New MicroOS snapshot 20220713 released!
Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version=Tumbleweed&build=20220713 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: abseil-cpp autoyast2 (4.5.1 -> 4.5.2) gnome-desktop (42.2 -> 42.3) hwdata (0.360 -> 0.361) libadwaita (1.1.2 -> 1.1.3) libaio (0.3.112+29.696a5e6483ba -> 0.3.113) libhandy (1.6.2 -> 1.6.3) libnettle (3.7.3 -> 3.8) ncurses (6.3.20220618 -> 6.3.20220709) net-snmp nghttp2 (1.47.0 -> 1.48.0) patterns-fonts perl (5.34.1 -> 5.36.0) plymouth python-pycares (4.0.0 -> 4.2.1) python-terminado (0.13.3 -> 0.15.0) redis (7.0.2 -> 7.0.3) selinux-policy speex (1.2 -> 1.2.1) suse-module-tools (16.0.20 -> 16.0.21) systemd (250.6 -> 251.2) texlive wavpack (5.4.0 -> 5.5.0) xorg-x11-server xwayland (22.1.2 -> 22.1.3) yast2-perl-bindings (4.5.0 -> 4.5.1) === Details === ==== abseil-cpp ==== - Add Fix-maes-msse41-leaking-into-pkgconfig.patch * Do not make programs compiled with abseil require new-ish CPUs. ==== autoyast2 ==== Version update (4.5.1 -> 4.5.2) - Run the registration step early only on the Online installation medium which does not provide any packages. On the other media run the registration step later. Fixes crash in the SLE Micro when the AutoYaST profile enables the registration step. (bsc#1200803) - 4.5.2 ==== gnome-desktop ==== Version update (42.2 -> 42.3) Subpackages: gnome-desktop-lang gnome-version libgnome-desktop-3-19 libgnome-desktop-3_0-common libgnome-desktop-4-1 typelib-1_0-GnomeDesktop-3_0 - Update to version 42.3: + No changes, version bump only. ==== hwdata ==== Version update (0.360 -> 0.361) - update to 0.361: + Updated pci, usb and vendor ids. ==== libadwaita ==== Version update (1.1.2 -> 1.1.3) Subpackages: libadwaita-1-0 libadwaita-lang typelib-1_0-Adw-1 - Update to version 1.1.3: + AdwLeaflet: Fix a broken link in docs. + AdwPreferencesGroup: Fix accessibility labels. + AdwToast: Fix the example in docs. + Stylesheet: Add missing borders in high contrast version. ==== libaio ==== Version update (0.3.112+29.696a5e6483ba -> 0.3.113) - add fix-splice-signature.patch to fix build on 32bit - update to 0.3.113: * cases/16.t: loongarch only supports eventfd2 * Add loongarch to supported architectures in libaio.spec * Add endian detection and bit width detection for loongarch * Use generic syscall number schema for loongarch * Fix struct io_iocb_vector padding for 32bit architectures * struct io_iocb_sockaddr padding for 32bit architectures * Verify structure padding is correct at build time * harness: add test for aio poll missed events ==== libhandy ==== Version update (1.6.2 -> 1.6.3) Subpackages: libhandy-1-0 libhandy-lang typelib-1_0-Handy-1_0 - Update to version 1.6.3: + Remove a non-existent property mention from HdyDeck docs. + Remove a leftover debug message from HdySettings. + Updated translations. ==== libnettle ==== Version update (3.7.3 -> 3.8) Subpackages: libhogweed6 libnettle8 - update to 3.8: This release includes a couple of new features, and many performance improvements. It adds assembly code for two more architectures: ARM64 and S390x. The new version is intended to be fully source and binary compatible with Nettle-3.6. The shared library names are libnettle.so.8.5 and libhogweed.so.6.5, with sonames libnettle.so.8 and libhogweed.so.6. New features: * AES keywrap (RFC 3394), contributed by Nicolas Mora. * SM3 hash function, contributed by Tianjia Zhang. * New functions cbc_aes128_encrypt, cbc_aes192_encrypt, cbc_aes256_encrypt. On processors where AES is fast enough, e.g., x86_64 with aesni instructions, the overhead of using Nettle's general cbc_encrypt can be significant. The new functions can be implemented in assembly, to do multiple blocks with reduced per-block overhead. Note that there's no corresponding new decrypt functions, since the general cbc_decrypt doesn't suffer from the same performance problem. Bug fixes: * Fix fat builds for x86_64 windows, these appear to never have worked. Optimizations: * New ARM64 implementation of AES, GCM, Chacha, SHA1 and SHA256, for processors supporting crypto extensions. Great speedups, and fat builds are supported. Contributed by Mamone Tarsha. * New s390x implementation of AES, GCM, Chacha, memxor, SHA1, SHA256, SHA512 and SHA3. Great speedups, and fat builds are supported. Contributed by Mamone Tarsha. * New PPC64 assembly for ecc modulo/redc operations, contributed by Amitay Isaacs, Martin Schwenke and Alastair D´Silva. * The x86_64 AES implementation using aesni instructions has been reorganized with one separate function per key size, each interleaving the processing of two blocks at a time (when the caller processes multiple blocks with each call). This gives a modest performance improvement on some processors. * Rewritten and faster x86_64 poly1305 assembly. - drop libnettle-s390x-CPACF-SHA-AES-support.patch (included in 3.8) ==== ncurses ==== Version update (6.3.20220618 -> 6.3.20220709) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20220709 + lock the prescreen data consistently in newterm, etc., for the pthreads configuration (report by Tom de Vries). - Add ncurses patch 20220703 + add consistency check in tic for u6/u7/u8/u9 and NQ capabilities. + use NQ to flag entries where the terminal does not support query and response -TD + use ansi+enq and decid+cpr in cases where the terminal probably supported the u6-u9 extension -TD + add/use apollo+vt132, xterm+alt47 -TD - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.3.dif - Add ncurses patch 20220625 + improve man/curs_bkgd.3x, explaining that bkgdset can affect results for bkgd (report by Anton Vidovic). + correct dsl in dec+sl (report by Rajeev Pillai) -TD + add/use ansi+cpr, decid+cpr -TD - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.3.dif ==== net-snmp ==== Subpackages: perl-SNMP snmp-mibs - Rename libsnmp40 subpackage to libsnmp39: the libraries are all having soversion 39. ==== nghttp2 ==== Version update (1.47.0 -> 1.48.0) - update to 1.48.0: * lib: Allow server to override RFC 9218 stream priority * lib: Add a server option to fallback to RFC 7540 priorities * lib: Add PRIORITY_UPDATE frame support * lib: Implement RFC 9218 extensible prioritization scheme * lib: Do not verify host field specific characters for response field * lib: No rfc7540 priorities * lib: Fix stream stall when initial window size is decreased * doc: Document how to change stream prioritization scheme * build: Compile with libressl 3.5 * build: EXTRA_DIST: List mruby files explicitly * build: Bump ngtcp2 and nghttp3 * build: Do not check application libraries if --enable-lib-only is given * src: Update default TLS cipher suites * nghttpx, h2load: Better pack UDP packets in one GSO write * nghttpx, h2load: Quic error handling * nghttpx, h2load: Fix QUIC performance regression * nghttp, nghttpd, nghttpx: Add ktls support * h2load: Send more packets without GSO per event loop * h2load: Add ktls support * nghttpd: Fix TLS read stall * nghttpx: Disable RFC 7540 priorities * nghttpx: Client always uses simpler TLS handshake * nghttpx: Add affinity-cookie-stickiness backend parameter * nghttpx: Fix broken session affinity * nghttpx: Limit CONNECTION_CLOSE and Retry under server amplification limit * integration: Go update * integration: Add go.mod * third-party: Bump llhttp to 75b45129db961e1fb3c56044e1b8f7721bfaee5d * third-party: Bump libbpf to v0.8.0 * third-party: Bump mruby to 3.1.0 * third-party: Bump neverbleed based on the latest head (GH-1708) ==== patterns-fonts ==== Subpackages: patterns-fonts-fonts patterns-fonts-fonts_opt - Revert to recommend noto-sans-fonts only, noto-fonts and noto-sans-cjk-fonts are too much. ==== perl ==== Version update (5.34.1 -> 5.36.0) Subpackages: perl-base - Update to 5.36.0 * the signatures and isa features are no longer experimental and part of the v5.36 feature bundle * the v5.36 bundle also enables warnings * new '-g' command line flag (alias for -0777) * support for unicode 14.0 * regex sets are no longer considered experimental * experimental iterating over multiple values at a time * experimental new builtin module * experimental defer blocks * try/catch can now have a finally block * experimental non-ASCII delimiters for quote-like operators * a physically empty sort is now a compile-time error - Rebase perl-5.34.0.dif to perl-5.36.0.diff - Refresh perl-5.18.2-overflow.diff ==== plymouth ==== Subpackages: libply-splash-core5 libply-splash-graphics5 libply5 plymouth-dracut plymouth-lang plymouth-plugin-label plymouth-plugin-two-step plymouth-scripts plymouth-theme-bgrt plymouth-theme-spinner - Add 0004-label-ft-fix-alignment.patch: to fix alignment with label-ft in some cases (boo#959986). ==== python-pycares ==== Version update (4.0.0 -> 4.2.1) - specfile: * update copyright year - update to version 4.2.1: * core: add flexible member to ares_addrinfo to fix c-ares 1.18 - changes from version 4.2.0: * tests: ignoring 2 tests due to dead servers * tests: updated google TXT records for an outdated test * deps: update bundled c-ares - changes from version 4.1.2: * build: add PYPIREADME.rst to manifest - changes from version 4.1.1: * misc: add PyPI README without images * misc: update c-ares URL - changes from version 4.1.0: * ci: use stable 3.10, rather than dev * core: add support for Python 3.10 * doc: fix typo in README * doc: updatee changelog * doc: uppdate README * core: add support for CAA queries * core: add support for getaddrinfo() * doc: update README * core: add ability to use the system installed c-ares ==== python-terminado ==== Version update (0.13.3 -> 0.15.0) - Update build and test requirements - specfile: * require pip, hatchling, swtich to pyproject build - update to version 0.15.0: * no changelog available - changes from version 0.14.0: * Add pre-commit * add mypy support * Switch to flit build backend * Switch to hatch backend ==== redis ==== Version update (7.0.2 -> 7.0.3) - Update to version 7.0.3 * Performance and resource utilization improvements - Optimize zset conversion on large ZRANGESTORE (#10789) - Optimize the performance of sending PING on large clusters (#10624) - Allow for faster restart of Redis in cluster mode (#10912) * INFO fields and introspection changes - Add missing sharded pubsub keychannel count to CLIENT LIST (#10895) - Add missing pubsubshard_channels field in INFO STATS (#10929) * Module API changes - Add RM_StringToULongLong and RM_CreateStringFromULongLong (#10889) - Add RM_SetClientNameById and RM_GetClientNameById (#10839) * Changes in CLI tools - Add missing cluster-port support to redis-cli --cluster (#10344) * Other General Improvements - Account sharded pubsub channels memory consumption (#10925) - Allow ECHO in loading and stale modes (#10853) - Cluster: Throw -TRYAGAIN instead of -ASK on migrating nodes for multi-key - commands when the node only has some of the keys (#9526) * Bug Fixes - TLS: Notify clients on connection shutdown (#10931) - Fsync directory while persisting AOF manifest, RDB file, and config file (#10737) - Script that made modification will not break with unexpected NOREPLICAS error (#10855) - Cluster: Fix a bug where nodes may not acknowledge a CLUSTER FAILOVER TAKEOVER - after a replica reboots (#10798) - Cluster: Fix crash during handshake and cluster shards call (#10942) * Fixes for issues in previous releases of Redis 7.0 - TLS: Fix issues with large replies (#10909) - Correctly report the startup warning for vm.overcommit_memory (#10841) - redis-server command line allow passing config name and value in the same argument (#10866) - Support --save command line argument with no value for backwards compatibility (#10866) - Fix CLUSTER RESET command regression requiring an argument (#10898) ==== selinux-policy ==== Subpackages: selinux-policy-targeted - Update fix_systemd.patch to add cap sys_admin and kernel_dgram_send for systemd_gpt_generator_t (bsc#1200911) - postfix: Label PID files and some helpers correctly (bsc#1197242) ==== speex ==== Version update (1.2 -> 1.2.1) - update to 1.2.1: * Check for _WIN32 instead of WIN32 in preprocessor checks * wav_io: check for EOF when seeking in wav (fixes hang discovered by fuzzing) * CI: add gitlab CI integration * fixed-point: make left shift macros use unsigned to avoid undefined behaviour * math_approx: use unsigned int for LCG pseudorandom generator (avoids integer overflow) * oss-fuzz: add integration and fuzzing target * speexenc: guard against invalid channel numbers) * speexdec: make left shift macros use unsigned to avoid undefined behaviour * autotools: do not use deprecated macros - drop speex-CVE-2020-23903.patch (upstream) ==== suse-module-tools ==== Version update (16.0.20 -> 16.0.21) - Update to version 16.0.21: * kernel-scriptlets: don't pass flags to weak-modules2 (bsc#1195391) ==== systemd ==== Version update (250.6 -> 251.2) Subpackages: libsystemd0 libudev1 systemd-doc systemd-lang udev - pstore is no more considered as an experimental feature: move it to udev package (bsc#1197802) - Adjust rpmlintrc for shlib-policy-name-error/multibuild case so that it's not only for x86_64. - spec: %suse_version rpm macro is already reserved and has a special meaning in openSUSE distros so rename it to %archive_version instead. - Import commit e9fc337d97539fcab23078ab3e06f6b2ce3a3c8d ca0b29521f sha256: fix compilation on efi-ia32 1bbbac6a7e test: enable virtio-rng device for QEMU guests - Upgrade to v251.2 (commit 949d6bb7201dd48167ee9716ed6278764d1f4c0f) See https://github.com/openSUSE/systemd/blob/SUSE/v251/NEWS for details. This includes the following bug fixes: - upstream commit e6b169418369abbc88c8f622e02e1d704a23d4ef (bsc#1137373 bsc#1181658 bsc#1194708 bsc#1195157 bsc#1197570) * Rebased 0001-conf-parser-introduce-early-drop-ins.patch * systemd-testsuite now requires python3-pexpect due to TEST-69-SHUTDOWN relying on this module. * sysusers.d/systemd-network.conf has been moved to systemd-network sub-package since the tmpfiles configuration snippets for networkd has also been moved to this sub-package. ==== texlive ==== - Require correct perl(Biber) version - add biber-missing-semicolon.patch * supports perl 5.36 - use biber version number - use https for urls - reference full download url for biber for source verification - use negative listing approach for luajit determination ==== wavpack ==== Version update (5.4.0 -> 5.5.0) - update to 5.5.0: * fixed: CVE-2021-44269 (encoding crafted DSD file triggers OOB read crash) * fixed: very long filenames cause stack-overflow crash in all CLI programs * fixed: the length stored in WAV headers not always corrected when using -i * fixed: attempting to encode raw DSD audio from stdin sometimes causes crash * fixed: DSD to PCM decimation: small clicks between tracks and tiny DC offset * fixed: length update in library-generated WAV headers on big-endian machines * fixed: sanitize custom extensions read from WavPack files to be alphanumeric * added: accepting brace-delimited options in the wavpack executable filename * added: "--drop" option to Windows executables for multi-file "drag-and-drop" * added" "--raw-pcm" option to wvunpack executable (does DSD --> 24-bit PCM) * added: "--no-overwrite" option to wavpack executable (to resume sessions) * improved: build system clean-up including switch to non-recursive "make" - drop wavpack-CVE-2021-44269.patch (upstream) - add doc subpackage ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_boo1194181-001-xkb-swap-XkbSetDeviceInfo-and-XkbSetDeviceInfoCheck.patch * Out-Of-Bounds Access in CheckSetDeviceIndicators() (CVE-2022-2320, ZDI-CAN-16070, bsc#1194181) - U_boo1194179-001-xkb-rename-xkb_h-to-xkb-procs_h.patch, U_boo1194179-002-xkb-add-request-length-validation-for-XkbSetGeometry.patch * Out-Of-Bounds Access in _CheckSetSections() (CVE-2022-2319, ZDI-CAN-16062, bsc#1194179) ==== xwayland ==== Version update (22.1.2 -> 22.1.3) - Update to version 22.1.3 * os: print <signal handler called> if unw_is_signal_frame() * os: print registers in the libunwind version of xorg_backtrace() * xwayland/present: Do not send two idle notify events for flip pixmaps * xwayland: Fix check logic in sprite_check_lost_focus() * xwayland: Change randr_output status when call xwl_output_remove() * xkb: switch to array index loops to moving pointers * xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck * xkb: add request length validation for XkbSetGeometry ==== yast2-perl-bindings ==== Version update (4.5.0 -> 4.5.1) - Adapted to new Perl-5.36.0 API (bsc#1200990) Details: https://github.com/yast/yast-perl-bindings/pull/30 - 4.5.1
participants (1)
-
Richard Brown