New Kubic snapshot 20220128 released! - openSUSE Kubic

29 Jan 2022


      Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=1&ve...
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&...
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
  ethtool (5.15 -> 5.16)
  iputils
  keylime
  polkit
  toolbox
  util-linux (2.37.2 -> 2.37.3)
  xen
  yast2 (4.4.39 -> 4.4.42)
=== Details ===
==== ethtool ====
Version update (5.15 -> 5.16)
- update to upstream release 5.16
  * Feature: use memory maps for module EEPROM parsing (-m)
  * Feature: show CMIS diagnostic information (-m)
  * Fix: fix dumping advertised FEC modes (--show-fec)
  * Fix: ignore cable test notifications from other devices
    (--cable-test)
  * Fix: do not show duplicate options in help text (--help)
==== iputils ====
- temporarily reintroduce rarpd and rdisc tools to get them into
  15sp4 [jsc#SLE-23521]
==== keylime ====
Subpackages: keylime-agent keylime-config keylime-firewalld keylime-registrar keylime-tpm_cert_store keylime-verifier python38-keylime
- Set /var/lib/keylime under the same permissions expected by the code
==== polkit ====
Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0
- Switch from mozjs to duktape:
  * Add duktape-support.patch
- Fixed pkexec Local Privilege Escalation aka pwnkit (CVE-2021-4034 bsc#1194568)
  CVE-2021-4034-pkexec-fix.patch
==== toolbox ====
- Allow docker as an alternative to podman in the package Requires. This was
  supported since 2.2.
==== util-linux ====
Version update (2.37.2 -> 2.37.3)
Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1
- update to 2.37.3 (bsc#1194976):
  This release fixes two security mount(8) and umount(8) issues:
  * CVE-2021-3996
    Improper UID check in libmount allows an unprivileged user to unmount FUSE
    filesystems of users with similar UID.
  * CVE-2021-3995
    This issue is related to parsing the /proc/self/mountinfo file allows an
    unprivileged user to unmount other user's filesystems that are either
    world-writable themselves or mounted in a world-writable directory.
==== xen ====
- bsc#1194576 - VUL-0: CVE-2022-23033: xen: arm:
  guest_physmap_remove_page not removing the p2m mappings (XSA-393)
  xsa393.patch
- bsc#1194581 - VUL-0: CVE-2022-23034: xen: a PV guest could DoS
  Xen while unmapping a grant (XSA-394)
  xsa394.patch
- bsc#1194588 - VUL-0: CVE-2022-23035: xen: insufficient cleanup of
  passed-through device IRQs (XSA-395)
  xsa395.patch
- bsc#1191668 - L3: issue around xl and virsh operation - virsh
  list not giving any output
  libxl-dont-try-to-free-a-NULL-list-of-vcpus.patch
  libxl-dont-touch-nr_vcpus_out-if-listing-vcpus-and-returning-NULL.patch
==== yast2 ====
Version update (4.4.39 -> 4.4.42)
- Added Y2Packager::NewRepositorySetup to track new repositories
  (related to bsc#1194453)
- 4.4.42
- Fix PackageAI call to PackagesProposal.GetResolvable. It prevents
  a crash when cloning a system (bsc#1195137).
- 4.4.41
- Use Package module instead of PackageSystem (bsc#1194886).
- 4.4.40