New ARM MicroOS snapshot 20230119 released!
Please note that this mail was generated by a script. The described changes are computed based on the aarch64 DVD. The full online repo contains too many changes to be listed here. Please check the known defects of this snapshot before upgrading: https://openqa.opensuse.org/tests/overview?distri=microos&groupid=3&version=Tumbleweed&build=20230119 https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=--- Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org. For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports Packages changed: crda diffutils (3.8 -> 3.9) ed (1.18 -> 1.19) gcc13 (13.0.0+git197351 -> 13.0.1+git5199) installation-images-MicroOS (17.67 -> 17.68) kernel-source (6.1.4 -> 6.1.7) libXpm libevent librsvg libstorage-ng (4.5.63 -> 4.5.64) libva (2.16.0 -> 2.17.0) libwacom (2.4.0 -> 2.5.0) ncurses (6.4.20230107 -> 6.4.20230114) patterns-microos perl pipewire podman python-configobj python-httpx (0.23.0 -> 0.23.3) python310-packaging (22.0 -> 23.0) redis (7.0.7 -> 7.0.8) rpm rust-keylime (0.1.0+git.1666019359.f5de47b -> 0.1.0+git.1672681780.762cec8) tracker-miners (3.4.2 -> 3.4.3) yast2-storage-ng (4.5.15 -> 4.5.16) === Details === ==== crda ==== - Replace transitional %usrmerged macro with regular version check (boo#1206798) ==== diffutils ==== Version update (3.8 -> 3.9) - diffutils 3.9: * fixes for other platforms ==== ed ==== Version update (1.18 -> 1.19) - update to 1.19: * Reading a non-existent file with commands 'e' or 'E' did set the 'modified' flag, which prevented a following 'e' command from succeeding * The long name of option '-s' has been changed to '--script'. Option '-s' now only suppresses byte counts and the '!' prompt as mandated by POSIX. It no longer suppresses diagnostic messages written to stderr. * The short name '-q' has been assigned to options '--quiet' and '--silent'. Option '-q' now only suppresses diagnostic messages written to stderr. * The help message showing the line where a script error happened when ed's input is from a regular file is now printed to stdout instead of stderr because it is enabled by the 'H' command. * Ed no longer processes file names for backslash escapes. * It has been documented in the manual that address 0 is valid as a starting point for searches so that '0;/RE/' can match the regular expression RE in the first line of the buffer. * It has been documented in the manual how to achieve the effect of ex style '!' filtering with a sequence of commands. ==== gcc13 ==== Version update (13.0.0+git197351 -> 13.0.1+git5199) Subpackages: libgcc_s1 libgfortran5 libgomp1 libobjc4 libstdc++6 libstdc++6-pp libubsan1 - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Remove dependence on doxygen and graphviz when building the testsuite. Those were used to build the libstdc++ API html documentation but we stopped shipping that when Java support was removed and nobody noticed. Purge traces of the built libstdc++6-gccN-doc package. - Package libhwasan_preinit.o on x86_64. - Update to GCC trunk head (r13-5199-g2f81164255bf0d) * pulls changes up to the start of Stage 4 - Change version numbering to match the commit count from the git gcc-descr alias - Add gcc13-pr107678.patch to fix unwinding on aarch64 with pointer signing. [bsc#1206684] - Don't rely on %usrmerged, set it based on standard %suse_version - Enable PRU flavour for gcc13 ==== installation-images-MicroOS ==== Version update (17.67 -> 17.68) - merge gh#openSUSE/installation-images#618 - switch from curl to osc api to avoid authentication hassle with IBS - add 'ignore_packages' environment setting to allow more control over package config - update docs - 17.68 ==== kernel-source ==== Version update (6.1.4 -> 6.1.7) - Linux 6.1.7 (bsc#1012628). - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits (bsc#1012628). - ALSA: control-led: use strscpy in set_led_id() (bsc#1012628). - ALSA: usb-audio: Always initialize fixed_rate in snd_usb_find_implicit_fb_sync_format() (bsc#1012628). - ALSA: hda/realtek - Turn on power early (bsc#1012628). - ALSA: hda/realtek: Enable mute/micmute LEDs on HP Spectre x360 13-aw0xxx (bsc#1012628). - KVM: x86: Do not return host topology information from KVM_GET_SUPPORTED_CPUID (bsc#1012628). - KVM: arm64: Fix S1PTW handling on RO memslots (bsc#1012628). - efi: fix userspace infinite retry read efivars after EFI runtime services page fault (bsc#1012628). - efi: tpm: Avoid READ_ONCE() for accessing the event log (bsc#1012628). - io_uring/poll: add hash if ready poll request can't complete inline (bsc#1012628). - arm64: mte: Fix double-freeing of the temporary tag storage during coredump (bsc#1012628). - arm64: mte: Avoid the racy walk of the vma list during core dump (bsc#1012628). - arm64: cmpxchg_double*: hazard against entire exchange variable (bsc#1012628). - ACPI: Fix selecting wrong ACPI fwnode for the iGPU on some Dell laptops (bsc#1012628). - net: stmmac: add aux timestamps fifo clearance wait (bsc#1012628). - perf auxtrace: Fix address filter duplicate symbol selection (bsc#1012628). - s390/kexec: fix ipl report address for kdump (bsc#1012628). - brcmfmac: Prefer DT board type over DMI board type (bsc#1012628). - ASoC: qcom: lpass-cpu: Fix fallback SD line index handling (bsc#1012628). - elfcore: Add a cprm parameter to elf_core_extra_{phdrs,data_size} (bsc#1012628). - cpufreq: amd-pstate: fix kernel hang issue while amd-pstate unregistering (bsc#1012628). - s390/cpum_sf: add READ_ONCE() semantics to compare and swap loops (bsc#1012628). - s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (bsc#1012628). - drm/virtio: Fix GEM handle creation UAF (bsc#1012628). - drm/amd/pm/smu13: BACO is supported when it's in BACO state (bsc#1012628). - drm: Optimize drm buddy top-down allocation method (bsc#1012628). - drm/i915/gt: Reset twice (bsc#1012628). - drm/i915: Reserve enough fence slot for i915_vma_unbind_async (bsc#1012628). - drm/i915: Fix potential context UAFs (bsc#1012628). - drm/amd: Delay removal of the firmware framebuffer (bsc#1012628). - drm/amdgpu: Fixed bug on error when unloading amdgpu (bsc#1012628). - drm/amd/pm: correct the reference clock for fan speed(rpm) calculation (bsc#1012628). - drm/amd/pm: add the missing mapping for PPT feature on SMU13.0.0 and 13.0.7 (bsc#1012628). - drm/amd/display: move remaining FPU code to dml folder (bsc#1012628). - Revert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10 properly"" (bsc#1012628). - cifs: Fix uninitialized memory read for smb311 posix symlink create (bsc#1012628). - cifs: fix file info setting in cifs_query_path_info() (bsc#1012628). - cifs: fix file info setting in cifs_open_file() (bsc#1012628). - cifs: do not query ifaces on smb1 mounts (bsc#1012628). - cifs: fix double free on failed kerberos auth (bsc#1012628). - io_uring/fdinfo: include locked hash table in fdinfo output (bsc#1012628). - ASoC: rt9120: Make dev PM runtime bind AsoC component PM (bsc#1012628). - ACPI: video: Allow selecting NVidia-WMI-EC or Apple GMUX backlight from the cmdline (bsc#1012628). - platform/x86: dell-privacy: Only register SW_CAMERA_LENS_COVER if present (bsc#1012628). - platform/surface: aggregator: Ignore command messages not intended for us (bsc#1012628). - platform/x86: int3472/discrete: Ensure the clk/power enable pins are in output mode (bsc#1012628). - platform/x86: thinkpad_acpi: Fix profile mode display in AMT mode (bsc#1012628). - platform/x86: asus-wmi: Don't load fan curves without fan (bsc#1012628). - platform/x86: dell-privacy: Fix SW_CAMERA_LENS_COVER reporting (bsc#1012628). - dt-bindings: msm: dsi-controller-main: Fix operating-points-v2 constraint (bsc#1012628). - drm/msm: another fix for the headless Adreno GPU (bsc#1012628). - firmware/psci: Fix MEM_PROTECT_RANGE function numbers (bsc#1012628). - firmware/psci: Don't register with debugfs if PSCI isn't available (bsc#1012628). - drm/msm/adreno: Make adreno quirks not overwrite each other (bsc#1012628). - arm64/signal: Always allocate SVE signal frames on SME only ... changelog too long, skipping 522 lines ... - commit 0fb77d6 ==== libXpm ==== - U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch * needed by U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch - U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch * libXpm: Infinite loop on unclosed comments (CVE-2022-46285, bsc#1207029) - U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch * libXpm: Runaway loop on width of 0 and enormous height (CVE-2022-44617, bsc#1207030) - U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch * libXpm: compression commands depend on $PATH (CVE-2022-4883, bsc#1207031) - U_regression-bug1207029_1207030_1207031.patch * regression fix for above patches - U_regression2-bug1207029_1207030_1207031.patch * second regression fix: Use gzip -d instead of gunzip ==== libevent ==== - Disable the select backend, this can be easily done by lying to configure. This is done due to: * using fd number > 1024 on an fd_set results in a runtime fortify source assertion, preventing further doom. * select will not be changed to handle fd > 1024. * this limit is unreasonable low for this century. ==== librsvg ==== Subpackages: gdk-pixbuf-loader-rsvg librsvg-2-2 rsvg-thumbnailer typelib-1_0-Rsvg-2_0 - update vendor tarball - actually run the testsuite for x86_64 (bsc#1207167) ==== libstorage-ng ==== Version update (4.5.63 -> 4.5.64) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#912 - allow both 'swap' and 'none' as path for swap in fstab - added testcase - 4.5.64 ==== libva ==== Version update (2.16.0 -> 2.17.0) Subpackages: libva-drm2 libva-x11-2 libva2 - update to 2.17.0: * win: Simplify signature for driver name loading * win: Rewrite driver registry query and fix some bugs/leaks/inefficiencies * win: Add missing null check after calloc * va: Update security disclaimer * dep:remove the file .cvsignore * pkgconfig: add 'with-legacy' for emgd, nvctrl and fglrx * meson: add 'with-legacy' for emgd, nvctrl and fglrx * x11: move all FGLRX code to va_fglrx.c * x11: move all NVCTRL code to va_nvctrl.c * meson: stop using deprecated meson.source_root() * meson: stop using configure_file copy=true * va: correctly include the win32 (local) headers * win: clean-up the coding style * va: dos2unix all the files * drm: remove unnecessary dri2 version/extension query * trace: annotate internal functions with DLL_HIDDEN * build/sysdeps: Remove HAVE_GNUC_VISIBILITY_ATTRIBUTE and use _GNUC_ support level attribute instead * meson: Check support for -Wl,-version-script and build link_args accordingly * meson: Set va_win32 soversion to '' and remove the install_data rename * fix: resouce check null * va_trace: Add Win32 memory types in va_TraceSurfaceAttributes * va_trace: va_TraceSurfaceAttributes should check the VASurfaceAttribMemoryType * va: Adds Win32 Node and Windows build support * va: Adds compat_win32 abstraction for Windows build and prepares va common code for windows build * pkgconfig: Add Win32 package for when WITH_WIN32 is enabled * meson: Add with_win32 option, makes libdrm non-mandatory on Win * x11: add basic DRI3 support * drm: remove VA_DRM_IsRenderNodeFd() helper * drm: add radeon drm + radeonsi mesa combo ==== libwacom ==== Version update (2.4.0 -> 2.5.0) Subpackages: libwacom-data libwacom9 - update to 2.5.0: - Cintiq Pro 27 - Intuos Pro Small refresh - Dell Chromebook 11 5190 2-in-1 - Dell Inspiron 14 7425 2-in-1 - Fujitsu U729X - update keyring ==== ncurses ==== Version update (6.4.20230107 -> 6.4.20230114) Subpackages: libncurses6 ncurses-utils terminfo terminfo-base terminfo-iterm terminfo-screen - Add ncurses patch 20230114 + change RV to XR/xr, to avoid conflict with pre-existing usage in vim, to use RV/rv to denote DA2 and its response (discussion with Bram Moolenaar) -TD + add XF flag to xterm+focus so that termcap applications can be aware of terminals which may support focus in/out -TD + use xterm+focus in xterm-p370 and tmux -TD + improve configure-script macros vs compiler warnings. - Correct offsets of patches * ncurses-5.9-ibm327x.dif * ncurses-6.4.dif ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-base-microdnf patterns-microos-base-packagekit patterns-microos-base-zypper patterns-microos-basesystem patterns-microos-cloud patterns-microos-cockpit patterns-microos-defaults patterns-microos-desktop-common patterns-microos-desktop-gnome patterns-microos-desktop-kde patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-ra_agent patterns-microos-ra_verifier patterns-microos-selinux patterns-microos-sssd_ldap - Add transactional-update-notifier to the microos_desktop_common Pattern. This is a long waited change that will provide Desktop notifications about transactional updates succeeding/failing for MicroOS Desktop users. - Improve readability of FOR loop shell construct, in the install directive, by assigning all the Patterns iterated by FOR to the PATTERNS variable (for i in $PATTERNS) instead of passing them directly (for i in pattern1 pattern2 pattern3 ...). - Rename patterns-microos-rpmlintrc to patterns-microos.rpmlintrc. While the former is obviously supported, the latter is both preferred and recommended by upstream. ==== perl ==== Subpackages: perl-base - Replace usage of deprecated fgrep with grep -F. ==== pipewire ==== Subpackages: gstreamer-plugin-pipewire libpipewire-0_3-0 pipewire-alsa pipewire-modules-0_3 pipewire-pulseaudio pipewire-spa-plugins-0_2 pipewire-spa-tools pipewire-tools - Add patch from upstream to avoid division by 0 and other issues with invalid values (glfo#pipewire/pipewire#2953): * 0001-alsa-guard-against-some-invalid-values.patch - Add patch from upstream to fix causing an overflow resulting in choppy sound in some cases (glfo#pipewire/pipewire#2680): * 0001-spa-Fix-audioconvert-overflow-when-scaling.patch - Add patch from upstream to fix a crash on arm: * 0001-cpu-arm-Fix-incorrect-free.patch ==== podman ==== Subpackages: podman-cni-config - add patch: 0003-Only-override-the-graphdriver-to-vfs-if-the-priority.patch (backport of https://github.com/containers/storage/pull/1468) - Make the priority for picking the storage driver configurable (bsc#1197093) (backport of https://github.com/containers/storage/pull/1460) - add patch: 0002-Make-the-priority-for-picking-the-storage-driver-con.patch ==== python-configobj ==== - require setuptools ==== python-httpx ==== Version update (0.23.0 -> 0.23.3) - Update to 0.23.3 * Version 0.23.2 accidentally included stricter type checking on query parameters. This shouldn've have been included in a minor version bump, and is now reverted. (#2523, #2539) - 0.23.2 (2nd Jan, 2023) * Support digest auth nonce counting to avoid multiple auth requests. (#2463) * Multipart file uploads where the file length cannot be determine now use chunked transfer encoding, rather than loading the entire file into memory in order to determine the `Content-Length`. (#2382) * Raise `TypeError` if content is passed a dict-instance. (#2495) * Partially revert the API breaking change in 0.23.1, which removed `RawURL`. We continue to expose a `url.raw` property which is now a plain named-tuple. This API is still expected to be deprecated, but we will do so with a major version bump. (#2481) - 0.23.1 (18th Nov, 2022) * *Note**: The 0.23.1 release should have used a proper version bump, rather than a minor point release. There are API surface area changes that may affect some users. See the "Removed" section of these release notes for details. [#]## Added * Support for Python 3.11. (#2420) * Allow setting an explicit multipart boundary in `Content-Type` header. (#2278) * Allow `tuple` or `list` for multipart values, not just `list`. (#2355) * Allow `str` content for multipart upload files. (#2400) * Support connection upgrades. See https://www.encode.io/httpcore/extensions/#upgrade-requests [#]## Fixed * Don't drop empty query parameters. (#2354) [#]## Removed * Upload files *must* always be opened in binary mode. (#2400) * Drop `.read`/`.aread` from `SyncByteStream`/`AsyncByteStream`. (#2407) * Drop `RawURL`. (#2241) ==== python310-packaging ==== Version update (22.0 -> 23.0) - Update to v23.0 * Remove unused LPAREN token from tokenizer by @hrnciar in #630 * Reorganise the project layout and version management by @pradyunsg in #626 * Correctly handle non-normalised specifiers in requirements by @pradyunsg in #634 * Use stable Python 3.11 in tests by @153957 in #641 * Fix typing for specifiers.BaseSpecifier.filter() by @henryiii in #643 * Correctly handle trailing whitespace on URL requirements by @pradyunsg in #642 * refactor _generic_api to use EXT_SUFFIX by @mattip in #607 * Allow "extra" to be None in the marker environment by @pradyunsg in #650 * Fix typos by @kianmeng in #648 * Update changelog for release by @pradyunsg in #656 ==== redis ==== Version update (7.0.7 -> 7.0.8) - redis 7.0.8 * CVE-2022-35977: Integer overflow in the Redis SETRANGE and SORT/SORT_RO commands can drive Redis to OOM panic boo#1207202 * CVE-2023-22458: Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands can lead to denial-of-service boo#1207203 * Avoid possible hang when client issues long KEYS, SRANDMEMBER, HRANDFIELD, and ZRANDMEMBER commands and gets disconnected by client output buffer limit * Make sure that fork child doesn't do incremental rehashing * Fix a bug where blocking commands with a sub-second timeout would block forever * Fix sentinel issue if replica changes IP ==== rpm ==== Subpackages: librpmbuild9 - Replace transitional %usrmerged macro with regular version check (boo#1206798) ==== rust-keylime ==== Version update (0.1.0+git.1666019359.f5de47b -> 0.1.0+git.1672681780.762cec8) - Update to version 0.1.0+git.1672681780.762cec8: * build(deps): bump openssl from 0.10.41 to 0.10.45 * build(deps): bump tokio from 1.21.1 to 1.23.0 * Disable dnf-makecache.service to save RAM * CI tests: Do not remove Fedora tag repository * add support for cargo deb * Pacify clippy::needless-borrow * Move tpm.rs from keylime-agent to the library * Split crates into library and applications - Add 0001-keylime-agent-remove-const_err-deny.patch - Fix "cargo install" with workspaces https://github.com/rust-lang/cargo/issues/7599 - Add 0001-Cargo.toml-tss-esapi-bindings.patch - Update to version 0.1.0+git.1670590616.e80c67a: * main: only read uuid from KeylimeConfig * Enabling more e2e tests in Packit CI * systemd: start agent after network is online * Cargo: Drop unused dependencies rust-ini and toml ==== tracker-miners ==== Version update (3.4.2 -> 3.4.3) Subpackages: tracker-miner-files - Update to version 3.4.3: + Fix possible warnings in tracker-miner-fs-3 + Fixes to handle BTRFS subvolumes + Reset nie:isStoredAs/nie:interpretedAs on updated folders + Drop 'fluidsynthmidi' GStreamer module + Fix GSource leak + Updated translations. ==== yast2-storage-ng ==== Version update (4.5.15 -> 4.5.16) - Extended regexp to identify Dell BOSS storage devices (bsc#1200975) - 4.5.16
participants (1)
-
Guillaume Gardet