Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=kubic&groupid=3&version=Tumbleweed&build=20200701 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=Kubic&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: dhcp haveged (1.9.8 -> 1.9.13) kured (1.4.0 -> 1.4.3) mozilla-nss (3.52.1 -> 3.53.1) patterns-containers python-py (1.8.1 -> 1.9.0) python-rpm-macros (20200529.b301e36 -> 20200625.e862151) rpm sysfsutils weave (2.6.4 -> 2.6.5) yast2 (4.3.9 -> 4.3.12) === Details === ==== dhcp ==== Subpackages: dhcp-client - The server package still requires insserv-compat: the .service files only call out to legacy sysv init scripts that are still sourcing /etc/rc.status (boo#1173440). ==== haveged ==== Version update (1.9.8 -> 1.9.13) - Update to 1.9.13: * added support for --version [Jirka Hladky] * updated systemd service file [Jirka Hladky] * fix a memory leak in havege_destroy [Anakin Zhang] * updated version reported by program [Jirka Hladky] * fix ordering cycle with private tmp [Christian Hesse] * Updated systemd service file [Nicolas Braud-Santoni] * Bump soname [Nicolas Braud-Santoni] * Fix crash on shutdown in threaded mode [Sergei Trofimovich] * Fix compilation with --enable-threads [Lars Wendler] ==== kured ==== Version update (1.4.0 -> 1.4.3) - Update to version 1.4.3: * bump and fix * split matchLabels template * restructured and improved service * bumped kured to upcoming 1.4.3 fixed servicemonitor indent fixed quotes for arguments * update things for 1.4.2 release * Use GITHUB_TOKEN for releasing chart * make markdownlint happier * update version * prepare chart-release for 1.4.1 * Revert #139 - use obs-service for regenerating vendor.tar.gz - Update to version 1.4.2 - Adding --annotation-ttl for automatic unlock - Refresh vendor.tar.xz ==== mozilla-nss ==== Version update (3.52.1 -> 3.53.1) - add FIPS mode patches from SLE stream nss-fips-aes-keywrap-post.patch nss-fips-approved-crypto-non-ec.patch nss-fips-cavs-dsa-fixes.patch nss-fips-cavs-general.patch nss-fips-cavs-kas-ecc.patch nss-fips-cavs-kas-ffc.patch nss-fips-cavs-keywrap.patch nss-fips-cavs-rsa-fixes.patch nss-fips-combined-hash-sign-dsa-ecdsa.patch nss-fips-constructor-self-tests.patch nss-fips-detect-fips-mode-fixes.patch nss-fips-dsa-kat.patch nss-fips-gcm-ctr.patch nss-fips-pairwise-consistency-check.patch nss-fips-rsa-keygen-strictness.patch nss-fips-tls-allow-md5-prf.patch nss-fips-use-getrandom.patch nss-fips-use-strong-random-pool.patch nss-fips-zeroization.patch nss-fix-dh-pkcs-derive-inverted-logic.patch - update to NSS 3.53.1 * required for Firefox 78 * CVE-2020-12402 - Use constant-time GCD and modular inversion in MPI. (bmo#1631597, bsc#1173032) - Add ppc-old-abi-v3.patch as per upstream bug https://bugzilla.mozilla.org/show_bug.cgi?id=1642174 - update to NSS 3.53 Notable changes * SEED is now moved into a new freebl directory freebl/deprecated bmo#1636389 * SEED will be disabled by default in a future release of NSS. At that time, users will need to set the compile-time flag (bmo#1622033) to disable that deprecation in order to use the algorithm. * Algorithms marked as deprecated will ultimately be removed * Several root certificates in the Mozilla program now set the CKA_NSS_SERVER_DISTRUST_AFTER attribute, which NSS consumers can query to further refine trust decisions. (bmo#1618404, bmo#1621159). If a builtin certificate has a CKA_NSS_SERVER_DISTRUST_AFTER timestamp before the SCT or NotBefore date of a certificate that builtin issued, then clients can elect not to trust it. ==== patterns-containers ==== Subpackages: patterns-containers-container_runtime patterns-containers-container_runtime_kubernetes patterns-containers-kubeadm patterns-containers-kubernetes_utilities patterns-containers-kubic_admin patterns-containers-kubic_loadbalancer patterns-containers-kubic_worker - Remove duplicate word in description of kubic_admin pattern - Fix Summary of kubeadm pattern to start with a capital letter ==== python-py ==== Version update (1.8.1 -> 1.9.0) - Update to 1.9.0 * Add type annotation stubs ==== python-rpm-macros ==== Version update (20200529.b301e36 -> 20200625.e862151) - Update to version 20200625.e862151: * fix pytest_arch PYTHONPATH * expand calls pyproject* macros (revert #45) * let the shell expand PYTHONPATH - Update to version 20200623.3ea9b62: * fix PYTHONPATH on pytest_arch macro - Update to version 20200622.1919233: * Expand %buildroot first (avoid endless cycle; bsc#1162743) - Update to version 20200622.1f4c5d2: * Add missing semicolon - For Factory change %system_python to python3. - Update to version 20200603.503823c: * Don't add empty path to PYTHONPATH setting. * Do not expand macros, just print them unexpanded (for %pytest* and %pyproject* macros) * Replace py.test -> pytest ==== rpm ==== Subpackages: librpmbuild9 - temporarily back out change of %_libexecdir to /usr/libexec - Update rpmconfigcheck: Remove bashism and use /bin/sh instead of /bin/bash. - update auto-config-update-aarch64-ppc64le.diff (bsc#1170849): * only update if hostarch isn't there ==== sysfsutils ==== - Added a _service file, as per new OBS requirement - Added a patch to bring sysfsutils up to latest upstream, which now is in place: * sysfsutils-latest-changes.diff.gz - Added patches which have been submitted upstream but not yet merged: * 0001-Fix-compiler-complain-about-multiple-defs-of-my_stdo.patch * 0002-Fix-compiler-complaint-about-string-truncation.patch * 0003-Fix-more-string-issues-for-gcc-10.patch And removing a patch that's subsumed by the above patches: * sysfsutils-fix-compiler-issues.patch Lastly, replaced the hand-rolled sysfsutils-2.1.0.tar.gz with upstream archive file sysfsutils-sysfsutils-2_1_0.tar.gz (retreived with OBS download service), though the contents of the two are the same. ==== weave ==== Version update (2.6.4 -> 2.6.5) - Update to version 2.6.5 - Fixes a bug that would leak memory every time a fast-datapath connection was stopped. - Avoid a crash when the machine has ipv6 disabled. - Refresh vendor.tar.xz ==== yast2 ==== Version update (4.3.9 -> 4.3.12) - Products: Do not solve dependencies while checking libzypp connection (bsc#1170322). - 4.3.12 - Avoid failure when downloading release notes from an inoperative proxy (bsc#1173447). - 4.3.11 - AutoClient#export method can receive a hash as an argument (bsc#1171356). - 4.3.10 -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kubic+owner@opensuse.org