 vCPU
(bsc#1012628).
- drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
(bsc#1012628).
- net-sysfs: add check for netdevice being present to speed_show
(bsc#1012628).
- hwmon: (pmbus) Clear pmbus fault/warning bits after read
(bsc#1012628).
- nvme-tcp: send H2CData PDUs based on MAXH2CDATA (bsc#1012628).
- PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken
(bsc#1012628).
- gpio: Return EPROBE_DEFER if gc->to_irq is NULL (bsc#1012628).
- drm/amdgpu: bypass tiling flag check in virtual display case
(v2) (bsc#1012628).
- Revert "xen-netback: remove 'hotplug-status' once it has served
its purpose" (bsc#1012628).
- Revert "xen-netback: Check for hotplug-status existence before
watching" (bsc#1012628).
- ipv6: prevent a possible race condition with lifetimes
(bsc#1012628).
- tracing: Ensure trace buffer is at least 4096 bytes large
(bsc#1012628).
- tracing/osnoise: Make osnoise_main to sleep for microseconds
(bsc#1012628).
- tracing: Fix selftest config check for function graph start
up test (bsc#1012628).
- selftest/vm: fix map_fixed_noreplace test failure (bsc#1012628).
- selftests/memfd: clean up mapping in mfd_fail_write
(bsc#1012628).
- ARM: Spectre-BHB: provide empty stub for non-config
(bsc#1012628).
- fuse: fix fileattr op failure (bsc#1012628).
- fuse: fix pipe buffer lifetime for direct_io (bsc#1012628).
- staging: rtl8723bs: Fix access-point mode deadlock
(bsc#1012628).
- staging: gdm724x: fix use after free in gdm_lte_rx()
(bsc#1012628).
- net: macb: Fix lost RX packet wakeup race in NAPI receive
(bsc#1012628).
- riscv: alternative only works on !XIP_KERNEL (bsc#1012628).
- mmc: meson: Fix usage of meson_mmc_post_req() (bsc#1012628).
- riscv: Fix auipc+jalr relocation range checks (bsc#1012628).
- tracing/osnoise: Force quiescent states while tracing
(bsc#1012628).
- tracing/osnoise: Do not unregister events twice (bsc#1012628).
- arm64: dts: marvell: armada-37xx: Remap IO space to bus address
0x0 (bsc#1012628).
- arm64: Ensure execute-only permissions are not allowed without
EPAN (bsc#1012628).
- arm64: kasan: fix include error in MTE functions (bsc#1012628).
- swiotlb: rework "fix info leak with DMA_FROM_DEVICE"
(bsc#1012628).
- virtio: unexport virtio_finalize_features (bsc#1012628).
- virtio: acknowledge all features before access (bsc#1012628).
- net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE
(bsc#1012628).
- ARM: fix Thumb2 regression with Spectre BHB (bsc#1012628).
- watch_queue: Fix filter limit check (bsc#1012628).
- watch_queue, pipe: Free watchqueue state after clearing pipe
ring (bsc#1012628).
- watch_queue: Fix to release page in ->release() (bsc#1012628).
- watch_queue: Fix to always request a pow-of-2 pipe ring size
(bsc#1012628).
- watch_queue: Fix the alloc bitmap size to reflect notes
allocated (bsc#1012628).
- watch_queue: Free the alloc bitmap when the watch_queue is
torn down (bsc#1012628).
- watch_queue: Fix lack of barrier/sync/lock between post and read
(bsc#1012628).
- watch_queue: Make comment about setting ->defunct more accurate
(bsc#1012628).
- x86/boot: Fix memremap of setup_indirect structures
(bsc#1012628).
- x86/boot: Add setup_indirect support in
early_memremap_is_setup_data() (bsc#1012628).
- x86/module: Fix the paravirt vs alternative order (bsc#1012628).
- x86/sgx: Free backing memory after faulting the enclave page
(bsc#1012628).
- x86/traps: Mark do_int3() NOKPROBE_SYMBOL (bsc#1012628).
- drm/panel: Select DRM_DP_HELPER for DRM_PANEL_EDP (bsc#1012628).
- perf parse: Fix event parser error for hybrid systems
(bsc#1012628).
- btrfs: make send work with concurrent block group relocation
(bsc#1012628).
- riscv: dts: k210: fix broken IRQs on hart1 (bsc#1012628).
- vhost: allow batching hint without size (bsc#1012628).
- commit 2bd8d63
- config: enable XFS_RT (bsc#1197190)
- commit d8f0e40
- esp: Fix possible buffer overflow in ESP transformation
(CVE-2022-0886 bsc#1197131).
- commit f5ed8a3
==== libepoxy ====
Version update (1.5.9 -> 1.5.10)
- Update to version 1.5.10:
+ Fix for building with MSVC on non-English locale.
+ Fix build on Android.
+ Add the right include paths for EGL and X11 headers.
- Upstream tarball url changed, probably by mistake, so leave old
url in place, but disabled.
==== libgnomesu ====
Version update (2.0.6 -> 2.0.7)
Subpackages: libgnomesu0
- Update to version 2.0.7:
* Updated translations.
* Better wording in the documentation.
==== libnvme ====
Version update (1.0~6 -> 1.0~7)
- Update to version 1.0-rc7:
* linux: fixup log page offset in nvme_get_log_page()
* tree: Add support for default trsvcid for all controllers (bsc#1195858)
* tree: fixup coredump during nvme discover
==== librsvg ====
Version update (2.52.7 -> 2.52.8)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.52.8:
+ Catch circular references when rendering patterns
(glgo#GNOME/librsvg#721).
==== libsigc++2 ====
Version update (2.10.7 -> 2.10.8)
- Update to version 2.10.8:
+ Build:
- Meson build: Perl is not required by new versions of
mm-common
- NMake Makefiles: Support building with VS2022
+ Documentation: Upgrade the manual from DocBook 4.1 to DocBook
5.0
==== mobile-broadband-provider-info ====
Version update (20210805 -> 20220315)
- Update to version 20220315:
* release: bump version to 20220315
* doap: remove Jiri
* doap: add myself
* us: include information for voicemail for Verizon Wireless
* dtd: expand DTD to include information for vvm3 Visual
Voicemail standard
* us: add Purism SPC AweSIM MVNO
* us: added MCCMNC 310280 to AT&T
* ro: update the Romania Orange net and mms credentials
* eg: mms settings for vodafone.eg
* de: add mms information to combined apn
* us: added Ting provider information
* us: add US Mobile (T-Mobile MVNO): mcc="310" mnc="260"
* au: remove duplicate Telstra MMS entry
* bd: updated profile names and other information
* bd: remove defunct provider
* se: remove defunct operators
* fr: add AIF Mvno provider
* it: add Rabona Mobile
* us: move mobilenet APN to T-Mobile and add mmsc
* us: add Mint Mobile VVM, APN, and MMSC
* ca: update Fido APN settings
* us: add MMS settings to T-Mobile LTE APN
* us: add T-Mobile to LTE APN name
* fr: add TeleCoop
* dtd: fix a spelling error
* jp: add Japanese providers
* cl: update apn of main providers of Chile
* ca: change Wind Mobile to Freedom Mobile
* ca: add Public Mobile provider
* Rename Orange (Israel) to Partner
* Add APN information for We4G (Israel)
* Adds the missing MMSC and MMS proxy for Orange France into
serviceproviders.xml
* il: Add Golan Telecom and Hot Mobile MMS settings
* Update redirected GNOME wiki URL in CONTRIBUTING
- Drop mobile-broadband-provider-info-tmobile-reorder.patch: Having
this patch downstream for ages makes no sense, and if it was
really needed, one would think it had landed as a bug upstream at
some point.
==== nvme-cli ====
Version update (2.0~6 -> 2.0~7)
- Update to version 2.0-rc7:
* netapp-nvme: fix smdevices segfault in json output (bsc#1195937)
* fabrics: keep the backward compatibility
* nvme: Do not slash escape strings in JSON output (bsc#1195937)
* nvme: Print full device path
* nvme-print: Make JSON keys consistent with nvme-cli 1.x
* nvme-print: print generic device in list command
* fabrics: check for discovery controller instead of subsystem NQN (bsc#1197061)
* connect: Set errno to zero on nvmf_add_ctrl() success
* documenation updates
- Set path to systemctl via newly introduced config option
- Update 0100-harden_nvmf-connect@.service.patch due to upstream file rename
- Moved bash completion script to /usr/share/bash-completion/completions/nvme
==== openSUSE-build-key ====
- gpg-pubkey-307e3d54-5aaa90a5.asc: remove the RSA 1024bit SLE11 key
and try to remove it from installed systems via Obsoletes.
==== p11-kit ====
Version update (0.23.22 -> 0.24.1)
Subpackages: libp11-kit0 p11-kit-tools
- make sure p11-kit components have matching versions (boo#1196812)
- Update to version 0.24.1:
* rpc: Support protocol version negotiation.
* proxy: Support copying attribute array recursively.
* Link libp11-kit so that it cannot unload.
* Translation improvements.
* Build fixes.
- Update to version 0.24.0:
* Use inclusive language on certificate distrust. Note: This
changes the directory and attribute names to distrust certain
CAs to "blocklist".
* Fix issues spotted by coverity and ASan.
* Integrate gettext with tools more tightly.
* rpc: Forbid use of array of attributes.
* Build fixes.
- Change dirs from blacklist to blocklist ref upstream changes.
==== protobuf ====
Subpackages: libprotobuf-lite30 libprotobuf30
- Change Requires: zlib-devel to pkgconfig(zlib) so as not to conflict with libz-ng-compat1.
==== toolbox ====
- adjusted the patch to the toolbox container in registry
==== wavpack ====
- security update
- added patches
fix CVE-2021-44269 [bsc#1197020], out of bounds read in processing .wav file
+ wavpack-CVE-2021-44269.patch
==== xdg-desktop-portal ====
Version update (1.12.1 -> 1.14.0)
- Update to version 1.14.0:
+ Add a new "dynamic launcher" portal, which can install .desktop
files and accompanying icons after user confirmation.
+ Rework handling of empty app IDs: In case an empty string app
ID is stored in the permission store, this permission is now
shared only by apps whose app ID couldn't be determined, rather
than all unsandboxed apps.
+ Use libsystemd (when available) to try to determine the app ID
of unsandboxed processes. This is useful since some portals
otherwise can't be used by host apps.
+ Make x-d-p start on session start, which is needed for the
dynamic launcher portal to handle rewriting launchers for apps
that have been renamed.
+ Bring back the copy of Flatpak's icon-validator, which was
dropped many releases ago.
+ Icon validation is now required for the notification and
dynamic launcher portals (previously it was only done if the
"flatpak-validate-icon" binary could be found).
+ document-portal: Move to the libfuse3 API
+ document-portal: Use renameat2 sys call
+ document-portal: Use mutex to fix concurrency bug
+ realtime: Fix error code paths
+ realtime: Fix MakeThreadHighPriorityWithPID method
+ screencast: Fix an error when restoring streams
+ ci: Various improvements
+ Documentation improvements
+ Updated translations.
- Replace BuildRequires: pkgconfig(fuse) with pkgconfig(fuse3)
since document-portal moved to use it.
- Add BuildRequires: pkgconfig(libsystemd) and
pkgconfig(gdk-pixbuf-2.0) which are now used.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
cockpit
container-selinux (2.171.0 -> 2.180.0)
gnome-control-center
gnome-software (41.4 -> 41.5)
grub2
libepoxy (1.5.9 -> 1.5.10)
libgnomesu (2.0.6 -> 2.0.7)
libnvme (1.0~6 -> 1.0~7)
librsvg (2.52.7 -> 2.52.8)
libsigc++2 (2.10.7 -> 2.10.8)
nvme-cli (2.0~6 -> 2.0~7)
openSUSE-build-key
toolbox
xdg-desktop-portal (1.12.1 -> 1.14.0)
=== Details ===
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- re-add suse-microos-branding.patch from GitHub
- add hide-docs.patch (bsc#1197003)
- make package compatible with OBS version (bsc#1197224):
* move branding images to distribution-logos-SLE package
* re-add dependency on distribution-logos
* remove branding patch and assets (suse-microos-branding.patch,
suse-microos-branding.tar.gz); moved to GitHub fork
* remove local __python3 macro
* apply SLE specific patches only on SLE
- add hide-pcp.patch to hide references to PCP (Performance
Co-Pilot) and metric collection (bsc#1195943). The cockpit-pcp
package is not included in SLE Micro 5.2 base and these parts
require it.
- change self-signed cert group from cockpit-wsintance to
cockpit-ws on upgrade
- update to new LTS version from openSUSE:Factory
- port remove-pwscore.patch
* remove dependency on pwscore (bsc#1182924)
* remove password strenth indicator
- port branding changes as suse-microos "theme"
* remove suse_cockpit_assets.tar.gz
* add suse-microos-branding.tar.gz
* remove branding_tests.patch
* add suse-microos-branding.patch
- remove files not needed to build this version anymore
* webpack-warnings-are-not-errors.patch
* github_package.patch
* nodejs_output_helper.bash
- remove cockpit.permissions workaround (bsc#1169614)
==== container-selinux ====
Version update (2.171.0 -> 2.180.0)
- Update to version 2.180.0
* Allow container domains to read/write kvm_device_t
* Update kublet mappings to inlcude /usr/local/*
* Allow container domains to use container runtime tcp and udp sockets
* Alow containers to use unix_stream_sockets leaked from container runtimes
* Allow userdomains to execute conmon_exec_t and use it as an entrypoint
* Allow conmon_exec_t as an entrypoint
* Add container_use_devices boolean to allow containers to use any device
* Add explicit range transition for conmon
* Add missing dbus class declaration into container_runtime_run()
* Remove lockdown allow rules
* Remove k3s fcontexts
* Allow container domains to be used by user roles
- Changed source url to allow for download via source service
==== gnome-control-center ====
Subpackages: gnome-control-center-goa
- Add gnome-control-center-reload-vpn-plugins.patch:
network/connection-editor: always load all available VPN plugins
(glgo#GNOME/gnome-control-center!1263).
==== gnome-software ====
Version update (41.4 -> 41.5)
- Update to version 41.5:
+ Disable scroll-by-mouse-wheel on featured carousel.
+ Ensure details page shows app provided on command line.
+ Added several appstream-related fixes.
+ Updated translations.
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Fix duplicated insmod part_gpt lines in grub.cfg (bsc#1197186)
* 0001-grub-probe-Deduplicate-probed-partmap-output.patch
- Fix GCC 12 build failure (bsc#1196546)
* 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch
* 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch
* 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch
- Revised
* grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
* 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch
==== libepoxy ====
Version update (1.5.9 -> 1.5.10)
- Update to version 1.5.10:
+ Fix for building with MSVC on non-English locale.
+ Fix build on Android.
+ Add the right include paths for EGL and X11 headers.
- Upstream tarball url changed, probably by mistake, so leave old
url in place, but disabled.
==== libgnomesu ====
Version update (2.0.6 -> 2.0.7)
Subpackages: libgnomesu0
- Update to version 2.0.7:
* Updated translations.
* Better wording in the documentation.
==== libnvme ====
Version update (1.0~6 -> 1.0~7)
- Update to version 1.0-rc7:
* linux: fixup log page offset in nvme_get_log_page()
* tree: Add support for default trsvcid for all controllers (bsc#1195858)
* tree: fixup coredump during nvme discover
==== librsvg ====
Version update (2.52.7 -> 2.52.8)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.52.8:
+ Catch circular references when rendering patterns
(glgo#GNOME/librsvg#721).
==== libsigc++2 ====
Version update (2.10.7 -> 2.10.8)
- Update to version 2.10.8:
+ Build:
- Meson build: Perl is not required by new versions of
mm-common
- NMake Makefiles: Support building with VS2022
+ Documentation: Upgrade the manual from DocBook 4.1 to DocBook
5.0
==== nvme-cli ====
Version update (2.0~6 -> 2.0~7)
- Update to version 2.0-rc7:
* netapp-nvme: fix smdevices segfault in json output (bsc#1195937)
* fabrics: keep the backward compatibility
* nvme: Do not slash escape strings in JSON output (bsc#1195937)
* nvme: Print full device path
* nvme-print: Make JSON keys consistent with nvme-cli 1.x
* nvme-print: print generic device in list command
* fabrics: check for discovery controller instead of subsystem NQN (bsc#1197061)
* connect: Set errno to zero on nvmf_add_ctrl() success
* documenation updates
- Set path to systemctl via newly introduced config option
- Update 0100-harden_nvmf-connect@.service.patch due to upstream file rename
- Moved bash completion script to /usr/share/bash-completion/completions/nvme
==== openSUSE-build-key ====
- gpg-pubkey-307e3d54-5aaa90a5.asc: remove the RSA 1024bit SLE11 key
and try to remove it from installed systems via Obsoletes.
==== toolbox ====
- adjusted the patch to the toolbox container in registry
==== xdg-desktop-portal ====
Version update (1.12.1 -> 1.14.0)
- Update to version 1.14.0:
+ Add a new "dynamic launcher" portal, which can install .desktop
files and accompanying icons after user confirmation.
+ Rework handling of empty app IDs: In case an empty string app
ID is stored in the permission store, this permission is now
shared only by apps whose app ID couldn't be determined, rather
than all unsandboxed apps.
+ Use libsystemd (when available) to try to determine the app ID
of unsandboxed processes. This is useful since some portals
otherwise can't be used by host apps.
+ Make x-d-p start on session start, which is needed for the
dynamic launcher portal to handle rewriting launchers for apps
that have been renamed.
+ Bring back the copy of Flatpak's icon-validator, which was
dropped many releases ago.
+ Icon validation is now required for the notification and
dynamic launcher portals (previously it was only done if the
"flatpak-validate-icon" binary could be found).
+ document-portal: Move to the libfuse3 API
+ document-portal: Use renameat2 sys call
+ document-portal: Use mutex to fix concurrency bug
+ realtime: Fix error code paths
+ realtime: Fix MakeThreadHighPriorityWithPID method
+ screencast: Fix an error when restoring streams
+ ci: Various improvements
+ Documentation improvements
+ Updated translations.
- Replace BuildRequires: pkgconfig(fuse) with pkgconfig(fuse3)
since document-portal moved to use it.
- Add BuildRequires: pkgconfig(libsystemd) and
pkgconfig(gdk-pixbuf-2.0) which are now used.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
cockpit
container-selinux (2.171.0 -> 2.180.0)
grub2
libepoxy (1.5.9 -> 1.5.10)
libnvme (1.0~6 -> 1.0~7)
librsvg (2.52.7 -> 2.52.8)
libsigc++2 (2.10.7 -> 2.10.8)
nvme-cli (2.0~6 -> 2.0~7)
openSUSE-build-key
toolbox
=== Details ===
==== cockpit ====
Subpackages: cockpit-bridge cockpit-packagekit cockpit-system
- re-add suse-microos-branding.patch from GitHub
- add hide-docs.patch (bsc#1197003)
- make package compatible with OBS version (bsc#1197224):
* move branding images to distribution-logos-SLE package
* re-add dependency on distribution-logos
* remove branding patch and assets (suse-microos-branding.patch,
suse-microos-branding.tar.gz); moved to GitHub fork
* remove local __python3 macro
* apply SLE specific patches only on SLE
- add hide-pcp.patch to hide references to PCP (Performance
Co-Pilot) and metric collection (bsc#1195943). The cockpit-pcp
package is not included in SLE Micro 5.2 base and these parts
require it.
- change self-signed cert group from cockpit-wsintance to
cockpit-ws on upgrade
- update to new LTS version from openSUSE:Factory
- port remove-pwscore.patch
* remove dependency on pwscore (bsc#1182924)
* remove password strenth indicator
- port branding changes as suse-microos "theme"
* remove suse_cockpit_assets.tar.gz
* add suse-microos-branding.tar.gz
* remove branding_tests.patch
* add suse-microos-branding.patch
- remove files not needed to build this version anymore
* webpack-warnings-are-not-errors.patch
* github_package.patch
* nodejs_output_helper.bash
- remove cockpit.permissions workaround (bsc#1169614)
==== container-selinux ====
Version update (2.171.0 -> 2.180.0)
- Update to version 2.180.0
* Allow container domains to read/write kvm_device_t
* Update kublet mappings to inlcude /usr/local/*
* Allow container domains to use container runtime tcp and udp sockets
* Alow containers to use unix_stream_sockets leaked from container runtimes
* Allow userdomains to execute conmon_exec_t and use it as an entrypoint
* Allow conmon_exec_t as an entrypoint
* Add container_use_devices boolean to allow containers to use any device
* Add explicit range transition for conmon
* Add missing dbus class declaration into container_runtime_run()
* Remove lockdown allow rules
* Remove k3s fcontexts
* Allow container domains to be used by user roles
- Changed source url to allow for download via source service
==== grub2 ====
Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi
- Fix duplicated insmod part_gpt lines in grub.cfg (bsc#1197186)
* 0001-grub-probe-Deduplicate-probed-partmap-output.patch
- Fix GCC 12 build failure (bsc#1196546)
* 0001-mkimage-Fix-dangling-pointer-may-be-used-error.patch
* 0002-Fix-Werror-array-bounds-array-subscript-0-is-outside.patch
* 0003-reed_solomon-Fix-array-subscript-0-is-outside-array-.patch
- Revised
* grub2-btrfs-01-add-ability-to-boot-from-subvolumes.patch
* 0002-ieee1275-powerpc-enables-device-mapper-discovery.patch
==== libepoxy ====
Version update (1.5.9 -> 1.5.10)
- Update to version 1.5.10:
+ Fix for building with MSVC on non-English locale.
+ Fix build on Android.
+ Add the right include paths for EGL and X11 headers.
- Upstream tarball url changed, probably by mistake, so leave old
url in place, but disabled.
==== libnvme ====
Version update (1.0~6 -> 1.0~7)
- Update to version 1.0-rc7:
* linux: fixup log page offset in nvme_get_log_page()
* tree: Add support for default trsvcid for all controllers (bsc#1195858)
* tree: fixup coredump during nvme discover
==== librsvg ====
Version update (2.52.7 -> 2.52.8)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2
- Update to version 2.52.8:
+ Catch circular references when rendering patterns
(glgo#GNOME/librsvg#721).
==== libsigc++2 ====
Version update (2.10.7 -> 2.10.8)
- Update to version 2.10.8:
+ Build:
- Meson build: Perl is not required by new versions of
mm-common
- NMake Makefiles: Support building with VS2022
+ Documentation: Upgrade the manual from DocBook 4.1 to DocBook
5.0
==== nvme-cli ====
Version update (2.0~6 -> 2.0~7)
- Update to version 2.0-rc7:
* netapp-nvme: fix smdevices segfault in json output (bsc#1195937)
* fabrics: keep the backward compatibility
* nvme: Do not slash escape strings in JSON output (bsc#1195937)
* nvme: Print full device path
* nvme-print: Make JSON keys consistent with nvme-cli 1.x
* nvme-print: print generic device in list command
* fabrics: check for discovery controller instead of subsystem NQN (bsc#1197061)
* connect: Set errno to zero on nvmf_add_ctrl() success
* documenation updates
- Set path to systemctl via newly introduced config option
- Update 0100-harden_nvmf-connect@.service.patch due to upstream file rename
- Moved bash completion script to /usr/share/bash-completion/completions/nvme
==== openSUSE-build-key ====
- gpg-pubkey-307e3d54-5aaa90a5.asc: remove the RSA 1024bit SLE11 key
and try to remove it from installed systems via Obsoletes.
==== toolbox ====
- adjusted the patch to the toolbox container in registry
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
NetworkManager (1.36.0 -> 1.36.2)
dbus-1
dbus-1-x11
flatpak (1.12.6 -> 1.12.7)
kernel-source (5.16.14 -> 5.16.15)
mobile-broadband-provider-info (20210805 -> 20220315)
protobuf
=== Details ===
==== NetworkManager ====
Version update (1.36.0 -> 1.36.2)
Subpackages: libnm0 typelib-1_0-NM-1_0
- Do not requires dhcp-client, NM is using its internal client
by default for a long time now.
- Convert iproute2 and iputils requires to recommends, they
should not be hard requires.
- Update to version 1.36.2:
+ When the list of plugins is not specified via "main.plugins" in
NetworkManager.conf and no build-time default is set with
"--with-config-plugins-default" configure argument, now all
known plugins found in the plugin directory are loaded (and the
built-in "keyfile" plugin is preferred over others).
+ Preserve external ports during checkpoint rollback.
+ Fix removal of ovsdb entry when an OVS interface goes away.
+ Fix DNS configuration for WWAN connections.
==== dbus-1 ====
Subpackages: libdbus-1-3
- Drop use of %{with libalternatives}, there's no such bcond defined
and in many other places it's not optional anyway (boo#1197258)
==== dbus-1-x11 ====
- Use --with-x=auto to actually enable X11 integration (boo#1197258,
workaround https://gitlab.freedesktop.org/dbus/dbus/-/merge_requests/263)
==== flatpak ====
Version update (1.12.6 -> 1.12.7)
Subpackages: libflatpak0 system-user-flatpak
- Update to version 1.12.7:
+ allow networked access to X11 and PulseAudio services if that
is configured, and the application has network access
+ Absolute paths in WAYLAND_DISPLAY now work
+ Allow apps that were built with Flatpak 1.13.x to export
AppStream metadata in share/metainfo
+ Most commands now work if /var/lib/flatpak exists but
/var/lib/flatpak/repo does not, and will automatically populate
the repo directory if possible
+ Consistently pass relative subpaths to libostree, working
around a bug in libostree < 2021.6 when used with GLib >= 2.71
+ Fix some memory leaks in GVariant data processing
==== kernel-source ====
Version update (5.16.14 -> 5.16.15)
- Linux 5.16.15 (bsc#1012628).
- arm64: dts: qcom: sm8350: Describe GCC dependency clocks
(bsc#1012628).
- arm64: dts: qcom: sm8350: Correct UFS symbol clocks
(bsc#1012628).
- HID: elo: Revert USB reference counting (bsc#1012628).
- HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts
(bsc#1012628).
- ARM: boot: dts: bcm2711: Fix HVS register range (bsc#1012628).
- clk: qcom: gdsc: Add support to update GDSC transition delay
(bsc#1012628).
- clk: qcom: dispcc: Update the transition delay for MDSS GDSC
(bsc#1012628).
- soc: mediatek: mt8192-mmsys: Fix dither to dsi0 path's input
sel (bsc#1012628).
- HID: vivaldi: fix sysfs attributes leak (bsc#1012628).
- HID: nintendo: check the return value of alloc_workqueue()
(bsc#1012628).
- arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias
(bsc#1012628).
- tipc: fix kernel panic when enabling bearer (bsc#1012628).
- vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET
command (bsc#1012628).
- vduse: Fix returning wrong type in vduse_domain_alloc_iova()
(bsc#1012628).
- net: phy: meson-gxl: fix interrupt handling in forced mode
(bsc#1012628).
- mISDN: Fix memory leak in dsp_pipeline_build() (bsc#1012628).
- vhost: fix hung thread due to erroneous iotlb entries
(bsc#1012628).
- virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg
is zero (bsc#1012628).
- virtio-blk: Remove BUG_ON() in virtio_queue_rq() (bsc#1012628).
- vdpa: fix use-after-free on vp_vdpa_remove (bsc#1012628).
- isdn: hfcpci: check the return value of dma_set_mask() in
setup_hw() (bsc#1012628).
- net: qlogic: check the return value of dma_alloc_coherent()
in qed_vf_hw_prepare() (bsc#1012628).
- esp: Fix BEET mode inter address family tunneling on GSO
(bsc#1012628).
- net: gro: move skb_gro_receive_list to udp_offload.c
(bsc#1012628).
- qed: return status of qed_iov_get_link (bsc#1012628).
- smsc95xx: Ignore -ENODEV errors when device is unplugged
(bsc#1012628).
- gpiolib: acpi: Convert ACPI value of debounce to microseconds
(bsc#1012628).
- drm/i915/psr: Set "SF Partial Frame Enable" also on full update
(bsc#1012628).
- drm/sun4i: mixer: Fix P010 and P210 format numbers
(bsc#1012628).
- net: dsa: mt7530: fix incorrect test in
mt753x_phylink_validate() (bsc#1012628).
- ARM: dts: aspeed: Fix AST2600 quad spi group (bsc#1012628).
- iavf: Fix handling of vlan strip virtual channel messages
(bsc#1012628).
- i40e: stop disabling VFs due to PF error responses
(bsc#1012628).
- ice: stop disabling VFs due to PF error responses (bsc#1012628).
- ice: Fix error with handling of bonding MTU (bsc#1012628).
- ice: Don't use GFP_KERNEL in atomic context (bsc#1012628).
- ice: Fix curr_link_speed advertised speed (bsc#1012628).
- ethernet: Fix error handling in xemaclite_of_probe
(bsc#1012628).
- tipc: fix incorrect order of state message data sanity check
(bsc#1012628).
- net: ethernet: ti: cpts: Handle error for clk_enable
(bsc#1012628).
- net: ethernet: lpc_eth: Handle error for clk_enable
(bsc#1012628).
- net: marvell: prestera: Add missing of_node_put() in
prestera_switch_set_base_mac_addr (bsc#1012628).
- ax25: Fix NULL pointer dereference in ax25_kill_by_device
(bsc#1012628).
- net/mlx5: Fix size field in bufferx_reg struct (bsc#1012628).
- net/mlx5: Fix a race on command flush flow (bsc#1012628).
- net/mlx5e: Lag, Only handle events from highest priority
multipath entry (bsc#1012628).
- net/mlx5e: SHAMPO, reduce TIR indication (bsc#1012628).
- NFC: port100: fix use-after-free in port100_send_complete
(bsc#1012628).
- selftests: pmtu.sh: Kill tcpdump processes launched by subshell
(bsc#1012628).
- selftests: pmtu.sh: Kill nettest processes launched in subshell
(bsc#1012628).
- gpio: ts4900: Do not set DAT and OE together (bsc#1012628).
- mm: gup: make fault_in_safe_writeable() use fixup_user_fault()
(bsc#1012628).
- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
(bsc#1012628).
- net: phy: DP83822: clear MISR2 register to disable interrupts
(bsc#1012628).
- sctp: fix kernel-infoleak for SCTP sockets (bsc#1012628).
- net: arc_emac: Fix use after free in arc_mdio_probe()
(bsc#1012628).
- net: bcmgenet: Don't claim WOL when its not available
(bsc#1012628).
- net: phy: meson-gxl: improve link-up behavior (bsc#1012628).
- selftests/bpf: Add test for bpf_timer overwriting crash
(bsc#1012628).
- swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1012628).
- usb: dwc3: pci: add support for the Intel Raptor Lake-S
(bsc#1012628).
- pinctrl: tigerlake: Revert "Add Alder Lake-M ACPI ID"
(bsc#1012628).
- KVM: Fix lockdep false negative during host resume
(bsc#1012628).
- kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always
catchup mode (bsc#1012628).
- spi: rockchip: Fix error in getting num-cs property
(bsc#1012628).
- spi: rockchip: terminate dma transmission when slave abort
(bsc#1012628).
- drm/vc4: hdmi: Unregister codec device on unbind (bsc#1012628).
- of/fdt: move elfcorehdr reservation early for crash dump kernel
(bsc#1012628).
- x86/kvm: Don't use pv tlb/ipi/sched_yield if on 1 vCPU
(bsc#1012628).
- drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
(bsc#1012628).
- net-sysfs: add check for netdevice being present to speed_show
(bsc#1012628).
- hwmon: (pmbus) Clear pmbus fault/warning bits after read
(bsc#1012628).
- nvme-tcp: send H2CData PDUs based on MAXH2CDATA (bsc#1012628).
- PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken
(bsc#1012628).
- gpio: Return EPROBE_DEFER if gc->to_irq is NULL (bsc#1012628).
- drm/amdgpu: bypass tiling flag check in virtual display case
(v2) (bsc#1012628).
- Revert "xen-netback: remove 'hotplug-status' once it has served
its purpose" (bsc#1012628).
- Revert "xen-netback: Check for hotplug-status existence before
watching" (bsc#1012628).
- ipv6: prevent a possible race condition with lifetimes
(bsc#1012628).
- tracing: Ensure trace buffer is at least 4096 bytes large
(bsc#1012628).
- tracing/osnoise: Make osnoise_main to sleep for microseconds
(bsc#1012628).
- tracing: Fix selftest config check for function graph start
up test (bsc#1012628).
- selftest/vm: fix map_fixed_noreplace test failure (bsc#1012628).
- selftests/memfd: clean up mapping in mfd_fail_write
(bsc#1012628).
- ARM: Spectre-BHB: provide empty stub for non-config
(bsc#1012628).
- fuse: fix fileattr op failure (bsc#1012628).
- fuse: fix pipe buffer lifetime for direct_io (bsc#1012628).
- staging: rtl8723bs: Fix access-point mode deadlock
(bsc#1012628).
- staging: gdm724x: fix use after free in gdm_lte_rx()
(bsc#1012628).
- net: macb: Fix lost RX packet wakeup race in NAPI receive
(bsc#1012628).
- riscv: alternative only works on !XIP_KERNEL (bsc#1012628).
- mmc: meson: Fix usage of meson_mmc_post_req() (bsc#1012628).
- riscv: Fix auipc+jalr relocation range checks (bsc#1012628).
- tracing/osnoise: Force quiescent states while tracing
(bsc#1012628).
- tracing/osnoise: Do not unregister events twice (bsc#1012628).
- arm64: dts: marvell: armada-37xx: Remap IO space to bus address
0x0 (bsc#1012628).
- arm64: Ensure execute-only permissions are not allowed without
EPAN (bsc#1012628).
- arm64: kasan: fix include error in MTE functions (bsc#1012628).
- swiotlb: rework "fix info leak with DMA_FROM_DEVICE"
(bsc#1012628).
- virtio: unexport virtio_finalize_features (bsc#1012628).
- virtio: acknowledge all features before access (bsc#1012628).
- net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE
(bsc#1012628).
- ARM: fix Thumb2 regression with Spectre BHB (bsc#1012628).
- watch_queue: Fix filter limit check (bsc#1012628).
- watch_queue, pipe: Free watchqueue state after clearing pipe
ring (bsc#1012628).
- watch_queue: Fix to release page in ->release() (bsc#1012628).
- watch_queue: Fix to always request a pow-of-2 pipe ring size
(bsc#1012628).
- watch_queue: Fix the alloc bitmap size to reflect notes
allocated (bsc#1012628).
- watch_queue: Free the alloc bitmap when the watch_queue is
torn down (bsc#1012628).
- watch_queue: Fix lack of barrier/sync/lock between post and read
(bsc#1012628).
- watch_queue: Make comment about setting ->defunct more accurate
(bsc#1012628).
- x86/boot: Fix memremap of setup_indirect structures
(bsc#1012628).
- x86/boot: Add setup_indirect support in
early_memremap_is_setup_data() (bsc#1012628).
- x86/module: Fix the paravirt vs alternative order (bsc#1012628).
- x86/sgx: Free backing memory after faulting the enclave page
(bsc#1012628).
- x86/traps: Mark do_int3() NOKPROBE_SYMBOL (bsc#1012628).
- drm/panel: Select DRM_DP_HELPER for DRM_PANEL_EDP (bsc#1012628).
- perf parse: Fix event parser error for hybrid systems
(bsc#1012628).
- btrfs: make send work with concurrent block group relocation
(bsc#1012628).
- riscv: dts: k210: fix broken IRQs on hart1 (bsc#1012628).
- vhost: allow batching hint without size (bsc#1012628).
- commit 2bd8d63
- config: enable XFS_RT (bsc#1197190)
- commit d8f0e40
- esp: Fix possible buffer overflow in ESP transformation
(CVE-2022-0886 bsc#1197131).
- commit f5ed8a3
==== mobile-broadband-provider-info ====
Version update (20210805 -> 20220315)
- Update to version 20220315:
* release: bump version to 20220315
* doap: remove Jiri
* doap: add myself
* us: include information for voicemail for Verizon Wireless
* dtd: expand DTD to include information for vvm3 Visual
Voicemail standard
* us: add Purism SPC AweSIM MVNO
* us: added MCCMNC 310280 to AT&T
* ro: update the Romania Orange net and mms credentials
* eg: mms settings for vodafone.eg
* de: add mms information to combined apn
* us: added Ting provider information
* us: add US Mobile (T-Mobile MVNO): mcc="310" mnc="260"
* au: remove duplicate Telstra MMS entry
* bd: updated profile names and other information
* bd: remove defunct provider
* se: remove defunct operators
* fr: add AIF Mvno provider
* it: add Rabona Mobile
* us: move mobilenet APN to T-Mobile and add mmsc
* us: add Mint Mobile VVM, APN, and MMSC
* ca: update Fido APN settings
* us: add MMS settings to T-Mobile LTE APN
* us: add T-Mobile to LTE APN name
* fr: add TeleCoop
* dtd: fix a spelling error
* jp: add Japanese providers
* cl: update apn of main providers of Chile
* ca: change Wind Mobile to Freedom Mobile
* ca: add Public Mobile provider
* Rename Orange (Israel) to Partner
* Add APN information for We4G (Israel)
* Adds the missing MMSC and MMS proxy for Orange France into
serviceproviders.xml
* il: Add Golan Telecom and Hot Mobile MMS settings
* Update redirected GNOME wiki URL in CONTRIBUTING
- Drop mobile-broadband-provider-info-tmobile-reorder.patch: Having
this patch downstream for ages makes no sense, and if it was
really needed, one would think it had landed as a bug upstream at
some point.
==== protobuf ====
Subpackages: libprotobuf-lite30 libprotobuf30
- Change Requires: zlib-devel to pkgconfig(zlib) so as not to conflict with libz-ng-compat1.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
NetworkManager (1.36.0 -> 1.36.2)
dbus-1
kernel-source (5.16.14 -> 5.16.15)
protobuf
=== Details ===
==== NetworkManager ====
Version update (1.36.0 -> 1.36.2)
Subpackages: libnm0
- Do not requires dhcp-client, NM is using its internal client
by default for a long time now.
- Convert iproute2 and iputils requires to recommends, they
should not be hard requires.
- Update to version 1.36.2:
+ When the list of plugins is not specified via "main.plugins" in
NetworkManager.conf and no build-time default is set with
"--with-config-plugins-default" configure argument, now all
known plugins found in the plugin directory are loaded (and the
built-in "keyfile" plugin is preferred over others).
+ Preserve external ports during checkpoint rollback.
+ Fix removal of ovsdb entry when an OVS interface goes away.
+ Fix DNS configuration for WWAN connections.
==== dbus-1 ====
Subpackages: libdbus-1-3
- Drop use of %{with libalternatives}, there's no such bcond defined
and in many other places it's not optional anyway (boo#1197258)
==== kernel-source ====
Version update (5.16.14 -> 5.16.15)
- Linux 5.16.15 (bsc#1012628).
- arm64: dts: qcom: sm8350: Describe GCC dependency clocks
(bsc#1012628).
- arm64: dts: qcom: sm8350: Correct UFS symbol clocks
(bsc#1012628).
- HID: elo: Revert USB reference counting (bsc#1012628).
- HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts
(bsc#1012628).
- ARM: boot: dts: bcm2711: Fix HVS register range (bsc#1012628).
- clk: qcom: gdsc: Add support to update GDSC transition delay
(bsc#1012628).
- clk: qcom: dispcc: Update the transition delay for MDSS GDSC
(bsc#1012628).
- soc: mediatek: mt8192-mmsys: Fix dither to dsi0 path's input
sel (bsc#1012628).
- HID: vivaldi: fix sysfs attributes leak (bsc#1012628).
- HID: nintendo: check the return value of alloc_workqueue()
(bsc#1012628).
- arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias
(bsc#1012628).
- tipc: fix kernel panic when enabling bearer (bsc#1012628).
- vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET
command (bsc#1012628).
- vduse: Fix returning wrong type in vduse_domain_alloc_iova()
(bsc#1012628).
- net: phy: meson-gxl: fix interrupt handling in forced mode
(bsc#1012628).
- mISDN: Fix memory leak in dsp_pipeline_build() (bsc#1012628).
- vhost: fix hung thread due to erroneous iotlb entries
(bsc#1012628).
- virtio-blk: Don't use MAX_DISCARD_SEGMENTS if max_discard_seg
is zero (bsc#1012628).
- virtio-blk: Remove BUG_ON() in virtio_queue_rq() (bsc#1012628).
- vdpa: fix use-after-free on vp_vdpa_remove (bsc#1012628).
- isdn: hfcpci: check the return value of dma_set_mask() in
setup_hw() (bsc#1012628).
- net: qlogic: check the return value of dma_alloc_coherent()
in qed_vf_hw_prepare() (bsc#1012628).
- esp: Fix BEET mode inter address family tunneling on GSO
(bsc#1012628).
- net: gro: move skb_gro_receive_list to udp_offload.c
(bsc#1012628).
- qed: return status of qed_iov_get_link (bsc#1012628).
- smsc95xx: Ignore -ENODEV errors when device is unplugged
(bsc#1012628).
- gpiolib: acpi: Convert ACPI value of debounce to microseconds
(bsc#1012628).
- drm/i915/psr: Set "SF Partial Frame Enable" also on full update
(bsc#1012628).
- drm/sun4i: mixer: Fix P010 and P210 format numbers
(bsc#1012628).
- net: dsa: mt7530: fix incorrect test in
mt753x_phylink_validate() (bsc#1012628).
- ARM: dts: aspeed: Fix AST2600 quad spi group (bsc#1012628).
- iavf: Fix handling of vlan strip virtual channel messages
(bsc#1012628).
- i40e: stop disabling VFs due to PF error responses
(bsc#1012628).
- ice: stop disabling VFs due to PF error responses (bsc#1012628).
- ice: Fix error with handling of bonding MTU (bsc#1012628).
- ice: Don't use GFP_KERNEL in atomic context (bsc#1012628).
- ice: Fix curr_link_speed advertised speed (bsc#1012628).
- ethernet: Fix error handling in xemaclite_of_probe
(bsc#1012628).
- tipc: fix incorrect order of state message data sanity check
(bsc#1012628).
- net: ethernet: ti: cpts: Handle error for clk_enable
(bsc#1012628).
- net: ethernet: lpc_eth: Handle error for clk_enable
(bsc#1012628).
- net: marvell: prestera: Add missing of_node_put() in
prestera_switch_set_base_mac_addr (bsc#1012628).
- ax25: Fix NULL pointer dereference in ax25_kill_by_device
(bsc#1012628).
- net/mlx5: Fix size field in bufferx_reg struct (bsc#1012628).
- net/mlx5: Fix a race on command flush flow (bsc#1012628).
- net/mlx5e: Lag, Only handle events from highest priority
multipath entry (bsc#1012628).
- net/mlx5e: SHAMPO, reduce TIR indication (bsc#1012628).
- NFC: port100: fix use-after-free in port100_send_complete
(bsc#1012628).
- selftests: pmtu.sh: Kill tcpdump processes launched by subshell
(bsc#1012628).
- selftests: pmtu.sh: Kill nettest processes launched in subshell
(bsc#1012628).
- gpio: ts4900: Do not set DAT and OE together (bsc#1012628).
- mm: gup: make fault_in_safe_writeable() use fixup_user_fault()
(bsc#1012628).
- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
(bsc#1012628).
- net: phy: DP83822: clear MISR2 register to disable interrupts
(bsc#1012628).
- sctp: fix kernel-infoleak for SCTP sockets (bsc#1012628).
- net: arc_emac: Fix use after free in arc_mdio_probe()
(bsc#1012628).
- net: bcmgenet: Don't claim WOL when its not available
(bsc#1012628).
- net: phy: meson-gxl: improve link-up behavior (bsc#1012628).
- selftests/bpf: Add test for bpf_timer overwriting crash
(bsc#1012628).
- swiotlb: fix info leak with DMA_FROM_DEVICE (bsc#1012628).
- usb: dwc3: pci: add support for the Intel Raptor Lake-S
(bsc#1012628).
- pinctrl: tigerlake: Revert "Add Alder Lake-M ACPI ID"
(bsc#1012628).
- KVM: Fix lockdep false negative during host resume
(bsc#1012628).
- kvm: x86: Disable KVM_HC_CLOCK_PAIRING if tsc is in always
catchup mode (bsc#1012628).
- spi: rockchip: Fix error in getting num-cs property
(bsc#1012628).
- spi: rockchip: terminate dma transmission when slave abort
(bsc#1012628).
- drm/vc4: hdmi: Unregister codec device on unbind (bsc#1012628).
- of/fdt: move elfcorehdr reservation early for crash dump kernel
(bsc#1012628).
- x86/kvm: Don't use pv tlb/ipi/sched_yield if on 1 vCPU
(bsc#1012628).
- drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
(bsc#1012628).
- net-sysfs: add check for netdevice being present to speed_show
(bsc#1012628).
- hwmon: (pmbus) Clear pmbus fault/warning bits after read
(bsc#1012628).
- nvme-tcp: send H2CData PDUs based on MAXH2CDATA (bsc#1012628).
- PCI: Mark all AMD Navi10 and Navi14 GPU ATS as broken
(bsc#1012628).
- gpio: Return EPROBE_DEFER if gc->to_irq is NULL (bsc#1012628).
- drm/amdgpu: bypass tiling flag check in virtual display case
(v2) (bsc#1012628).
- Revert "xen-netback: remove 'hotplug-status' once it has served
its purpose" (bsc#1012628).
- Revert "xen-netback: Check for hotplug-status existence before
watching" (bsc#1012628).
- ipv6: prevent a possible race condition with lifetimes
(bsc#1012628).
- tracing: Ensure trace buffer is at least 4096 bytes large
(bsc#1012628).
- tracing/osnoise: Make osnoise_main to sleep for microseconds
(bsc#1012628).
- tracing: Fix selftest config check for function graph start
up test (bsc#1012628).
- selftest/vm: fix map_fixed_noreplace test failure (bsc#1012628).
- selftests/memfd: clean up mapping in mfd_fail_write
(bsc#1012628).
- ARM: Spectre-BHB: provide empty stub for non-config
(bsc#1012628).
- fuse: fix fileattr op failure (bsc#1012628).
- fuse: fix pipe buffer lifetime for direct_io (bsc#1012628).
- staging: rtl8723bs: Fix access-point mode deadlock
(bsc#1012628).
- staging: gdm724x: fix use after free in gdm_lte_rx()
(bsc#1012628).
- net: macb: Fix lost RX packet wakeup race in NAPI receive
(bsc#1012628).
- riscv: alternative only works on !XIP_KERNEL (bsc#1012628).
- mmc: meson: Fix usage of meson_mmc_post_req() (bsc#1012628).
- riscv: Fix auipc+jalr relocation range checks (bsc#1012628).
- tracing/osnoise: Force quiescent states while tracing
(bsc#1012628).
- tracing/osnoise: Do not unregister events twice (bsc#1012628).
- arm64: dts: marvell: armada-37xx: Remap IO space to bus address
0x0 (bsc#1012628).
- arm64: Ensure execute-only permissions are not allowed without
EPAN (bsc#1012628).
- arm64: kasan: fix include error in MTE functions (bsc#1012628).
- swiotlb: rework "fix info leak with DMA_FROM_DEVICE"
(bsc#1012628).
- virtio: unexport virtio_finalize_features (bsc#1012628).
- virtio: acknowledge all features before access (bsc#1012628).
- net/mlx5: Fix offloading with ESWITCH_IPV4_TTL_MODIFY_ENABLE
(bsc#1012628).
- ARM: fix Thumb2 regression with Spectre BHB (bsc#1012628).
- watch_queue: Fix filter limit check (bsc#1012628).
- watch_queue, pipe: Free watchqueue state after clearing pipe
ring (bsc#1012628).
- watch_queue: Fix to release page in ->release() (bsc#1012628).
- watch_queue: Fix to always request a pow-of-2 pipe ring size
(bsc#1012628).
- watch_queue: Fix the alloc bitmap size to reflect notes
allocated (bsc#1012628).
- watch_queue: Free the alloc bitmap when the watch_queue is
torn down (bsc#1012628).
- watch_queue: Fix lack of barrier/sync/lock between post and read
(bsc#1012628).
- watch_queue: Make comment about setting ->defunct more accurate
(bsc#1012628).
- x86/boot: Fix memremap of setup_indirect structures
(bsc#1012628).
- x86/boot: Add setup_indirect support in
early_memremap_is_setup_data() (bsc#1012628).
- x86/module: Fix the paravirt vs alternative order (bsc#1012628).
- x86/sgx: Free backing memory after faulting the enclave page
(bsc#1012628).
- x86/traps: Mark do_int3() NOKPROBE_SYMBOL (bsc#1012628).
- drm/panel: Select DRM_DP_HELPER for DRM_PANEL_EDP (bsc#1012628).
- perf parse: Fix event parser error for hybrid systems
(bsc#1012628).
- btrfs: make send work with concurrent block group relocation
(bsc#1012628).
- riscv: dts: k210: fix broken IRQs on hart1 (bsc#1012628).
- vhost: allow batching hint without size (bsc#1012628).
- commit 2bd8d63
- config: enable XFS_RT (bsc#1197190)
- commit d8f0e40
- esp: Fix possible buffer overflow in ESP transformation
(CVE-2022-0886 bsc#1197131).
- commit f5ed8a3
==== protobuf ====
- Change Requires: zlib-devel to pkgconfig(zlib) so as not to conflict with libz-ng-compat1.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
bash-completion
busybox-links
fwupd-efi (1.1 -> 1.2)
grep
p11-kit (0.23.22 -> 0.24.1)
wavpack
=== Details ===
==== bash-completion ====
- remove PS1-completion-boo903362.patch as it breaks on non-bash
shells and the original problem in
bsc#903362#c9 does not occur anymore
- add versioned dependency to bash versions that have the fix
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-sed busybox-xz
- replace copy from buildroot's gzip with a reimplementation
that is not GPLv3 (jsc#PM-3301)
==== fwupd-efi ====
Version update (1.1 -> 1.2)
- Update to version 1.2:
* Release fwupd-efi 1.2
* meson: use stadard objcopy binary
* meson: use find_program() to find the helper scripts we run
* meson: using local copy ldscript when local copy crt0 be used for SBAT
* sbat: clarify project URL
* trivial: Ignore some markdown issues
* Wait 5 seconds to reboot on errors
* Port pre-commit clang-format, codespell, markdownlint from fwupd
* trivial: fixup python errors by codacity/precommit
* trivial: fixup markdown format
* trivial: spelling errors
* Sleep longer when no updates to process
* README: fix typo and URL
* trivial: post release version bump
- Remove 0001-meson-using-local-copy-ldscript-when-local-copy-crt0.patch
(merged upstream)
==== grep ====
- Make profiling deterministic (bsc#1040589)
==== p11-kit ====
Version update (0.23.22 -> 0.24.1)
Subpackages: libp11-kit0 p11-kit-tools
- make sure p11-kit components have matching versions (boo#1196812)
- Update to version 0.24.1:
* rpc: Support protocol version negotiation.
* proxy: Support copying attribute array recursively.
* Link libp11-kit so that it cannot unload.
* Translation improvements.
* Build fixes.
- Update to version 0.24.0:
* Use inclusive language on certificate distrust. Note: This
changes the directory and attribute names to distrust certain
CAs to "blocklist".
* Fix issues spotted by coverity and ASan.
* Integrate gettext with tools more tightly.
* rpc: Forbid use of array of attributes.
* Build fixes.
- Change dirs from blacklist to blocklist ref upstream changes.
==== wavpack ====
- security update
- added patches
fix CVE-2021-44269 [bsc#1197020], out of bounds read in processing .wav file
+ wavpack-CVE-2021-44269.patch
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=T…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
busybox-links
cri-o (1.22.0 -> 1.23.2)
cri-tools (1.22.0 -> 1.23.0)
grep
kubernetes (1.23.0 -> 1.23.4)
kubernetes1.22 (1.22.4 -> 1.22.7)
kubernetes1.23 (1.23.0 -> 1.23.4)
p11-kit (0.23.22 -> 0.24.1)
=== Details ===
==== busybox-links ====
Subpackages: busybox-coreutils busybox-gawk busybox-grep busybox-gzip busybox-sed busybox-xz
- replace copy from buildroot's gzip with a reimplementation
that is not GPLv3 (jsc#PM-3301)
==== cri-o ====
Version update (1.22.0 -> 1.23.2)
Subpackages: cri-o-kubeadm-criconfig
- Update to version 1.23.2:
* config/sysctl: fail if there is a + in the value
* Revert "config/sysctl: fail if there is a + in the value"
* bump to version 1.23.2
* config/sysctl: fail if there is a + in the value
* config/sysctls: validate against invalid spaces
* server: stop deleting pod from idIndex if already gone
* [1.23] ci: use kubernetes 1.23, cri-tools 1.23
* contrib/test/int/build/kubernetes: rm deprecated RunAsGroup
* hack/build-rpms.sh: fix yum-builddep failures
* image: use imageCache value for ImageStatus()
* oci: fix a leaked goroutine
* Reuse createContainerIO in CreateContainer
* Fix vm containers couldn't restore after CRI-O restart
* release-notes: add args for checksum fields
* Updated format
* Generate checksum files for artifacts
* bump to v1.23.1
* test: add test for skipped sysctls
* server: skip sysctls that would affect the host
* server: don't set memory swap when it's not enabled
* deep copy List{PodSandbox,Container} structs
* ci: use main branch for conmon
* server: fix race with kubelet
* Fix runtime panic on pod sandbox stats retrieval
* ci: use main version of runc
* openshift e2e: bump ci image
* server: fix a potential NULL-pointer dereference.
* pass the main mount point to fix crypto profiles binding
* test: update tests for allowed_devices
* config: add AllowedDevices option
* server: drop duplicate log message
* test: add test ensuring a stopped pod is restored
* sandbox stop: remove namespaces
* restore: handle removed namespaces
* Partially revert "restore: restore stop before managing namespace"
* restore: ensure containers are wiped on reboot
* use cmdrunner singleton
* conmonmgr: refactor for new CommandRunner
* cmdrunner: update mocks and add target to makefile
* config: prepend commands with taskset if InfraCtrCPUSet is configured
* cmdrunner: add tests for prepended commands
* cmdrunner: create singleton
* Use timeout for conmon cgroup move
* Fixed a problem where metricImagePullsBytesTotal was getting updated twice and on second call getting incorrect labels
* vendor: bump c/image to 5.17.0
* Add new metrics that match Prometheus best practices and reduce cardinality * add metrics with new names that match naming best practices * use _total for all counters * use base unit seconds, bytes * metrics that do not follow best practices have been marked deprecated, these can be removed in a future release, it is to ensure non-breaking change for couple of releases
* unit test: fix relative log test
* unit tests: update pinns path in case it isn't found in PATH
* test: skip target tests for userns
* test: add test for target namespace
* add support for target PID namespaces
* test: give testunit sudo
* oci: add managed pidns to container object
* pkg/container: take container namespace configuration
* nsmgrtest: take some namespace related test code
* nsmgr: add function to pin existing namespace
* nsmgr: take (and rename) NamespacePathFromProc
* pkg/sandbox: take config initialization
* Bump Kubernetes to v1.23.0
* set user.max_user_namespaces in case it's not
* lint: bump cyclo complexity
* gh-actions/contrib: setup sub{g,u}id
* docs: add tutorial for setting up user namespaces
* oci: put conmon in infra ctr cpuset if it is in the pod cgroup
* test: add tests for user namespace annotations
* test: move workload creation function to helpers
* cni manager: catch server shutdown
* server: notify user when network isn't ready yet
* stop using hardcoded "pod" const
* oci: always reap conmon zombies
* clarify some error messages
* Drop intermediate CRI types
* Relabel containerenv files
* Add minimum_mappable_(u|g)id settings
* Fix runtime panic on stats server shutdown
* restore: restore stop before managing namespace
* server: add {,List}SandboxStats
* server: refactor sandbox list
* server: use stats server to get container stats
* container server: use stats server
* stats: add stats server
* config: add StatsCollectionPeriod field
* cgmgr: move most of stats handling to cgmgr
* oci: make changes in preparation for moving stats functionality:
* server: stub {List,}PodSandboxStats
* server/cri: add PodSandboxStats support
* vendor: bump cri-api
* server/cri: refactor to make stats processing unified
* pkg/config: use iota
* Add go 1.17+ go:build tags
* Remove redundant build tags
* Add containerenv file to containers This file indicates that the current environment is inside a container environment. The same technique is used by podman and docker. The same file name/path as podman was used, as it is vendor agnostic.
* build(deps): bump github.com/containerd/containerd from 1.5.7 to 1.5.8
* config: merge runtime and workload allowed annotations
* Updates kubeadm.md: The cgroup property is removed in [kubeadm-config.v1beta3](https://kubernetes.io/docs/reference/config-api/kubeadm-config.v1beta3/)
* build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
* Specify runtime table format in the error message
* build(deps): bump github.com/containerd/ttrpc from 1.0.2 to 1.1.0
* server: fix segfault when using cgroupv2
* gh-actions: add sed for kube e2e
* release-notes: update to main
* build(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0
* build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
* Bug 2012838: fix override storage options from storage.conf
* oci: fix deadlock in container stop code
* build(deps): bump google.golang.org/grpc from 1.41.0 to 1.42.0
* oci: always close chControl
* oci: make some channels buffered
* build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
* build(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
* build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
* Add annotation that makes /sys/fs/cgroup writable
* Add support for CNI plugins v1.0.1
* bump(deps-opentelemetry)
* pin go.opentelemetry grpc/otelgrpc v0.25.0
* opentelemetry: add gRPC tracing
* build(deps): bump k8s.io/klog/v2 from 2.20.0 to 2.30.0
* build(deps): bump github.com/go-logr/logr from 1.1.0 to 1.2.0
* version: bump to 1.23.0
* build(deps): bump github.com/containers/podman/v3 from 3.3.1 to 3.4.1
* build(deps): bump github.com/containers/common from 0.43.2 to 0.46.0
* test: drop swap disable playbook
* server: add support for CRI unified field
* server: implement swap support
* server/cri: add support for 1.22 features
* test: bump cri-tools version
* scripts: pin cri-tools version
* server: reduce needless copying for sb.NamespaceOptions
* oci: refactor internal structure to use CRI type
* oci: use server CRI metadata type for containers
* sandbox: refactor internal structure to use CRI type
* sandbox: save createdAt as a int64
* build(deps): bump github.com/containerd/cgroups from 1.0.1 to 1.0.2
* build(deps): bump github.com/creack/pty from 1.1.16 to 1.1.17
* build(deps): bump github.com/Microsoft/go-winio from 0.5.0 to 0.5.1
* Bump Kubernetes to v1.22.2
* sandbox: use server CRI metadata type
* docs: emphasize deprecation notice
* update documentation for workloads
* add allowed annotations to workloads
* Log HTTP response writer message instead an error
* oci: use c/common signal parsing function
* Skip volume relabel for super privileged containers
* oci: chown stdin pipe to user in the container
* test: fix selinux test failures
* build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
* Fix runtime handler docs
* build(deps): bump github.com/containers/image/v5 from 5.15.2 to 5.16.1
* scripts: fix release branch forward script
* server: FilterDisallowedAnnotations of containers earlier
* server: conditionally relabel volumes given annotation
* build(deps): bump github.com/containers/storage from 1.36.0 to 1.37.0
* test: refactor allowed_annotation tests
* server: reduce args in addOCIBindMounts
* build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
* test: add label for openshift e2e in dockerfile
* build(deps): bump github.com/containerd/containerd from 1.5.5 to 1.5.7
* test: skip certificate check for downloading parallel
* Remove usge of deprecated apt-key in Ubuntu install
* Fix install.md links
* build(deps): bump google.golang.org/grpc from 1.40.0 to 1.41.0
* use a more appropriate console with code block
* build(deps): bump k8s.io/api from 0.22.1 to 0.22.2
* build(deps): bump k8s.io/cri-api from 0.22.1 to 0.22.2
* build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0
* build(deps): bump github.com/creack/pty from 1.1.15 to 1.1.16
* build(deps): bump k8s.io/apimachinery from 0.22.1 to 0.22.2
* fix node e2e
* build(deps): bump github.com/intel/goresctrl from 0.1.0 to 0.2.0
* bump crio commit used by node e2e installer
* server: mount cgroup if hostNetwork
* server: use container level host network setting
* server: don't recalculate hostnet
* Fix typo in install.md
* Remove one of the explanations for `bind_mount_prefix` because it is duplicated.
* node e2e: keep infra container
* add unit test for the `server/sandbox_remove`.
* test: fix journald test for new conmon
* fix shfmt
* update `install.md` for debian and ubuntu
* build(deps): bump github.com/json-iterator/go from 1.1.11 to 1.1.12
* build(deps): bump k8s.io/client-go from 0.22.1 to 0.22.2
* fix shfmt
* server: set spec when dropping infra
* Update 'master' branch links to 'main'
* bumps pause image to 3.6
* server: don't wait forever on conmon cgroup move fail
* build(deps): bump github.com/containers/storage from 1.34.1 to 1.36.0
* Remove bashism in sh script
* Do not log if Intel RDT is not supported
* build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
* Fix cluster.yaml for kubectl create
* call cmd.Wait() in all cases we call Start()
* oci: call wait on conmon if cgroup move fails
* build(deps): bump github.com/go-logr/logr from 1.0.0 to 1.1.0
* Fix `crio_image_pulls_layer_size_` metrics docs
* Adapt to klog incompatible changes
* build(deps): bump k8s.io/klog/v2 from 2.10.0 to 2.20.0
* Add `--profile-cpu` and `--profile-mem` options
* build(deps): bump github.com/containers/podman/v3 from 3.3.0 to 3.3.1
* server: remove ineffective `updateLock`.
* Fix missing quantile in `latency_microseconds_total` metrics
* Update crio commit for node e2e
* build(deps): bump github.com/fsnotify/fsnotify from 1.4.9 to 1.5.1
* Bump runc binary to 1.0.2
* Switch to go1.17 for CI
* fix debian 10 build doc
* test/testdata/sandbox_config.json: fix the dns_config
* adds updating instructions to install.md
==== cri-tools ====
Version update (1.22.0 -> 1.23.0)
- Update to version 1.23.0:
* Bump docs to v1.23.0
* Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
* Bump github.com/opencontainers/runc from 1.0.2 to 1.0.3
* Bump github.com/docker/docker
* Bump google.golang.org/grpc from 1.42.0 to 1.43.0
* 1.5.9
* Use same grpc max message size as Kubelet
* Add support for cri-dockerd
* Add support for specifying custom test container images.
* Fix cri-dockerd CI runs
* Fix Containerd main branch CI for Windows
* fix ci for dockershim-critest
* Update Windows images for ltsc2022
* images: use k8s-staging-test-infra/gcb-docker-gcloud
* Bump github.com/onsi/gomega from 1.16.0 to 1.17.0
* Refactor fish completion
* Rename bash and zsh completion functions
* Add zsh compinit tag
* Bump google.golang.org/grpc from 1.41.0 to 1.42.0
* Bump github.com/docker/docker
* Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
* Add release publishing workflow
* Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
* Add SHA512 sum for release files
* Bump github.com/docker/docker
* Bump google.golang.org/grpc from 1.40.0 to 1.41.0
* Bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0
* Bump k8s.io/api from 0.22.1 to 0.22.2
* Bump k8s.io/cri-api from 0.22.1 to 0.22.2
* Bump k8s.io/apimachinery from 0.22.1 to 0.22.2
* Bump k8s.io/client-go from 0.22.1 to 0.22.2
* Bump k8s.io/kubectl from 0.22.1 to 0.22.2
* Updates E2E test images registry
* Bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
* Switch to go1.17 for CI
* Bump github.com/opencontainers/runc from 1.0.1 to 1.0.2
* Added dropping/adding `ALL` capabilities case to critest
* Bump github.com/onsi/gomega from 1.15.0 to 1.16.0
* Bump k8s.io/cri-api from 0.22.0 to 0.22.1
* Bump k8s.io/client-go from 0.22.0 to 0.22.1
* Bump k8s.io/api from 0.22.0 to 0.22.1
* Bump k8s.io/apimachinery from 0.22.0 to 0.22.1
* Bump k8s.io/kubectl from 0.22.0 to 0.22.1
* Bump google.golang.org/grpc from 1.39.1 to 1.40.0
* Bump github.com/onsi/gomega from 1.14.0 to 1.15.0
* Bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
* Bump google.golang.org/grpc from 1.39.0 to 1.39.1
==== grep ====
- Make profiling deterministic (bsc#1040589)
==== kubernetes ====
Version update (1.23.0 -> 1.23.4)
Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet
- Bump kubernetes-* to 1.23.4, *-minus1 to 1.22.7
==== kubernetes1.22 ====
Version update (1.22.4 -> 1.22.7)
- Update to version 1.22.7:
* Update Go to 1.16.14
* add namespace in azurefile volumeid
* fix: azurefile volumeid conflict in csi migration
* Execute sync before taking the snapshot
* Mark device as uncertain if unmount device succeeds
* Set max results if its not set
* Update CHANGELOG/CHANGELOG-1.22.md for v1.22.6
* Update k/utils to v0.0.0-20211116205334-6203023598ed
* [go] update to Go 1.16.13
* Enabling kube-proxy metrics on windows kernel mode
* fix: ignore the case when comparing azure tags in service annotation
* fix: remove outdated ipv4 route when the corresponding node is deleted
* fix: delete non existing disk issue
* fix containers order after applying
* generated: ./hack/update-vendor.sh
* upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1
* fix: azuredisk parameter lowercase translation issue
* fix: do not delete the lb that does not exist
* removed unnecessary log line
* Fix header mutation race in timeout filter
* use node informer to check volumes attachment status before backoff
* When volume is not marked in-use, do not backoff
* kubeadm: remove the restriction that the ca.crt can only contain one certificate
* flake fix: remove the error handler for cronjob integration test
* vendor: bump cAdvisor to v0.39.3
* Fix the leak of vSphere client sessions
* fix nil pointer in create secret commands
* client-go: Clear the ResourceVersionMatch on paged list calls
* Update GCE manifest to use konnectivity 0.0.27
* Update to apiserver-network-proxy v0.0.27
* add gce loadbalancer no-op finalizer and existingFwdRule tests
* disable gce service handling if has rbs forwarding rule
* add ELBRbsFinalizer
* add gce elb rbs opt-in annotation
* Improving performance of EndpointSlice controller metrics cache
* fix the error when cleaning up jobs for cronjob
* Update CHANGELOG/CHANGELOG-1.22.md for v1.22.5
* Add test to confirm containers won't start
* Check for failed sandbox and failed workload containers
* mount-utils: Detect potential stale file handle
* [go1.16] Update to go1.16.12
* Skip creating HNS loadbalancer with empty endpoints
* dependencies: Update golang.org/x/net to v0.0.0-20211209124913-491a49abca63
* kubeadm: avoid requiring a CA key during kubeconfig expiration checks
* kubeadm: print the CA of kubeconfig files in "check expiration"
* kubeadm: validate local etcd certficates during expiration checks
* kubelet: set failed phase during graceful shutdown
* [go1.16] Update to go1.16.11
* fix: ignore the case when updating tags
* Ensure deletion of pods in queues and cache
* kubelet: Rejected pods should be filtered from admission
* kube-scheduler: Increase the duration to expire an assumed pod
* Skip check for all topology labels when using system default spreading
* workqueue: fix leak in queue preventing objects from being GCed
* Fix workqueue memory leak
* Ignore 'wait: no child processes' error when calling mount/umount
* Reduce calls to docker from dockershim for stats
* Update CHANGELOG/CHANGELOG-1.22.md for v1.22.4
* Add warning about using unsupported CRON_TZ
* Fix flake caused by sampling signal counter too early.
* Ensure there is one running static pod with the same full name
* NodeConformance: Respect grace period when updating static pod
* Fix concurrent map writes error in kube-apiserver
* e2e: node: release-1.22: backport findKubeletServiceName
* node: e2e: add test for the checkpoint recovery
* devicemanager: checkpoint: support pre-1.20 data
* fix: remove VMSS and VMSS instances from SLB backend pool only when necessary
* fix: leave the probe path empty for TCP probes
* fix: skip instance not found when decoupling vmss from lb
==== kubernetes1.23 ====
Version update (1.23.0 -> 1.23.4)
Subpackages: kubernetes1.23-client kubernetes1.23-client-common kubernetes1.23-kubeadm kubernetes1.23-kubelet kubernetes1.23-kubelet-common
- Update to version 1.23.4:
* Update Go to 1.17.7
* Use serializable struct for x-kubernetes-validations in openapi
* Make JSON schema round tripping test more strict
* ignore CRI PodSandboxNetworkStatus for host network pods
* set secondary address on host-network pods
* Deeply copy JSONSchemaProps.XValidations.
* Ensure the execHostnameTest() compares hostnames
* Revert "Fix comparison between FQDN and hostname"
* service REST: Call Decorator(old) on update path
* add namespace in azurefile volumeid
* fix: azurefile volumeid conflict in csi migration
* Mark device as uncertain if unmount device succeeds
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.3
* kubelet: fix podstatus not containing pod full name
* Fix bug with node restriction blocking pvc.status.resizestatus change
* Fix regression pruning array fields with x-kubernetes-preserve-unknown-fields: true
* Set max results if its not set
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.2
* Update k/utils to v0.0.0-20211116205334-6203023598ed
* [go] update to Go 1.17.6
* fix: remove outdated ipv4 route when the corresponding node is deleted
* fix: delete non existing disk issue
* Revert "Automated cherry pick of #107554: Correct the feature gate string for RBD migration."
* fix containers order after applying
* generated: ./hack/update-vendor.sh
* upgrade sigs.k8s.io/structured-merge-diff/v4 to v4.2.1
* Execute sync before taking the snapshot
* Correct the feature gate string for RBD migration.
* fix: azuredisk parameter lowercase translation issue
* removed unnecessary log line
* kubectl: add integration test for result reporting
* cli: let kubectl handle error printing
* cli: avoid logging command line errors in more cases
* Fix header mutation race in timeout filter
* clear pod's .status.nominatedNodeName when necessary
* use node informer to check volumes attachment status before backoff
* When volume is not marked in-use, do not backoff
* kubeadm: remove the restriction that the ca.crt can only contain one certificate
* flake fix: remove the error handler for cronjob integration test
* Fix the leak of vSphere client sessions
* fix nil pointer in create secret commands
* Fix order of commands in the snapshot tests for persistent volumes
* client-go: Clear the ResourceVersionMatch on paged list calls
* Improving performance of EndpointSlice controller metrics cache
* fix the error when cleaning up jobs for cronjob
* Update CHANGELOG to add missing release notes.
* apf: ensure exempt request notes the classification
* Enabling kube-proxy metrics on windows kernel mode
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.1
* add gce loadbalancer no-op finalizer and existingFwdRule tests
* disable gce service handling if has rbs forwarding rule
* add ELBRbsFinalizer
* add gce elb rbs opt-in annotation
* cherry pick of knp 0.0.27
* Remove JSON logging performance regression
* Re-introduce removed kubectl --dry-run values.
* Point flowcontrol users at v1beta2
* [go1.17] Update to go1.17.5
* dependencies: Update golang.org/x/net to v0.0.0-20211209124913-491a49abca63
* mount-utils: Detect potential stale file handle
* Skip creating HNS loadbalancer with empty endpoints
* Add regression test for CPUManager distribute NUMA algorithm
* Add unit test for CPUManager distribute NUMA algorithm verifying fixes
* Fix accounting bug in CPUManager distribute NUMA policy
* Fix error handling in CPUManager distribute NUMA tests
* Add a sum() helper to the CPUManager cpuassignment logic
* Allow the map.Values() function in the CPUManager to take a set of keys
* Fix CPUManager algo to calculate min NUMA nodes needed for distribution
* Fix unit tests following bug fix in CPUManager for map functions (2/2)
* Fix unit tests following bug fix in CPUManager for map functions (1/2)
* Fix bug in CPUManager map.Keys() and map.Values() implementations
* Ensure we balance across *all* NUMA nodes in NUMA distribution algo
* Short-circuit CPUManager distribute NUMA algo for unusable cpuGroupSize
* Round the CPUManager mean and stddev calculations to the nearest 1000th
* updated deprecation messages from 1.23 to 1.24
* kubelet: set failed phase during graceful shutdown
* kubeadm: avoid requiring a CA key during kubeconfig expiration checks
* kubeadm: print the CA of kubeconfig files in "check expiration"
* kubeadm: validate local etcd certficates during expiration checks
* publishing-bot/doc: add component-helpers to the readme
* publishing-bot/rules: remove non existing component-helpers branch 1.19 from the rules
* Changelog: mention kube-scheduler bits deprication
* rbd: initialize ceph monitors slice with an empty value.
* Direct v2betaX users to migrate to HPA v2
* DelegateFSGroupToCSIDriver e2e: skip tests with chgrp
* Update CHANGELOG/CHANGELOG-1.23.md for v1.23.0
* [go1.17] Update to go1.17.4
==== p11-kit ====
Version update (0.23.22 -> 0.24.1)
Subpackages: libp11-kit0 p11-kit-tools
- make sure p11-kit components have matching versions (boo#1196812)
- Update to version 0.24.1:
* rpc: Support protocol version negotiation.
* proxy: Support copying attribute array recursively.
* Link libp11-kit so that it cannot unload.
* Translation improvements.
* Build fixes.
- Update to version 0.24.0:
* Use inclusive language on certificate distrust. Note: This
changes the directory and attribute names to distrust certain
CAs to "blocklist".
* Fix issues spotted by coverity and ASan.
* Integrate gettext with tools more tightly.
* rpc: Forbid use of array of attributes.
* Build fixes.
- Change dirs from blacklist to blocklist ref upstream changes.
1
0
Please note that this mail was generated by a script.
The described changes are computed based on the aarch64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version…
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&com…
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
Mesa (21.3.7 -> 22.0.0)
Mesa-drivers (21.3.7 -> 22.0.0)
NetworkManager-openvpn (1.8.16 -> 1.8.18)
appstream-glib (0.7.18+30 -> 0.7.18+31)
bluez (5.62 -> 5.63)
boost-base
dbus-1
ffmpeg-4
glib2-branding-openSUSE
grub2
harfbuzz (4.0.0 -> 4.0.1)
iproute2
kernel-firmware (20220224 -> 20220309)
kfilemetadata5
librsvg (2.52.6 -> 2.52.7)
libsolv (0.7.20 -> 0.7.21)
libzypp (17.29.5 -> 17.29.6)
ncurses (6.3.20220226 -> 6.3.20220312)
openssl (1.1.1m -> 1.1.1n)
openssl-1_1 (1.1.1m -> 1.1.1n)
python-more-itertools
python-py
qemu
rpm
sqlite3 (3.37.2 -> 3.38.1)
xorg-x11-server
zlib-ng-compat (2.0.5 -> 2.0.6)
=== Details ===
==== Mesa ====
Version update (21.3.7 -> 22.0.0)
Subpackages: Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0 libgbm1
- U_meson-restore-private-requires-to-libdrm-in-dri.pc-f.patch
* Due to a typo the private requires to libdrm were lost in dri.pc.
Fixed another typo (only comment).
- enabled "i915" Gallium-based Intel Gen3 driver
- fixed llvm/clang buildrequires for sle15-sp4/Leap 15.4
- no longer try to build classic non-Gallium OpenGL drivers
i915, i965, nouveau, r100 and r200, which have been dropped with
Mesa 22.0.0; see also some documentation on Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=Mesa-Classic-Retired
- update to 22.0.0
* lavapipe,radv,anv KHR_dynamic_rendering
* radv EXT_image_view_min_lod
* VK_KHR_synchronization2 on RADV.
* OpenSWR has been moved to the Amber branch
* radeonsi, zink ARB_sparse_texture
* d3d12 GLES3.1 (shader storage buffers, images, compute, indirect draw, draw params,
ARB_framebuffer_no_attachments, ARB_sample_shading, and GLSL400)
* radeonsi, zink ARB_sparse_texture2
* zink EXT_memory_object, EXT_memory_object_fd, EXT_semaphore, EXT_semaphore_fd
* anv VK_VALVE_mutable_descriptor_type
* Vulkan 1.3 on RADV,Anv.
* radeonsi, zink ARB_sparse_texture_clamp
==== Mesa-drivers ====
Version update (21.3.7 -> 22.0.0)
Subpackages: Mesa-dri Mesa-gallium
- U_meson-restore-private-requires-to-libdrm-in-dri.pc-f.patch
* Due to a typo the private requires to libdrm were lost in dri.pc.
Fixed another typo (only comment).
- enabled "i915" Gallium-based Intel Gen3 driver
- fixed llvm/clang buildrequires for sle15-sp4/Leap 15.4
- no longer try to build classic non-Gallium OpenGL drivers
i915, i965, nouveau, r100 and r200, which have been dropped with
Mesa 22.0.0; see also some documentation on Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=Mesa-Classic-Retired
- update to 22.0.0
* lavapipe,radv,anv KHR_dynamic_rendering
* radv EXT_image_view_min_lod
* VK_KHR_synchronization2 on RADV.
* OpenSWR has been moved to the Amber branch
* radeonsi, zink ARB_sparse_texture
* d3d12 GLES3.1 (shader storage buffers, images, compute, indirect draw, draw params,
ARB_framebuffer_no_attachments, ARB_sample_shading, and GLSL400)
* radeonsi, zink ARB_sparse_texture2
* zink EXT_memory_object, EXT_memory_object_fd, EXT_semaphore, EXT_semaphore_fd
* anv VK_VALVE_mutable_descriptor_type
* Vulkan 1.3 on RADV,Anv.
* radeonsi, zink ARB_sparse_texture_clamp
==== NetworkManager-openvpn ====
Version update (1.8.16 -> 1.8.18)
Subpackages: NetworkManager-openvpn-gnome
- Update to version 1.8.18:
+ Gtk4 version of the editor plugin is now available (for use
with Control Center of GNOME 42 or later).
+ Updated translations.
- Drop nm-openvpn-bsc#1186091.patch: Fixed upstream.
- Rebase patch with quilt.
- Add pkgconfig(gtk4) and pkgconfig(libnma-gtk4) BuildRequires and
pass --with-gtk4=yes to configure, build the gtk4 version.
- Stop passing --without-libnm-glib to configure, no longer
needed, nor recognized.
- Pass --enable-lto=yes to configure, build using LTO support.
- Add optional libxml2-tools BuildRequires, build runs
xml-stripblanks preprocessing if available.
==== appstream-glib ====
Version update (0.7.18+30 -> 0.7.18+31)
Subpackages: libappstream-glib8
- Update to version 0.7.18+31:
* Fix extracting relative symlinks (boo#1196459)
==== bluez ====
Version update (5.62 -> 5.63)
Subpackages: bluez-cups libbluetooth3
- Add code to restore user modifications for modprobe.d %config files
after moving the files to %_modprobedir
- Use %_modprobedir (jsc#SLE-20639)
- update to version 5.63:
* Fix issue with storing IRK causing invalid read access.
* Fix issue with disconnecting due to GattCharacteristic1.MTU.
* Add support for Device{Found,Lost} of advertising monitoring.
==== boost-base ====
Subpackages: boost-license1_78_0 libboost_thread1_78_0
- add dependency on libzstd and libzstd-devel to get on-the-fly
zstd compression in boost-iostreams
==== dbus-1 ====
Subpackages: libdbus-1-3
- set runstatedir correctly
==== ffmpeg-4 ====
Subpackages: libavcodec58_134 libavformat58_76 libavutil56_70 libswresample3_9
- Fix OS version check, so nvcodec is enabled for Leap too.
==== glib2-branding-openSUSE ====
- Update .gschema.override.in: Change default libreoffice startup
entry to libreoffice-startcenter.desktop according to the
libreoffice update (bsc#1195836, bsc#1196951).
==== grub2 ====
Subpackages: grub2-arm64-efi grub2-snapper-plugin
- Fix grub-install error when efi system partition is created as mdadm software
raid1 device (bsc#1179981) (bsc#1195204)
* 0001-install-fix-software-raid1-on-esp.patch
- Fix riscv64 build error
* 0001-RISC-V-Adjust-march-flags-for-binutils-2.38.patch
- Fix error in grub-install when linux root device is on lvm thin volume
(bsc#1192622) (bsc#1191974)
* 0001-grub-install-bailout-root-device-probing.patch
==== harfbuzz ====
Version update (4.0.0 -> 4.0.1)
Subpackages: libharfbuzz-gobject0 libharfbuzz-icu0 libharfbuzz-subset0 libharfbuzz0 typelib-1_0-HarfBuzz-0_0
- Update to version 4.0.1:
+ Update OpenType to AAT mappings for ?hist? and ?vrtr? features
+ Update IANA Language Subtag Registry to 2022-03-02
+ Update USE shaper to allow any non-numeric tail in a symbol
cluster, and remove obsolete data overrides
+ Fix handling of baseline variations to return correctly scaled
values
==== iproute2 ====
- Add eBPF(libbpf) support
- Adjust NETNS_RUN_DIR from /var/run to /run
==== kernel-firmware ====
Version update (20220224 -> 20220309)
Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network
- Update to version 20220309 (git commit cd01f857da28):
* iwlwifi: add new FWs from core68-60 release
* ath11k: add links for WCN6855 hw2.1
* ath11k: WCN6855 hw2.0: add WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3
* ath11k: WCN6855 hw2.0: add board-2.bin and regdb.bin
* ath10k/ath11k: mark notice.txt as "File:"
* linux-firmware: add firmware for MT7986
* amdgpu: add firmware for SDMA 5.2.7 IP block
* amdgpu: add firmware for PSP 13.0.8 IP block
* amdgpu: add firmware for DCN 3.1.6 IP block
* amdgpu: add firmware for GC 10.3.7 IP block
* rtw89: 8852a: update fw to v0.13.36.0
* iwlwifi: update 9000-family firmwares to core68-60
* amdgpu: update raven2 VCN firmware
* amdgpu: update raven VCN firmware
* amdgpu: update picasso VCN firmware
* linux-firmware: Update firmware file for Intel Bluetooth 9462
* linux-firmware: Update firmware file for Intel Bluetooth 9462
* linux-firmware: Update firmware file for Intel Bluetooth 9560
* linux-firmware: Update firmware file for Intel Bluetooth 9560
* linux-firmware: Update firmware file for Intel Bluetooth AX201
* linux-firmware: Update firmware file for Intel Bluetooth AX201
* linux-firmware: Update firmware file for Intel Bluetooth AX211
* linux-firmware: Update firmware file for Intel Bluetooth AX211
* linux-firmware: Update firmware file for Intel Bluetooth AX210
* linux-firmware: Update firmware file for Intel Bluetooth AX200
* linux-firmware: Update firmware file for Intel Bluetooth AX201
* linux-firmware: Update firmware file for Intel Bluetooth 9560
* linux-firmware: Update firmware file for Intel Bluetooth 9260
* linux-firmware: Update AMD SEV firmware
* rtw89: 8852a: update fw to v0.13.35.0
==== kfilemetadata5 ====
- Build the optional mobipocket extractor.
QMobipocket only depends on Qt and shouldn't cause any issue.
==== librsvg ====
Version update (2.52.6 -> 2.52.7)
Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0
- Update to version 2.52.7:
+ Backport a fix for the regression that was introduced in the
last release: Output filled text as text for PDF; fixes
regression due to outputting all text as paths.
==== libsolv ====
Version update (0.7.20 -> 0.7.21)
- fix segfault on conflict resolution when using bindings
- fix split provides not working if the update includes a forbidden
vendor change
- support strict repository priorities
new solver flag: SOLVER_FLAG_STRICT_REPO_PRIORITY
- support zstd compressed control files in debian packages
- add an ifdef allowing to rename Solvable dependency members
("requires" is a keyword in C++20)
- support setting/reading userdata in solv files
new functions: repowriter_set_userdata, solv_read_userdata
- support queying of the custom vendor check function
new function: pool_get_custom_vendorcheck
- support solv files with an idarray block
- allow accessing the toolversion at runtime
- bump version to 0.7.21
==== libzypp ====
Version update (17.29.5 -> 17.29.6)
- Fix package signature check (bsc#184501)
Pay attention that header and payload are secured by a valid
signature and report more detailed which signature is missing.
- Retry umount if device is busy (bsc#1196061, closes #381)
A previously released ISO image may need a bit more time to
release it's loop device. So we wait a bit and retry.
- Fix serializing/deserializing type mismatch in zypp-rpm
protocol (bsc#1196925)
- Fix handling of ISO media in releaseAll (bsc#1196061)
- Hint on common ptf resolver conflicts (bsc#1194848)
- version 17.29.6 (22)
==== ncurses ====
Version update (6.3.20220226 -> 6.3.20220312)
Subpackages: libncurses6 ncurses-utils terminfo-base
- Add ncurses patch 20220312
+ add xterm+acs building-block -TD
+ add xterm-p370, for use in older terminals -TD
+ add dec+sl to xterm-new, per patch #371 -TD
+ add mosh and mosh-256color -TD
- Correct offsets of patches
* ncurses-5.9-ibm327x.dif
* ncurses-6.3.dif
- Add ncurses patch 20220305
+ replace obsolescent "-gnatg" option with "-gnatwa" and "-gnatyg", to
work around build problems with gnat 12.
+ update external links in Ada95.html
+ trim unused return-value from canonical_name().
==== openssl ====
Version update (1.1.1m -> 1.1.1n)
- Update to 1.1.1n release
==== openssl-1_1 ====
Version update (1.1.1m -> 1.1.1n)
Subpackages: libopenssl1_1
- Update to 1.1.1n: [bsc#1196877, CVE-2022-0778]
* Security fix [CVE-2022-0778]: Infinite loop for non-prime moduli
in BN_mod_sqrt() reachable when parsing certificates.
* Add ciphersuites based on DHE_PSK (RFC 4279) and ECDHE_PSK
(RFC 5489) to the list of ciphersuites providing Perfect Forward
Secrecy as required by SECLEVEL >= 3.
* Rebase openssl-1.1.1-fips.patch openssl-1.1.1-evp-kdf.patch
==== python-more-itertools ====
- use python_expand for fdupes
==== python-py ====
- use %python_expand for %fdupes
==== qemu ====
Fix bsc#1189702 CVE-2021-3713
* Patches added:
hw-nvram-at24-return-0xff-if-1-byte-addr.patch
==== rpm ====
- drop rpm-deptracking.patch, this is already upstream and
we were just adding it twice
- use fileprovide /usr/bin/gzip for "rpm-build" to make alternative
providers possible
- add leave-malloc-check-set.diff to actually use MALLOC_CHECK_ during
build
==== sqlite3 ====
Version update (3.37.2 -> 3.38.1)
- update to 3.38.1:
* Fix problems with the new Bloom filter optimization that might
cause some obscure queries to get an incorrect answer.
* Fix the localtime modifier of the date and time functions so
that it preserves fractional seconds.
* Fix the sqlite_offset SQL function so that it works correctly
even in corner cases such as when the argument is a virtual
column or the column of a view.
* Fix row value IN operator constraints on virtual tables so that
they work correctly even if the virtual table implementation
relies on bytecode to filter rows that do not satisfy the
constraint.
* Other minor fixes to assert() statements, test cases, and
documentation. See the source code timeline for details.
- add upstream patch to run atof1 tests only on x86_64
sqlite-src-3380100-atof1.patch
- update to 3.38.0
* Add the -> and ->> operators for easier processing of JSON
* The JSON functions are now built-ins
* Enhancements to date and time functions
* Rename the printf() SQL function to format() for better
compatibility, with alias for backwards compatibility.
* Add the sqlite3_error_offset() interface for helping localize
an SQL error to a specific character in the input SQL text
* Enhance the interface to virtual tables
* CLI columnar output modes are enhanced to correctly handle tabs
and newlines embedded in text, and add options like "--wrap N",
"--wordwrap on", and "--quote" to the columnar output modes.
* Query planner enhancements using a Bloom filter to speed up
large analytic queries, and a balanced merge tree to evaluate
UNION or UNION ALL compound SELECT statements that have an
ORDER BY clause.
* The ALTER TABLE statement is changed to silently ignores
entries in the sqlite_schema table that do not parse when
PRAGMA writable_schema=ON
==== xorg-x11-server ====
Subpackages: xorg-x11-server-Xvfb
- u_sync-pci-ids-with-Mesa-22.0.0.patch
* sync pci ids with Mesa 22.0.0
==== zlib-ng-compat ====
Version update (2.0.5 -> 2.0.6)
- Update to 2.0.6:
* Fix hangs on macOS #1031
* Fix minideflate write buffers being overwritten #1060
* Fix deflateBound and compressBound returning too small size estimates #1049 #1071
* Fix incorrect function declaration warning #1080
* Fix build problems when building outside of source dir #1049
* Fix build problems on arm2-7 #1030
* Fixed some compile warnings #1020 #1036 #1037 #1048
* Improved posix memalign support #888
* Improvements to testing #637 #1026 #1032 #1035 #1049 #1051 #1056 #1063 #1067
* Improvements for integration into other projects #1022 #1042
* Code style fixes #637 #1040 #1050 #1075
1
0