New MicroOS snapshot 20240906 released!
Please note that this mail was generated by a script. The described changes are computed based on the x86_64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version=... https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&comp... Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: MicroOS-release (20240905 -> 20240906) aardvark-dns (1.12.1 -> 1.12.2) containerd (1.7.17 -> 1.7.21) crun (1.15 -> 1.16.1) expat (2.6.2 -> 2.6.3) iputils (20240117 -> 20240905) kernel-source (6.10.7 -> 6.10.8) libXi (1.8.1 -> 1.8.2) libvpl (2.11.0 -> 2.13.0) llvm18 pam-config (2.11+git.20240620 -> 2.11+git.20240906) timezone vim (9.1.0636 -> 9.1.0718) === Details === ==== MicroOS-release ==== Version update (20240905 -> 20240906) Subpackages: MicroOS-release-appliance MicroOS-release-dvd - automatically generated by openSUSE-release-tools/pkglistgen ==== aardvark-dns ==== Version update (1.12.1 -> 1.12.2) - Update to version 1.12.2: * Release v1.12.2 * Update release notes for 1.12.2 * coredns: work on tcp requests concurrently * tcp: add timeout to connection (fixes bsc#1230153 / CVE-2024-8418) * cirrus: update branch names ==== containerd ==== Version update (1.7.17 -> 1.7.21) - Update to containerd v1.7.21. Upstream release notes: <https://github.com/containerd/containerd/releases/tag/v1.7.21> Fixes CVE-2023-47108. bsc#1217070 Fixes CVE-2023-45142. bsc#1228553 - Rebase patches: * 0001-BUILD-SLE12-revert-btrfs-depend-on-kernel-UAPI-inste.patch ==== crun ==== Version update (1.15 -> 1.16.1) - new upstream release 1.16.1 1.16.1: - fix a regression introduced by 1.16 where using 'rshared' rootfs mount propagation and the rootfs itself is a mountpoint. - inherit user from original process on exec, if not overridden. 1.16: - build: fix build for s390x. - linux: fix mount of special files with rro. Open the mount target with O_PATH to prevent open(2) failures with special files like FIFOs or UNIX sockets. - Fix sd-bus error handling for cpu quota and period props update. - container: use relative path for rootfs if possible. If the rootfs cannot be resolved and it is below the current working directory, only use its relative path. - wasmedge: access container environment variables for the WasmEdge configuration. - cgroup, systemd: use MemoryMax instead of MemoryLimit. Fixes a warning for using an old configuration name. - cgroup, systemd: improve checks for sd_bus_message_append errors ==== expat ==== Version update (2.6.2 -> 2.6.3) - Update to 2.6.3: * Security fixes: - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with len < 0 without noticing and then calling XML_GetBuffer will have XML_ParseBuffer fail to recognize the problem and XML_GetBuffer corrupt memory. With the fix, XML_ParseBuffer now complains with error XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse has been doing since Expat 2.2.1, and now documented. Impact is denial of service to potentially artitrary code execution. - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution. - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). Impact is denial of service to potentially artitrary code execution. * Other changes: - Autotools: Sync CMake templates with CMake 3.28 - Autotools: Always provide path to find(1) for portability - Autotools: Ensure that the m4 directory always exists. - Autotools: Simplify handling of SIZEOF_VOID_P - Autotools: Support non-GNU sed - Autotools|CMake: Fix main() to main(void) - Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM - Autotools|CMake: Stop requiring dos2unix - CMake: Fix check for symbols size_t and off_t - docs|tests: Convert README to Markdown and update - Windows: Drop support for Visual Studio <=15.0/2017 - Drop needless XML_DTD guards around is_param access - Fix typo in a code comment - Version info bumped from 10:2:9 (libexpat*.so.1.9.2) to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/ for what these numbers do ==== iputils ==== Version update (20240117 -> 20240905) - Update to version 20240905 (mostly ping fixes release) https://github.com/iputils/iputils/releases/tag/20240905 - Fix tarball url ==== kernel-source ==== Version update (6.10.7 -> 6.10.8) - Linux 6.10.8 (bsc#1012628). - drm/amdgpu/mes: fix mes ring buffer overflow (bsc#1012628). - erofs: fix out-of-bound access when z_erofs_gbuf_growsize() partially fails (bsc#1012628). - ALSA: seq: Skip event type filtering for UMP events (bsc#1012628). - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (bsc#1012628). - ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (bsc#1012628). - LoongArch: Remove the unused dma-direct.h (bsc#1012628). - LoongArch: Add ifdefs to fix LSX and LASX related warnings (bsc#1012628). - tpm: ibmvtpm: Call tpm2_sessions_init() to initialize session support (bsc#1012628). - btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() (bsc#1012628). - btrfs: run delayed iputs when flushing delalloc (bsc#1012628). - smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() (bsc#1012628). - pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (bsc#1012628). - pinctrl: single: fix potential NULL dereference in pcs_get_function() (bsc#1012628). - netfs, ceph: Partially revert "netfs: Replace PG_fscache by setting folio->private and marking dirty" (bsc#1012628). - wifi: wfx: repair open network AP mode (bsc#1012628). - wifi: mwifiex: duplicate static structs used in driver instances (bsc#1012628). - net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (bsc#1012628). - mptcp: close subflow when receiving TCP+FIN (bsc#1012628). - mptcp: sched: check both backup in retrans (bsc#1012628). - mptcp: pr_debug: add missing \n at the end (bsc#1012628). - mptcp: pm: reuse ID 0 after delete and re-add (bsc#1012628). - mptcp: pm: skip connecting to already established sf (bsc#1012628). - mptcp: pm: reset MPC endp ID when re-added (bsc#1012628). - mptcp: pm: send ACK on an active subflow (bsc#1012628). - mptcp: pm: fix RM_ADDR ID for the initial subflow (bsc#1012628). - mptcp: pm: do not remove already closed subflows (bsc#1012628). - mptcp: pm: fix ID 0 endp usage after multiple re-creations (bsc#1012628). - mptcp: avoid duplicated SUB_CLOSED events (bsc#1012628). - mptcp: pm: ADD_ADDR 0 is not a new address (bsc#1012628). - selftests: mptcp: join: cannot rm sf if closed (bsc#1012628). - selftests: mptcp: join: check removing ID 0 endpoint (bsc#1012628). - selftests: mptcp: join: no extra msg if no counter (bsc#1012628). - selftests: mptcp: join: check re-re-adding ID 0 endp (bsc#1012628). - binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined (bsc#1012628). - drm/v3d: Disable preemption while updating GPU stats (bsc#1012628). - drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (bsc#1012628). - drm/i915/dp_mst: Fix MST state after a sink reset (bsc#1012628). - drm/amdgpu: align pp_power_profile_mode with kernel docs (bsc#1012628). - drm/amdgpu/swsmu: always force a state reprogram on init (bsc#1012628). - drm/vmwgfx: Prevent unmapping active read buffers (bsc#1012628). - drm/vmwgfx: Fix prime with external buffers (bsc#1012628). - video/aperture: optionally match the device in sysfb_disable() (bsc#1012628). - drm/xe: Prepare display for D3Cold (bsc#1012628). - drm/xe/display: Make display suspend/resume work on discrete (bsc#1012628). - drm/xe/vm: Simplify if condition (bsc#1012628). - drm/xe/exec_queue: Rename xe_exec_queue::compute to xe_exec_queue::lr (bsc#1012628). - drm/xe: prevent UAF around preempt fence (bsc#1012628). - drm/amdgpu: Do not wait for MP0_C2PMSG_33 IFWI init in SRIOV (bsc#1012628). - drm/amdgpu: fix eGPU hotplug regression (bsc#1012628). - pinctrl: qcom: x1e80100: Update PDC hwirq map (bsc#1012628). - ASoC: SOF: amd: move iram-dram fence register programming sequence (bsc#1012628). - ASoC: SOF: amd: Fix for incorrect acp error register offsets (bsc#1012628). - ASoC: amd: acp: fix module autoloading (bsc#1012628). - ASoC: SOF: amd: Fix for acp init sequence (bsc#1012628). - ALSA: hda: cs35l56: Don't use the device index as a calibration index (bsc#1012628). - ASoC: cs-amp-lib-test: Force test calibration blob entries to be valid (bsc#1012628). - ASoC: cs-amp-lib: Ignore empty UEFI calibration entries (bsc#1012628). - backing-file: convert to using fops->splice_write (bsc#1012628). - pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (bsc#1012628). - pinctrl: qcom: x1e80100: Fix special pin offsets (bsc#1012628). - pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (bsc#1012628). - nfsd: prevent panic for nfsv4.0 closed files in nfs4_show_open (bsc#1012628). - mm: Fix missing folio invalidation calls during truncation ... changelog too long, skipping 178 lines ... - commit 64dc967 ==== libXi ==== Version update (1.8.1 -> 1.8.2) - Update to version 1.8.2 * This release includes fixes for malloc failures and a double alignment issue on some machines. XFreeDeviceInfo can now be called with NULL and XGetFeedbackControl is more robust in the face of a malicious X server sending random data. Plus a typo fix in the man page. ==== libvpl ==== Version update (2.11.0 -> 2.13.0) - Update to version 2.13.0: + Added: - Intel® VPL API 2.13 support, including new APIs for AV1 screen content tools, encoded picture quality information, alpha channel encoding, AI-based frame interpolation, AI-based super resolution, and Battlemage platform - hello-encode-jpeg example - Changes from version 2.12.0: + Added: Intel® VPL API 2.12 support, including new APIs for AI-based frame interpolation and Vulkan zero-copy surface sharing. ==== llvm18 ==== - Enable zstd compression support again. ==== pam-config ==== Version update (2.11+git.20240620 -> 2.11+git.20240906) - Update to version 2.11+git.20240906: * Move pam_limits before pam_systemd ==== timezone ==== - Split tzselect script into a subpackage to prevent awk getting into minimal containers and recommend tzselect by the main package Fixes bsc#1230054 ==== vim ==== Version update (9.1.0636 -> 9.1.0718) Subpackages: vim-data-common vim-small - Update to 9.1.0718: * v9.1.0718: hard to know the users personal Vim Runtime Directory * v9.1.0717: Unnecessary nextcmd NULL checks in parse_command_modifiers() Maintainers: fix typo in author name * v9.1.0716: resetting setcellwidth( doesn't update the screen runtime(hcl,terraform): Add runtime files for HCL and Terraform runtime(tmux): Update syntax script * v9.1.0715: Not correctly parsing color names (after v9.1.0709) * v9.1.0714: GuiEnter_Turkish test may fail * v9.1.0713: Newline causes E749 in Ex mode * v9.1.0712: missing dependency of Test_gettext_makefile * v9.1.0711: test_xxd may file when using different xxd * v9.1.0710: popup window may hide part of Command line runtime(vim): Update syntax, improve user-command matching * v9.1.0709: GUIEnter event not found in Turkish locale runtime(sudoers): improve recognized Runas_Spec and Tag_Spec items * v9.1.0708: Recursive window update does not account for reset skipcol runtime(nu): include filetype plugin * v9.1.0707: invalid cursor position may cause a crash * v9.1.0706: test_gettext fails when using shadow dir CI: Install locales-all package * v9.1.0705: Sorting of fuzzy filename completion is not stable translation(pt): update Portuguese/Brazilian menu translation runtime(vim): Update base-syntax, match bracket mark ranges runtime(doc): Update :help :command-complete list * v9.1.0704: inserting with a count is inefficient runtime(doc): use mkdir -p to save a command * v9.1.0703: crash with 2byte encoding and glob2regpat() runtime(hollywood): update syn highlight for If-Then statements and For-In-Loops * v9.1.0702: Patch 9.1.0700 broke CI * v9.1.0701: crash with NFA regex engine when searching for composing chars * v9.1.0700: crash with 2byte encoding and glob2regpat() * v9.1.0699: "dvgo" is not always an inclusive motion runtime(java): Provide support for syntax preview features * v9.1.0698: "Untitled" file not removed when running Test_crash1_3 alone * v9.1.0697: heap-buffer-overflow in ins_typebuf * v9.1.0696: installing runtime files fails when using SHADOWDIR runtime(doc): fix typo * v9.1.0695: test_crash leaves Untitled file around translation(br): Update Brazilian translation translation(pt): Update menu_pt_br * v9.1.0694: matchparen is slow on a long line * v9.1.0693: Configure doesn't show result when not using python3 stable abi * v9.1.0692: Wrong patlen value in ex_substitute() * v9.1.0691: stable-abi may cause segfault on Python 3.11 runtime(vim): Update base-syntax, match :loadkeymap after colon and bar runtime(mane): Improve <Plug>ManBS mapping * v9.1.0690: cannot set special highlight kind in popupmenu translation(pt): Revert and fix wrong Portuguese menu translation files translation(pt): revert Portuguese menu translation translation(br): Update Brazilian translations runtime(vim): Update base-syntax, improve :let-heredoc highlighting * v9.1.0689: buffer-overflow in do_search( with 'rightleft' runtime(vim): Improve heredoc handling for all embedded scripts * v9.1.0688: dereferences NULL pointer in check_type_is_value() * v9.1.0687: Makefile may not install desktop files runtime(man): Fix <Plug>ManBS runtime(java): Make the bundled &foldtext function optional runtime(netrw): Change line on `mx` if command output exists runtime(netrw): Fix `mf`-selected entry highlighting runtime(htmlangular): add html syntax highlighting translation(it): Fix filemode of Italian manpages runtime(doc): Update outdated man.vim plugin information runtime(zip): simplify condition to detect MS-Windows * v9.1.0686: zip-plugin has problems with special characters runtime(pandoc): escape quotes in &errorformat for pandoc translation(it): updated Italian manpage * v9.1.0685: too many strlen( calls in usercmd.c runtime(doc): fix grammar in :h :keeppatterns runtime(pandoc): refine pandoc compiler settings * v9.1.0684: completion is inserted on Enter with "noselect" translation(ru): update man pages * v9.1.0683: mode( returns wrong value with <Cmd> mapping runtime(doc): remove trailing whitespace in cmdline.txt * v9.1.0682: Segfault with uninitialized funcref * v9.1.0681: Analyzing failed screendumps is hard runtime(doc): more clarification for the :keeppatterns needed * v9.1.0680: VMS does not have defined uintptr_t runtime(doc): improve typedchar documentation for KeyInputPre autocmd runtime(dist): verify that executable is in $PATH translation(it): update Italian manpages runtime(doc): clarify the effect of :keeppatterns after * v9.1.0677 runtime(doc): update Makefile and make it portable between GNU and BSD * v9.1.0679: Rename from w_closing to w_locked is incomplete runtime(colors): update colorschemes runtime(vim): Update base-syntax, improve :let-heredoc highlighting runtime(doc): Updating the examples in the xxd manpage translation(ru): Updated uganda.rux runtime(yaml): do not re-indent when commenting out lines * v9.1.0678: use-after-free in alist_add() * v9.1.0677 :keepp does not retain the substitute pattern translation(ja): Update Japanese translations to latest release runtime(netrw): Drop committed trace lines runtime(netrw): Error popup not always used ... changelog too long, skipping 97 lines ... - add support for "all" and "userns" rules, and new profile flags
participants (1)
-
Richard Brown