Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version=Tumbleweed&build=20210127
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=---
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
apparmor
cockpit-podman (25 -> 26)
sudo (1.9.5p1 -> 1.9.5p2)
zbar
=== Details ===
==== apparmor ====
Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor
- add apache-extra-profile-include-if-exists.diff: make
include in apache extra profile optional to avoid problems with empty
profile directory (boo#1178527)
==== cockpit-podman ====
Version update (25 -> 26)
- new version 26
https://github.com/cockpit-project/cockpit-podman/releases/tag/26
==== sudo ====
Version update (1.9.5p1 -> 1.9.5p2)
- Update to 1.9.5.p2
* When invoked as sudoedit, the same set of command line
options are now accepted as for sudo -e. The -H and -P
options are now rejected for sudoedit and sudo -e which
matches the sudo 1.7 behavior. This is part of the fix for
CVE-2021-3156.
* Fixed a potential buffer overflow when unescaping backslashes
in the command's arguments. Normally, sudo escapes special
characters when running a command via a shell (sudo -s or
sudo -i). However, it was also possible to run sudoedit with
the -s or -i flags in which case no escaping had actually
been done, making a buffer overflow possible.
This fixes CVE-2021-3156. (bsc#1181090)
* Fixed sudo's setprogname(3) emulation on systems that don't
provide it.
* Fixed a problem with the sudoers log server client where a
partial write to the server could result the sudo process
consuming large amounts of CPU time due to a cycle in the
buffer queue. Bug #954.
* Added a missing dependency on libsudo_util in libsudo_eventlog.
Fixes a link error when building sudo statically.
* The user's KRB5CCNAME environment variable is now preserved
when performing PAM authentication. This fixes GSSAPI
authentication when the user has a non-default ccache.
==== zbar ====
- Apply patch0 unconditionally and fix build on Leap