Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&ve... https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&...
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: coreutils cracklib (2.9.6 -> 2.9.7) curl (7.70.0 -> 7.71.0) dhcp dracut (050+suse.66.g76431c83 -> 050+suse.67.g28be2f36) gcc10 (10.1.1+git40 -> 10.1.1+git290) glibc installation-images-MicroOS (15.5 -> 15.9) libzypp (17.23.7 -> 17.23.8) ncurses (6.2.20200531 -> 6.2.20200613) python-setuptools python3 python3-base sqlite3 (3.32.2 -> 3.32.3) systemd transactional-update (2.21.1 -> 2.22) yast2 (4.3.8 -> 4.3.9)
=== Details ===
==== coreutils ====
- coreutils-gnulib-disable-test-float.patch: Add patch to temporarily disable the gnulib test 'test-float' failing on ppc and ppc64le. - coreutils.spec: Reference the patch. While at it, avoid conditional Patch and Source entries as that break cross-platform builds from source RPMs.
==== cracklib ==== Version update (2.9.6 -> 2.9.7) Subpackages: libcrack2
- Update to version 2.9.7: + fix a buffer overflow processing long words. - Drop 0003-overflow-processing-gecos.patch and 0004-overflow-processing-long-words.patch: fixed upstream. - Update source URI. - Remove use of translation-update-upstream. It cannot be added to ring 0 on leap, and 2.9.7 has some translation fixes (bsc#1172396).
==== curl ==== Version update (7.70.0 -> 7.71.0) Subpackages: libcurl4
- Update to 7.71.0 [bsc#1173026, CVE-2020-8169][bsc#1173027, CVE-2020-8177] * Changes: - CURLOPT_SSL_OPTIONS: optional use of Windows' CA store (with openssl) - setopt: add CURLOPT_PROXY_ISSUERCERT(_BLOB) for coherency - setopt: support certificate options in memory with struct curl_blob - tool: Add option --retry-all-errors to retry on any error * Bugfixes: - *_sspi: fix bad uses of CURLE_NOT_BUILT_IN - altsvc: bump to h3-29 - altsvc: fix 'dsthost' may be used uninitialized in this function - altsvc: fix parser for lines ending with CRLF - altsvc: remove the num field from the altsvc struct - asyn-*: remove support for never-used NULL entry pointers - azure: use matrix strategy to avoid configuration redundancy - build: disable more code/data when built without proxy support - buildconf: remove -print from the find command that removes files - checksrc: enhance the ASTERISKSPACE and update code accordingly - cirrus: disable SFTP and SCP tests - CMake: add ENABLE_ALT_SVC option - CMake: add HTTP/3 support (ngtcp2+nghttp3, quiche) - CMake: add libssh build support - configure: fix pthread check with static boringssl - configure: for wolfSSL, check for the DES func needed for NTLM - configure: only strip first -L from LDFLAGS - configure: repair the check if argv can be written to - configure: the wolfssh backend does not provide SCP - connect: improve happy eyeballs handling - connect: make happy eyeballs work for QUIC (again) - curl: remove -J "informational" written on stdout - Curl_addrinfo: use one malloc instead of three - dynbuf: introduce internal generic dynamic buffer functions - easy: fix dangling pointer on easy_perform fail - examples/ephiperfifo: turn off interval when setting timerfd - examples/http2-down/upload: add error checks - FILEFORMAT: add more features that tests can depend on - FILEFORMAT: describe verify/stderr - ftp: make domore_getsock() return the secondary socket properly - ftp: mark return-ignoring calls to Curl_GetFTPResponse with (void) - ftp: shut down the secondary connection properly when SSL is used - GnuTLS: Backend support for CURLINFO_SSL_VERIFYRESULT - hostip: make Curl_printable_address not return anything - http2: keep trying to send pending frames after req.upload_done - http2: simplify and clean up trailer handling - http: move header storage to Curl_easy from connectdata - libssh2: improved error output for wrong quote syntax - libssh2: keep sftp errors as 'unsigned long' - libssh2: set the expected total size in SCP upload init - multi: add defensive check on data->multi->num_alive - multi: implement wait using winsock events - ngtcp2: cleanup memory when failing to connect - ngtcp2: fix build with current ngtcp2 master implementing draft 28 - ngtcp2: fix happy eyeballs quic connect crash - ngtcp2: introduce qlog support - ngtcp2: never call fprintf() in lib code in release version - ngtcp2: update with recent API changes - ntlm: enable NTLM support with wolfSSL - OpenSSL: have CURLOPT_CRLFILE imply CURLSSLOPT_NO_PARTIALCHAIN - openssl: set FLAG_TRUSTED_FIRST unconditionally - projects: Add crypt32.lib to dependencies for all OpenSSL configs - quiche: clean up memory properly when failing to connect - quiche: enable qlog output - quiche: update SSLKEYLOGFILE support - Revert "ssh: ignore timeouts during disconnect" - select: fix overflow protection in Curl_socket_check - sendf: make failf() use the mvsnprintf() return code - server/sws: fix asan warning on use of uninitialized variable - server/util: fix logmsg format using curl_off_t argument - sha256: fixed potentially uninitialized variable - share: don not set the share flag it something fails - sockfilt: make select_ws stop waiting on exit signal event - socks: detect connection close during handshake - socks: fix expected length of SOCKS5 reply - socks: remove unreachable breaks in socks.c and mime.c - source cleanup: remove all custom typedef structs - timeouts: change millisecond timeouts to timediff_t from time_t - timeouts: move ms timeouts to timediff_t from int and long - tool_cfgable: free login_options at exit - tool_getparam: -i is not OK if -J is used - tool_getparam: fix memory leak in parse_args - tool_operate: fixed potentially uninitialized variables - tool_paramhlp: fixed potentially uninitialized strtol() variable - transfer: close connection after excess data has been read - typecheck-gcc.h: CURLINFO_PRIVATE does not need a 'char *' - unit1604.c: fix implicit conv from 'SANITIZEcode' to 'CURLcode' - url: accept "any length" credentials for proxy auth - url: alloc the download buffer at transfer start - url: make the updated credentials URL-encoded in the URL - url: reject too long input when parsing credentials - url: sort the protocol schemes in rough popularity order - urlapi: accept :: as a valid IPv6 address - urldata: leave the HTTP method untouched in the set.* struct - urlglob: treat literal IPv6 addresses with zone IDs as a host name - user-agent.d: spell out what happens given a blank argument - vauth/cleartext: fix theoretical integer overflow - version.d: expanded and alpha-sorted - vtls: Extract and simplify key log file handling from OpenSSL - wolfssl: add SSLKEYLOGFILE support - wording: avoid blacklist/whitelist stereotypes - write-out.d: added "response_code"
==== dhcp ==== Subpackages: dhcp-client
- insserv is not required anymore - Fixes for %_libexecdir changing to /usr/libexec
==== dracut ==== Version update (050+suse.66.g76431c83 -> 050+suse.67.g28be2f36) Subpackages: dracut-ima
- Update to version 050+suse.67.g28be2f36: * 35network-legacy: Fix dual stack setups (bsc#1172807)
==== gcc10 ==== Version update (10.1.1+git40 -> 10.1.1+git290) Subpackages: libgcc_s1 libgomp1 libstdc++6
- Update to gcc-10 branch head (c91e43e9363bd119a695d6450), git290. * Includes fix for PR95719, fixing LibreOffice. - Enable c++ for arm-none-eabi - Update to gcc-10 branch head (b0461f44076c26ced5526e4fd6), git68. - Add gcc10-foffload-default.patch to make offloading ignore offload targets that have not been installed both at compile and runtime (for the libgomp plugin part).
==== glibc ==== Subpackages: glibc-locale glibc-locale-base
- long-double-alias.patch: Fix build with GCC 10 when long double = double - nscd-gc-cycle.patch: nscd: bump GC cycle during cache pruning (bsc#1171878, BZ #26130)
==== installation-images-MicroOS ==== Version update (15.5 -> 15.9)
- merge gh#openSUSE/installation-images#390 - updated list of branches - 15.9 - merge gh#openSUSE/installation-images#389 - aarch64: add ipa kernel module - add system-group-wheel to rescue system - 15.8 - merge gh#openSUSE/installation-images#387 - Add YaST dir (workaround for bsc#1172898) - 15.7 - merge gh#openSUSE/installation-images#386 - Add /bin/dash to reduce script memory consumption (bsc#1172139) - 15.6
==== libzypp ==== Version update (17.23.7 -> 17.23.8)
- Fix core dump with corrupted history file (bsc#1170801) - version 17.23.8 (22)
==== ncurses ==== Version update (6.2.20200531 -> 6.2.20200613) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base
- Run ldconfig local on %buildroot %_lib to get links done (boo#1173222) - Add ncurses patch 20200606 + add xterm+256color2, xterm+88color2, to deprecate nonstandard usage in xterm+256color, xterm+88color -TD + add shifted Linux console keys in linux+sfkeys entry for screen.linux (report by Alexandre Montaron). + use vt100+enq in screen (report by Alexandre Montaron). + add screen.linux-s alias (suggested by Alexandre Montaron). - Add ncurses patch 20200613 + update list of functions in ncurses.3x + move dlclose() call from lib_mouse.c to delscreen() to avoid a case in the former which could be called from SIGTSTP handler (Debian [#961097]).
==== python-setuptools ====
- use local source dir for pytest imports gh#openSUSE/python-rpm-macros#48
==== python3 ====
- Replace OBS_dev-shm.patch with the upstream PR#20944
==== python3-base ==== Subpackages: libpython3_8-1_0
- Replace OBS_dev-shm.patch with the upstream PR#20944
==== sqlite3 ==== Version update (3.32.2 -> 3.32.3)
- SQLite 3.32.3: * Fix Heap Buffer Overflow in multiSelectOrderBy * Fix Assertion `flags3==pIn3->flags' failed * Fix Assertion `pExpr->pAggInfo==pAggInfo' failed * Fix Segfault in sqlite3Select * Fix Use after free in resetAccumulator CVE-2020-13871 boo#1172646
==== systemd ==== Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- migrate-sysconfig-i18n.sh: fix marker handling (bsc#1173229) The marker is used to make sure the script is run only once. Instead of storing it in /usr, use /var which is more appropriate for such file. Also make it owned by systemd package. - Fix inconsistent file modes for some ghost files (bsc#1173227) Ghost files are assumed by rpm to have mode 000 by default which is not consistent with file permissions set at runtime. Also /var/lib/systemd/random-seed was tracked wrongly as a directory. Also don't track (ghost) /etc/systemd/system/runlevel*.target aliases since we're not supposed to track units or aliases user might define/override.
==== transactional-update ==== Version update (2.21.1 -> 2.22) Subpackages: transactional-update-zypp-config
- Version 2.22 - Use pkgconf to determine installation paths - Enable SSL connections in update shell [boo#1149131] & [boo#1133891]
==== yast2 ==== Version update (4.3.8 -> 4.3.9)
- Add a method to change the selection of the network backend to be used (related to bsc#1172749) - 4.3.9