New ARM MicroOS snapshot 20240414 released!
Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=Tumbleweed&build=20240414 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MicroOS-release (20240410 -> 20240414) btrfsmaintenance gcr (4.2.1 -> 4.3.0) gettext-runtime gnome-control-center gnome-online-accounts (3.50.0 -> 3.50.1) gnome-text-editor (46.0 -> 46.1) gobject-introspection gptfdisk (1.0.9 -> 1.0.10) grep gupnp jack kernel-source (6.8.4 -> 6.8.5) libcontainers-common (20240206 -> 20240408) liblouis libssh multipath-tools (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83) openSUSE-build-key openssh pam (1.6.0 -> 1.6.1) pam-config (2.11 -> 2.11+git.20240411) pam-full-src (1.6.0 -> 1.6.1) patterns-kde perl pipewire postfix schily texlive transactional-update (4.6.0 -> 4.6.5) update-alternatives (1.22.5 -> 1.22.6) vim (9.1.0151 -> 9.1.0301) xorg-x11-server xz === Details === ==== MicroOS-release ==== Version update (20240410 -> 20240414) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== btrfsmaintenance ==== - Use full URL for Source0 (.gz compressed as upstream does not ship .bz2 ones). ==== gcr ==== Version update (4.2.1 -> 4.3.0) Subpackages: gcr-ssh-agent gcr-ssh-askpass gcr-viewer libgck-2-2 libgcr-4-4 typelib-1_0-Gck-2 typelib-1_0-Gcr-4 - Update to version 4.3.0: + certificate: Add API to retrieve version. + Bump required GnuTLS version to 3.8.5. + Avoid potential integer overflow spotted by UBSan> + Support GnuTLS as an alternative crypto backend. + Updated translations. ==== gettext-runtime ==== Subpackages: libtextstyle0 - Add missing Requires: find to gettext-tools ==== gnome-control-center ==== Subpackages: gnome-control-center-color gnome-control-center-goa gnome-control-center-user-faces gnome-control-center-users - Add gnome-control-center-datetime-Avoid-emitting-the-time-changed-signal.patch: Avoid emitting the time-changed signal (bsc#1222149, bsc#1221799, glgo#GNOME/gnome-control-center#2943). ==== gnome-online-accounts ==== Version update (3.50.0 -> 3.50.1) Subpackages: libgoa-1_0-0 libgoa-backend-1_0-2 - Update to version 3.50.1: + Fix translation domain in account dialogs. + Fix OAuth 2.0 URI handler for some users. + Fix crash in Kerberos/Fedora provider. + Improved WebDAV support for Fastmail and mailbox.org. + Fixes for WebDAV discovery. + OAuth 2.0 PKCE support. + Fix issues caught by static analysis. + Update Microsoft Client ID. + Updated translations. ==== gnome-text-editor ==== Version update (46.0 -> 46.1) - Update to version 46.1: + Remove DBusActicatable=true from the .desktop file to fix an issue where you could spawn Text Editor via D-Bus and not have the session restored at startup. + AppData fixes. + Updated translations. - Drop data-desktop-disable-DBusActivatable.patch: fixed upstream. ==== gobject-introspection ==== Subpackages: girepository-1_0 libgirepository-1_0-1 - gi-find-deps.sh: further expand on the java script scanner. ==== gptfdisk ==== Version update (1.0.9 -> 1.0.10) - Update to release 1.0.10 * Fix failure & crash of sgdisk when compiled with latest popt * Fix NULL dereference when duplicating string argument * Allow partition dynamically allocated by --largest-new to be referenced by other options * Truncate decimal inputs (e.g. "9.5G" becomes "9G") * New partition type codes from the Discoverable Partitions Specification - Delete 0001-Fix-failure-crash-of-sgdisk-when-compiled-with-lates.patch gptfdisk-1.0.9-libuuid.patch, gptfdisk-fix-null-pointer-dereference.patch (merged) ==== grep ==== - restore texinfo macros for SLE15 ==== gupnp ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== jack ==== - remove dependency on /usr/bin/python3 using %python3_fix_shebang macro, [bsc#1212476] ==== kernel-source ==== Version update (6.8.4 -> 6.8.5) - gcc-plugins/stackleak: Avoid .head.text section (git-fixes). - commit 542f698 - Linux 6.8.5 (bsc#1012628). - x86: set SPECTRE_BHI_ON as default (bsc#1012628). - KVM: x86: Add BHI_NO (bsc#1012628). - x86/bhi: Mitigate KVM by default (bsc#1012628). - x86/bhi: Add BHI mitigation knob (bsc#1012628 bsc#1217339 CVE-2024-2201). - Update config files (set SPECTRE_BHI_ON=y which is the default later). - x86/bhi: Enumerate Branch History Injection (BHI) bug (bsc#1012628). - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (bsc#1012628). - x86/bhi: Add support for clearing branch history at syscall entry (bsc#1012628). - x86/syscall: Don't force use of indirect calls for system calls (bsc#1012628). - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (bsc#1012628). - x86/efistub: Remap kernel text read-only before dropping NX attribute (bsc#1012628). - x86/sev: Move early startup code into .head.text section (bsc#1012628). - x86/sme: Move early SME kernel encryption handling into .head.text (bsc#1012628). - x86/boot: Move mem_encrypt= parsing to the decompressor (bsc#1012628). - efi/libstub: Add generic support for parsing mem_encrypt= (bsc#1012628). - bpf: support deferring bpf_link dealloc to after RCU grace period (bsc#1012628). - bpf: put uprobe link's path and task in release callback (bsc#1012628). - Revert "x86/mpparse: Register APIC address only once" (bsc#1012628). - drm/xe: Rework rebinding (bsc#1012628). - drm/xe: Use ring ops TLB invalidation for rebinds (bsc#1012628). - drm/i915/gt: Enable only one CCS for compute workload (bsc#1012628). - drm/i915/gt: Do not generate the command streamer for all the CCS (bsc#1012628). - drm/i915/gt: Disable HW load balancing for CCS (bsc#1012628). - drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (bsc#1012628). - drm/i915/mst: Reject FEC+MST on ICL (bsc#1012628). - drm/i915/mst: Limit MST+DSC to TGL+ (bsc#1012628). - smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_network_name_deleted() (bsc#1012628). - smb: client: fix potential UAF in is_valid_oplock_break() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_valid_lease_break() (bsc#1012628). - smb: client: fix potential UAF in smb2_is_valid_oplock_break() (bsc#1012628). - smb: client: fix potential UAF in cifs_dump_full_key() (bsc#1012628). - smb: client: fix potential UAF in cifs_stats_proc_show() (bsc#1012628). - smb: client: fix potential UAF in cifs_stats_proc_write() (bsc#1012628). - smb: client: fix potential UAF in cifs_debug_files_proc_show() (bsc#1012628). - smb3: retrying on failed server close (bsc#1012628). - smb: client: serialise cifs_construct_tcon() with cifs_mount_mutex (bsc#1012628). - smb: client: handle DFS tcons in cifs_construct_tcon() (bsc#1012628). - smb: client: refresh referral without acquiring refpath_lock (bsc#1012628). - smb: client: guarantee refcounted children from parent session (bsc#1012628). - smb: client: fix UAF in smb2_reconnect_server() (bsc#1012628). - riscv: process: Fix kernel gp leakage (bsc#1012628). - riscv: Fix spurious errors from __get/put_kernel_nofault (bsc#1012628). - s390/entry: align system call table on 8 bytes (bsc#1012628). - selftests/mm: include strings.h for ffsl (bsc#1012628). - mm/secretmem: fix GUP-fast succeeding on secretmem folios (bsc#1012628). - arm64/ptrace: Use saved floating point state type to determine SVE layout (bsc#1012628). - riscv: Fix vector state restore in rt_sigreturn() (bsc#1012628). - aio: Fix null ptr deref in aio_complete() wakeup (bsc#1012628). - perf/x86/intel/ds: Don't clear ->pebs_data_cfg for the last PEBS event (bsc#1012628). - x86/coco: Require seeding RNG with RDRAND on CoCo systems (bsc#1012628). - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (bsc#1012628). - x86/mm/pat: fix VM_PAT handling in COW mappings (bsc#1012628). - of: module: prevent NULL pointer dereference in vsnprintf() (bsc#1012628). - of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (bsc#1012628). - driver core: Introduce device_link_wait_removal() (bsc#1012628). - ASoC: SOF: Intel: hda: Compensate LLP in case it is not reset (bsc#1012628). - ASoC: SOF: ipc4-pcm: Correct the delay calculation (bsc#1012628). ... changelog too long, skipping 395 lines ... - commit f362b5c ==== libcontainers-common ==== Version update (20240206 -> 20240408) Subpackages: libcontainers-default-policy - Add patch to keep containers.conf modifications in sync with upstream (bsc#1213556) + 0001-containers.conf-SUSE-clear-cni-config-dir-for-ALP.patch - Fallback to podman's default capabilities and journal driver via containers.conf - New release 20240408 - bump bundled c/common to 0.58.0 - bump bundled c/image to 5.30.0 - bump bundled c/storage to 1.53.0 ==== liblouis ==== Subpackages: liblouis-data liblouis20 python3-louis - Run python tests in %check ==== libssh ==== Subpackages: libssh-config libssh4 - Don't change the path for crypto-policies libssh.config (bsc#1222716) ==== multipath-tools ==== Version update (0.9.8+87+suse.f72b9f3 -> 0.9.8+88+suse.d504d83) Subpackages: kpartx libmpath0 - Update to version 0.9.8+88+suse.d504d83: * Revert "libmultipath: fix max_sectors_kb on adding path" (bsc#1222458) ==== openSUSE-build-key ==== - SLM 6.0 key (ALP / SLF1) RSA 4096 bit key - gpg-pubkey-09d9ea69-645b99ce.asc - 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit key - gpg-pubkey-3fa1d6ce-63c9481c.asc - SLM 6.0 key (ALP / SLF1) RSA 4096 bit reserve key - gpg-pubkey-73f03759-626bd414.asc - 2024 SUSE Linux Enterprise 15 SP6 RSA 4096 bit reserve key - gpg-pubkey-d588dc46-63c939db.asc - obsoleted a incorrectly used DSA1024 key (used in Slowroll). ==== openssh ==== Subpackages: openssh-clients openssh-common openssh-server - Fix duplicate loading of dropins. (boo#1222467) ==== pam ==== Version update (1.6.0 -> 1.6.1) - Update to version 1.6.1 - pam_env: fixed --disable-econf --enable-vendordir support. - pam_unix: do not warn if password aging is disabled. - pam_unix: try to set uid to 0 before unix_chkpwd invocation. - pam_unix: allow empty passwords with non-empty hashes. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - Remove backports: - pam_env-fix_vendordir.patch - pam_env-fix-enable-vendordir-fallback.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch ==== pam-config ==== Version update (2.11 -> 2.11+git.20240411) - Update to version 2.11+git.20240411: * Configure Himmelblau correctly w/ other services present * Configure other services correctly w/ Himmelblau present * Himmelblau session is only optional ==== pam-full-src ==== Version update (1.6.0 -> 1.6.1) - Update to version 1.6.1 - pam_env: fixed --disable-econf --enable-vendordir support. - pam_unix: do not warn if password aging is disabled. - pam_unix: try to set uid to 0 before unix_chkpwd invocation. - pam_unix: allow empty passwords with non-empty hashes. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - Remove backports: - pam_env-fix_vendordir.patch - pam_env-fix-enable-vendordir-fallback.patch - pam_env-remove-escaped-newlines.patch - pam_unix-fix-password-aging-disabled.patch ==== patterns-kde ==== Subpackages: patterns-kde-kde_plasma patterns-kde-kde_yast - xwaylandvideobridge has always been unversioned (boo#1222640) ==== perl ==== Subpackages: perl-base - Revert commit 7af2d2037375d58e700f9e1b217efb2c4db66133 as suggested by upstream perl * fixed locale being clobbered by perl [bsc#1220195] * new patch: perl-locale-backport.diff ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-jack pipewire-libjack-0_3 pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Move the jack spa plugin from the pipewire-spa-plugins-0_2 package to a new pipewire-spa-plugins-0_2-jack package. This allows to not Suggest the pipewire-libjack package from pipewire-spa-plugins-0_2 since that's only used to connect pipewire as a client to a jack server which is not common at all (boo#1222253). ==== postfix ==== - Move qshape(1) out of -doc, install it as a binary with the main package ==== schily ==== Subpackages: libcdrdeflt1_0 libdeflt1_0 libfile1_0 libfind4_0 librmt1_0 librscg1_0 libscg1_0 libscgcmd1_0 libschily2_0 mkisofs spax star - Update to release 2024.03.21 * mkisofs: produce less scrollback when logging progress to ttys. ==== texlive ==== - Add patch source-dvipdfm-x.dif * dvipdfmx: repeated inclusion of the same image did not share the image data, but had separate copies for each inclusion. ==== transactional-update ==== Version update (4.6.0 -> 4.6.5) Subpackages: dracut-transactional-update libtukit4 transactional-update-zypp-config tukit - Version 4.6.5 - Rework soft-reboot support introduced in 4.6.0: - On transactional systems with systemd 254 the system could hang with with a soft-reboot, as /var and /etc have to be mounted in /run/nextroot explicitly. As a soft-reboot can also be triggered by an admin the mounting of the corresponding mount points was moved to a systemd service to be independent of t-u itself. - Support for systemd 255 - Don't decrease reboot level on multiple commands - Various other bugfixes - soft-reboot support is disabled by default now to gather more feedback - libtukit: Fix kexec reboot method to boot kernel / initrd of next snapshot - tukit: Don't clone lock file handle on exec [boo#1222411] - t-u: Always use zypper of installed system [bsc#1221346] - t-u: Remove remaining telemetrics references - Add prepare-nextroot-for-softreboot service - Add (empty) %check section ==== update-alternatives ==== Version update (1.22.5 -> 1.22.6) - Update to version 1.22.6. The changelog for this version isn't very large, so it's provided in full: * dpkg-deb: Fix up compressor parameters for default legacy format. * Perl modules: - Dpkg::Vendor::Debian: Make it possible to disable qa=-bug-implicit-func. - Dpkg::Vendor::Debian: Unconditionally set qa bug-implicit-func. * Documentation: - man: Document dpkg versions supporting SOURCE_DATE_EPOCH for various tools. * Code internals: - libdpkg: Use array access instead of pointer arithmetic for meminfo parser. - libdpkg: Use a macro to define the zstd default compression level. * Build system: - Test with minimal library dependencies in CI. - Add gen-release script. * Packaging: - Fix typo in man page reference in changelog. * Test suite: - Refactor OpenPGP backend and commands list. - Refactor certfile and keyfile filenames for OpenPGP test. - Skip OpenPGP tests if the backend does not have a verify command. * Localization: - Fix typos in Swedish man pages translations. - Fix typos in Swedish man pages translations. - Update Dutch man pages translations. - Update Portuguese man pages translations. - Update German man pages translation. ==== vim ==== Version update (9.1.0151 -> 9.1.0301) Subpackages: vim-data vim-data-common vim-small xxd - update to 9.1.0301 * Vim9: heredoc start may be recognized in string * Missing test for what patch v9.1.0285 fixes * Vim9: return type not set for a lambda assigned to script var * add runtime/doc/tags-* to ignore files * Updated translation * Update documentation * Patch 9.1.0296 causes too many issues * Fix a few issues with gvim.nsi * regexp: engines do not handle case-folding well * filetype: pip config files are not recognized * Text height function does not respect it's argument * filetype: lxqt config files are not recognized * filetype: XDG mimeapps.list file is not recognized * filetype: libreoffice config files are not recognized * filetype: xilinx files are not recognized * filetype: some TeX files are not recognized * Vim9: comment may be treated as heredoc start * Vim9: E1027 with defcompile for abstract methods * Still problems with cursor position for CTRL-D/U * fix inaccuracies in pandoc compiler * make testclean is not able to delete failed screendumps * Update base-syntax, no curly-brace names in Vim9 script * Several small issues in doc and tests * Finding highlighting attributes is inefficient * Update cuda keywords, remove uncommonly used enumeration constants * several issues with 'smoothscroll' support * filetype: roc files are not recognized * filetype: zathurarc files not recognized * Cannot highlight the Command-line * No pandoc syntax support * filetype: R history files are not recognized * filetype: keymap files are not recognized * autocmd may change cwd after :tcd and :lcd * Update syntax generator, autocmd event list parsing * Normalise builtin-function optional parameter formatting * Correctly distribute libsodium with the installer * a few minor issues to fix * Test for TextChanged is still flaky with ASAN * Two tests in test_filechanged.vim are slow * File name entered in GUI dialog is ignored * fix :compiler leaving behind a g:makeprg variable * Remove more fallback :CompilerSet definitions from compiler plugins * filetype: earthfile files are not recognized * console dialog cannot save unnamed buffers * Fill in a few details regarding :enums * Remove fallback :CompilerSet definition from compiler plugins * libgpm may delete some signal handlers * Improve the matching of contextual keywords * Vim9: Problem with lambda blocks in enums and classes * Test for TextChanged is flaky with ASAN * Vim9: protected class and funcrefs accessible outside the class * Problems with "zb" and scrolling to new topline with 'smoothscroll' * filetype not detected when editing remote files * sort filetype.txt in the alphabetical order * Normal mode TextChanged isn't tested properly * half-page scrolling broke backward compatibility * Vim9: :call may not find imported class members * Finding autocmd events is inefficient * Vim9: no indication of script nr in stack trace of classes * [security]: Heap buffer overflow when calling complete_add() in 'cfu' * filetype: typespec files are not recognized * improve syntax highlighting for YAML * Vim9: segfault with static in super class * Filetype test fails * update syntax * filetype: ldscripts cannot be recognized * filetype: rock_manifest and config.ld files are not recognized * filetype: yarn lock files are not recognized * filetype: bundle config files are not recognized * filetype: fontconfig files are not recognized * filetype: zsh theme, history and zunit files are not recognized * filetype: bash history files are not recognized * filetype: netrw history file is not recognized * filetype: octave history files are not recognized * filetype: mysql history files are not recognized * filetype: some python tools config files are not recognized * filetype: gnuplot history files are not recognised * filetype: jupyterlab and sublime config are not recognized * filetype: mplstyle files are not recognized * filetype: texlua files are not recognized * filetype: supertux files are not recognized * filetype: support for Intel HEX files is lacking * Vim9: string() output of enum is problematic * Conceal test fails when rightleft feature is disabled * Filetype may be undetected when SwapExists sets ft in other buf * TextChanged autocommand not triggered under some circumstances * ensure compiler! sets global options * Distinguish Vim9 builtin object methods from namesake builtin functions * add support for Debian specific @includes * Error E877 is not translated * fix path of uganda.nsis.txt in german.nsi file * Two unrelated things are tested by a single test * Improve docs for empty(), len(), and string() on objects * Recording may still be wrong in Select mode * Not able to assign enum values to an enum static variable * test_matchparen not run in CI * cursor may move too many lines over "right" & "below" virt text * code duplication in loop to add active text properties ... changelog too long, skipping 119 lines ... * Coverity complains about ignoring return value ==== xorg-x11-server ==== Subpackages: xorg-x11-server-Xvfb xorg-x11-server-extra - U_render-Avoid-possible-double-free-in-ProcRenderAddGl.patch * fixes regression for security fix for CVE-2024-31083 (bsc#1222312, boo#1222442, gitlab xserver issue #1659) ==== xz ==== Subpackages: liblzma5 - revert the switch to tar_scm which dropped the signature validation - switch back to tarballs because the upstream tarballs are not gone - reinstanciate keyring from Lasse - go back to the last release signed by Lasse (5.4.2) - revert multibuild, drop service and rpmlintrc - use real_ver for the Source, move everything else back to %version like before the hectic XZ downgrade - remove payload setting, we are using zstd now - Switch to using tar_scm for fetching the sources as the upstream tarballs on github are gone - introduce _multibuild to allow building the translations outside of Ring0 and everything else in Ring0 - add rpmlintrc to silence harmless warnings
participants (1)
-
Guillaume Gardet