Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&version=Tumbleweed&build=20210408 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=Kubic&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: curl (7.75.0 -> 7.76.0) icu installation-images-MicroOS (16.56 -> 16.62) makedumpfile (1.6.7 -> 1.6.8) ncurses (6.2.20210313 -> 6.2.20210327) openssl (1.1.1j -> 1.1.1k) openssl-1_1 (1.1.1j -> 1.1.1k) systemd (246.11 -> 246.13) vim (8.2.2607 -> 8.2.2725) === Details === ==== curl ==== Version update (7.75.0 -> 7.76.0) Subpackages: libcurl4 - Update to 7.76.0 * Security fixes: - [bsc#1183933, CVE-2021-22876]: strip credentials from the auto-referer header field - [bsc#1183934, CVE-2021-22890]: add 'isproxy' argument to Curl_ssl_get/addsessionid() * Changes: - cookies: Support multiple -b parameters - curl: add --fail-with-body - doh: add options to disable ssl verification - http: add support to read and store the referrer header - sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl - vtls: initial implementation of rustls backend * Bugfixes: - CVE-2021-22876: strip credentials from the auto-referer header field - CVE-2021-22890: add 'isproxy' argument to Curl_ssl_get/addsessionid() - c-hyper: support automatic content-encoding - configure: only add OpenSSL paths if they are defined - configure: provide Largefile feature for curl-config - curl: set CURLOPT_NEW_FILE_PERMS if requested - doh: Fix sharing user's resolve list with DOH handles - doh: Inherit CURLOPT_STDERR from user's easy handle - dynbuf: bump the max HTTP request to 1MB - ftp: add 'list_only' to the transfer state struct - ftp: add 'prefer_ascii' to the transfer state struct - ftp: allow SIZE to fail when doing (resumed) upload - ftp: avoid SIZE when asking for a TYPE A file - ftp: fix memory leak in ftp_done - ftp: never set data->set.ftp_append outside setopt - gnutls: assume nettle crypto support - http2: don't set KEEP_SEND when there's no more data to be sent - http2: fail if connection terminated without END_STREAM - http: do not add a referrer header with empty value - http: strip default port from URL sent to proxy - http: use credentials from transfer, not connection - lib: remove 'conn->data' completely - multi: close the connection when h2=>h1 downgrading - multi: do once-per-transfer inits in before_perform in DID state - multi: rename the multi transfer states - multi: update pending list when removing handle - ngtcp2: adapt to the new recv_datagram callback - ngtcp2: clarify calculation precedence - ngtcp2: sync with recent API updates - openssl: adapt to v3's new const for a few API calls - openssl: ensure to check SSL_CTX_set_alpn_protos return values - openssl: remove get_ssl_version_txt in favor of SSL_get_version - parse_proxy: fix a memory leak in the OOM path - url: fix memory leak if OOM in the HSTS handling - url: fix possible use-after-free in default protocol - urldata: don't touch data->set.httpversion at run-time - urldata: merge "struct DynamicStatic" into "struct UrlState" - urldata: remove the 'rtspversion' field - urldata: remove the _ORIG suffix from string names - wolfssl: don't store a NULL sessionid ==== icu ==== Subpackages: libicu68 libicu68-ledata - Add icu-drop-testTemperature.patch to fix boo#1182645 The test has been dropped in master branch ==== installation-images-MicroOS ==== Version update (16.56 -> 16.62) - merge gh#openSUSE/installation-images#473 - adjust NVME config initialisation (bsc#1183230) - 16.62 - merge gh#openSUSE/installation-images#470 - Fix firmware dir for usrmerge (boo#1029961) - remote_log_setup: support loghost with port - 16.61 - merge gh#openSUSE/installation-images#450 - Add support for riscv64 - 16.60 - merge gh#openSUSE/installation-images#475 - remove bind-libs BuildRequires - 16.59 - merge gh#openSUSE/installation-images#474 - remove changelog file - update git2log script to latest version - clean up VERSION - remove .gitignore - 16.58 - merge gh#openSUSE/installation-images#472 - handle update-alternative symlinks automatically - remove update-alternative hacks - 16.57 ==== makedumpfile ==== Version update (1.6.7 -> 1.6.8) - Support kernel 5.11: * makedumpfile-use-uts_namespace.name-offset-VMCOREINFO.patch: make use of 'uts_namespace.name' offset in VMCOREINFO. - Update upstream project location (URL and Source). - Update to version 1.6.8: * Support newer kernels up to v5.9 * arm64: Add support for ARMv8.2-LPA (52-bit PA support) * Retrieve MAX_PHYSMEM_BITS from vmcoreinfo * sadump, kaslr: fix failure of calculating kaslr_offset * Introduce --check-params option * cope with not-present mem section - Drop upstreamed patches: * makedumpfile-Fix-cd_header-offset-overflow-with-large-pfn.patch * makedumpfile-arm64-Align-PMD_SECTION_MASK-with-PHYS_MASK.patch * makedumpfile-sadump-Fix-failure-of-reading.patch - Allow to read kernel log from the lockless ringbuffer (bsc#1183965): * makedumpfile-printk-add-support-for-lockless-ringbuffer.patch * makedumpfile-printk-use-committed-finalized-state-value.patch ==== ncurses ==== Version update (6.2.20210313 -> 6.2.20210327) Subpackages: libncurses6 ncurses-utils terminfo-base - Disable pcre support for now (boo#1183960, boo#1184083) - Add ncurses patch 20210327 + build-fixes for Solaris10 /bin/sh + fix some cppcheck warnings, mostly style, in ncurses test-programs, form and menu libraries. - Add ncurses patch 20210323 + add configure option --enable-stdnoreturn, making the _Noreturn keyword optional to ease transition (prompted by report by Rajeev V Pillai). - Enhence cursescheck script - Disable _Noreturn usage as it breaks build of e.g. dialog - Add ncurses patch 20210320 + improve parameter-checking in tput by forcing it to analyze any extended string capability, e.g., as used in the Cs and Ms capabilities of the tmux description (report by Brad Town, cf: 20200531). + remove an incorrect free in the fallback (non-checking) version of _nc_free_and_exit (report by Miroslav Lichvar). + correct use-ordering in some xterm-direct flavors -TD + add hterm, hterm-256color (Mike Frysinger) + if the build-time compiler accepts c11's _Noreturn keyword, use that rather than gcc's attribute. + change configure-check for gcc's noreturn attribute to assume it is a prefix rather than suffix, matching c11's _Noreturn convention. + add "lint" rule to c++/Makefile, e.g., with cppcheck. - Port patch ncurses-6.2.dif by correcting offsets ==== openssl ==== Version update (1.1.1j -> 1.1.1k) - Update to 1.1.1k release ==== openssl-1_1 ==== Version update (1.1.1j -> 1.1.1k) Subpackages: libopenssl1_1 - Update to 1.1.1k * Fixed a problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. This flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. ([CVE-2021-3450]) * Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. ([CVE-2021-3449]) ==== systemd ==== Version update (246.11 -> 246.13) Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Import commit 14581e01203df7aa63c7c8383a12e6ebe258476f (merge of v246.13) 423b1e759c Revert "resolved: gracefully handle with packets with too large RR count" (bsc#1183745) 4723778738 meson.build: make xinitrcdir configurable (bsc#1183408) [...] For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/9753d1c17545a5d46530696cb14254f5... - Drop 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch as it's part of v246.13. - Make use of the new build option to ship xinitrc in /usr/etc/X11/xinit/xinitrc.d (bsc#1183408) - Add 0001-Revert-resolved-gracefully-handle-with-packets-with-.patch Temporary workaround for bsc#1183745 (upstream issue 18917) until an actual fix is found. - Default to the "unified" cgroup hierarchy. At this point, most users of cgroup (such as docker, libvirt, kubernetes) should be ready for this change. It's still possible to switch back to the old "hybrid" hierarchy by passing "systemd.unified_cgroup_hierarchy=0" option to the kernel command line. ==== vim ==== Version update (8.2.2607 -> 8.2.2725) Subpackages: vim-data-common vim-small - Updated to version 8.2.2725, fixes the following problems * strcharpart() cannot include composing characters. * Character input not fully tested. * Test disabled on MS-Windows even though it should work. * Mouse click test fails when using remote connection. * Conditions for startup tests are not exactly right. * col('.') may get outdated column value. * New test throws exception. * Vim9: function is deleted while executing. * Test is sourcing the wrong file. * Vim9: if 'cpo' is changed in Vim9 script it may be restored. * Vim9: script variable in a block scope not found by a nested function. * Vim9: cannot use a normal list name to store function refs. * Vim9: no test for return type of lambda. * Vim9: Using #{ for a dictionary gives strange errors. * typval2type() cannot handle recursive structures. * GTK: error when starting up and -geometry is given. (Dominique Pellé) * Some tests fail when run as root. * Atom files not recognized. * Rss files not recognized. * GTK3: error when starting up and -geometry is given. (Dominique Pellé) * No need to check for BSD after checking for not root. * Vim9: #{ can still be used at the script level. * Vim9: error for #{{ is not desired. * Hard to see where a test gets stuck. * Commands from winrestcmd() do not always work properly. (Leonid V. Fedorenchik) * Not all command line arguments are tested. * Multi-byte 'fillchars' for folding do not show properly. * 'tagfunc' does not indicate using a pattern. * Vim9: cannot define an inline function. * Memory leak when compiling inline function. * prop_remove() causes a redraw even when nothing changed. * Cannot write a message to the terminal from the GUI. * Build failure when fsync() is not available. * screenstring() returns non-existing composing characters. * Display test fails because of lacking redraw. * Vim9: no clear error for wrong inline function. * Various code not covered by tests. * prop_clear() causes a screen update even when nothing changed. * Using inline function is not properly tested. * Vim9: error for not using string doesn't mention argument. * Terminal test sometimes hangs. * Terminal resize test sometimes hangs. * Vim9: some wincmd arguments cause a white space error. * Vim9: command modifiers not handled in nested function. * Vim9: restoring command modifiers happens after jump. * Vim9: can use command modifier without an effect. * Build failure. * Vim9: getting a character from a string can be slow. * The -w command line argument doesn't work. * Some command line arguments and regexp errors not tested. * Vim9: error message for declaring variable in for loop. * :for cannot loop over a string. * Eval test fails because for loop on string works. * Vim9: no error for declaration with trailing text. * Leaking memory when looping over a string. * There is no way to avoid some escape sequences. * Vim9: leaking memory when inline function has an error. * Vim9: not enough function arguments checked for string. * Test failures. * Vim9: not enough function arguments checked for string. * prop_find() cannot find item matching both id and type. * Vim9: omitting "call" for "confirm()" does not give an error. * Command line completion does not work after "vim9". * Vim9: error for append(0, text). * Error for line number in legacy script. * Vim9: cannot use :lockvar and :unlockvar in compiled script. * Vim9: script-local funcref can have lower case name. * Directory change in a terminal window shell is not followed. * Missing error message. * Vim9: cannot use only some of the default arguments. * Test for 'autoshelldir' does not reset the option. * Winbar drawn over status line for non-current window with winbar if frame is zero height. (Leonid V. Fedorenchik) * Vim9: problem defining a script variable from legacy function. * Vim9: test fails for redeclaring script variable. * Vim9: cannot find Name.Func from "import * as Name". (Alexander Goussas) * Build failure without the +eval feature. * Not enough folding code is tested. * Custom statusline not drawn correctly with WinBar. * Status line is not updated when going to cmdline mode. * Vim9: cannot use "const" for global variable in :def function. * Vim9: crash when using s: for script variable. * Tiny build fails. * PowerShell files are not recognized. * Autoconf may mess up compiler flags. * Vim9: locked script variable can be changed. * Vim9: locked script variable can be changed. * When 'matchpairs' is empty every character beeps. (Marco Hinz) * Cursor position reset with nested autocommands. * Lua test fails with Lua 5.4.3 and later. * Function list test fails. * Lua test fails on MS-Windows. * Lua test fails. * Nested autocmd test fails sometimes. * Order of removing FORTIFY_SOURCE is wrong. * Compiler completion test fails when more scripts are added. * Vim9: memory leak when failing on locked variable. * Adding a lot of completions can be a bit slow. * Vim9: misleading reported line number for wrong type. * Vim9: wrong line number reported for boolean operator. * Adding a lot of completions can still be a bit slow. * Test sometimes fails waiting for shell in terminal. * The GTK GUI has a gap next to the scrollbar. * Vim9: not all tests cover script and :def function. * "gj" in a closed fold does not move out of the fold. (Marco Hinz) * Memory leak when adding to a blob fails. * Folding code not sufficiently tested. * Filetype pattern ending in star is too far up. * Vim9: tests fail without the channel feature. (Dominique Pellé) * The equivalent class regexp is missing some characters. * GTK menu items don't show a tooltip. * Vim9: no explicit test for using a global function without the g: prefix. * Vim9: appending to dict item doesn't work in a :def function. * GTK menu tooltip moves the cursor. * Vim9: cannot have a linebreak inside a lambda. * Vim9: crash when using LHS with double index. * Assignment test fails. * Vim9: concatenating to list in dict not tested. * Vim9: message about compiling is wrong when using try/catch.