Mailinglist Archive: opensuse-factory (577 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20200209 released!
  • From: Dominique Leuenberger <dimstar@xxxxxxx>
  • Date: Tue, 11 Feb 2020 12:01:57 +0000
  • Message-id: <158142251730.9069.157803137736887064@go-agent-stagingbot-7>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:

Please do not reply to this email to report issues, rather file a bug
on For more information on filing bugs please

Packages changed:
cryptsetup (2.1.0 -> 2.3.0)
perl-CGI (4.45 -> 4.46)
perl-DBD-Pg (3.10.3 -> 3.10.4)
postfix (3.4.8 -> 3.4.9)
python-urwid (2.0.1 -> 2.1.0)
re2c (1.2.1 -> 1.3)
rpm-config-SUSE (0.g45 -> 0.g52)
tlp (1.3.0 -> 1.3.1)

=== Details ===

==== bcm43xx-firmware ====

- just depend on splitted brcm firmware package and not all

==== cryptsetup ====
Version update (2.1.0 -> 2.3.0)
Subpackages: libcryptsetup12 libcryptsetup12-32bit libcryptsetup12-hmac

- Update to 2.3.0 (include release notes for 2.2.0)
* BITLK (Windows BitLocker compatible) device access
* Veritysetup now supports activation with additional PKCS7 signature
of root hash through --root-hash-signature option.
* Integritysetup now calculates hash integrity size according to algorithm
instead of requiring an explicit tag size.
* Integritysetup now supports fixed padding for dm-integrity devices.
* A lot of fixes to online LUKS2 reecryption.
* Add crypt_resume_by_volume_key() function to libcryptsetup.
If a user has a volume key available, the LUKS device can be resumed
directly using the provided volume key.
No keyslot derivation is needed, only the key digest is checked.
* Implement active device suspend info.
Add CRYPT_ACTIVATE_SUSPENDED bit to crypt_get_active_device() flags
that informs the caller that device is suspended (luksSuspend).
* Allow --test-passphrase for a detached header.
Before this fix, we required a data device specified on the command
line even though it was not necessary for the passphrase check.
* Allow --key-file option in legacy offline encryption.
The option was ignored for LUKS1 encryption initialization.
* Export memory safe functions.
To make developing of some extensions simpler, we now export
functions to handle memory with proper wipe on deallocation.
* Fail crypt_keyslot_get_pbkdf for inactive LUKS1 keyslot.
* Add optional global serialization lock for memory hard PBKDF.
* Abort conversion to LUKS1 with incompatible sector size that is
not supported in LUKS1.
* Report error (-ENOENT) if no LUKS keyslots are available. User can now
distinguish between a wrong passphrase and no keyslot available.
* Fix a possible segfault in detached header handling (double free).
* Add integritysetup support for bitmap mode introduced in Linux kernel 5.2.
* The libcryptsetup now keeps all file descriptors to underlying device
open during the whole lifetime of crypt device context to avoid excessive
scanning in udev (udev run scan on every descriptor close).
* The luksDump command now prints more info for reencryption keyslot
(when a device is in-reencryption).
* New --device-size parameter is supported for LUKS2 reencryption.
* New --resume-only parameter is supported for LUKS2 reencryption.
* The repair command now tries LUKS2 reencryption recovery if needed.
* If reencryption device is a file image, an interactive dialog now
asks if reencryption should be run safely in offline mode
(if autodetection of active devices failed).
* Fix activation through a token where dm-crypt volume key was not
set through keyring (but using old device-mapper table parameter mode).
* Online reencryption can now retain all keyslots (if all passphrases
are provided). Note that keyslot numbers will change in this case.
* Allow volume key file to be used if no LUKS2 keyslots are present.
* Print a warning if online reencrypt is called over LUKS1 (not supported).
* Fix TCRYPT KDF failure in FIPS mode.
* Remove FIPS mode restriction for crypt_volume_key_get.
* Reduce keyslots area size in luksFormat when the header device is too small.
* Make resize action accept --device-size parameter (supports units suffix).

==== kexec-tools ====

- Fix build errors on old distributions
* kexec-tools-video-capability.patch
* kexec-tools-SYS_getrandom.patch

==== libgphoto2 ====
Subpackages: libgphoto2-6 libgphoto2-6-lang

- No longer recommend -lang: supplements are in use.

==== libgpod ====
Subpackages: libgpod-lang libgpod-tools libgpod4

- No longer recommend -lang: supplements are in use.

==== man-pages ====

- added patches
+ man-pages-somaxconn-default-value.patch

==== perl-CGI ====
Version update (4.45 -> 4.46)

- updated to 4.46
see /usr/share/doc/packages/perl-CGI/Changes
4.46 2020-02-03
- Document support for SameSite=None cookies (GH #238)

==== perl-DBD-Pg ====
Version update (3.10.3 -> 3.10.4)

- updated to 3.10.4
see /usr/share/doc/packages/perl-DBD-Pg/Changes
Version 3.10.4 (released February 3, 2020)
- Allow localtime from Time::Piece to be used directly as a bind value again.
This applies to all "magical" arrays.
[Greg Sabino Mullane]
[Github issue #63]
- Force tests to NOT run in parallel.
[Greg Sabino Mullane]
[RT #130834]

==== postfix ====
Version update (3.4.8 -> 3.4.9)

- bsc#1162891 server:mail/postfix: cond_slp bug on TW after
moving /etc/services to /usr/etc/services
- bsc#1160413 postfix fails with -fno-common
- Update to 3.4.9:
* Bug (introduced: Postfix 3.1): smtp_dns_resolver_options were
broken while adding support for negative DNS response caching
in postscreen. Postfix was inadvertently changed to call
res_query() instead of res_search().
* Bug (introduced: Postfix 2.5): Postfix ignored the CONNECT macro
overrides from a Milter application. Postfix now evaluates the
Milter macros for an SMTP CONNECT event after the Postfix-to-Milter
connection is negotiated.
* Bug (introduced: Postfix 3.0): sanitize (remote) server responses
before storing them in the verify database, to avoid Postfix
warnings about malformed UTF8. Found during code maintenance.

==== pulseaudio ====
Subpackages: libpulse-mainloop-glib0 libpulse0 pulseaudio-bash-completion
pulseaudio-gdm-hooks pulseaudio-lang pulseaudio-module-bluetooth
pulseaudio-module-gsettings pulseaudio-module-x11 pulseaudio-module-zeroconf
pulseaudio-utils pulseaudio-zsh-completion

- No longer recommend -lang: supplements are in use.

==== python-urwid ====
Version update (2.0.1 -> 2.1.0)

- update to 2.1.0
* Add support for Python 3.7 and 3.8, drop support for Python 3.3
* Add 24-bit (true color) support.
* Fix crash on click-Esc & Esc-click
* Break rather than raising exception on shard calculation bug.
* Fix EOF detection for the Terminal widget on Python 3
* Many more features and fixes

==== re2c ====
Version update (1.2.1 -> 1.3)

- Update to version 1.3:
* Added option: ``--stadfa``.
* Added warning: ``-Wsentinel-in-midrule``.
* Added generic API primitives:
* Added configurations:
+ ``re2c:sentinel = 0;``
+ ``re2c:define:YYSTAGPD = "YYSTAGPD";``
+ ``re2c:define:YYMTAGPD = "YYMTAGPD";``
* Worked on reproducible builds

==== rpm-config-SUSE ====
Version update (0.g45 -> 0.g52)

- Update to version 0.g52:
* Make deprecated %install_info not fail when used within if/fi construct
- Update to version 0.g50:
* Add missing changelog entries and fix authors
* Add ldconfig_scriptlets macros for RH/Fedora compatibility
* move %install_info to file triggers (boo#1152105)

==== schily ====
Subpackages: cdda2wav cdrecord libcdrdeflt1_0 libdeflt1_0 libedc_ecc1_0
libedc_ecc_dec1_0 libfile1_0 libfind4_0 libparanoia1_0 librmt1_0 librscg1_0
libscg1_0 libscgcmd1_0 libschily2_0 mkisofs readcd spax star

- Set -fcommon [boo#1160291].

==== system-users ====
Subpackages: system-group-hardware system-group-wheel system-user-bin
system-user-daemon system-user-ftp system-user-games system-user-lp
system-user-mail system-user-man system-user-news system-user-nobody
system-user-tftp system-user-upsd system-user-uucp system-user-wwwrun

- Add tss user for TPM tools (boo#1162360).

==== tar ====
Subpackages: tar-lang tar-rmt

- No longer recommend -lang: supplements are in use.

==== tlp ====
Version update (1.3.0 -> 1.3.1)
Subpackages: tlp-rdw

- Update to 1.3.1
* default CPU_ENERGY_PERF_POLICY_ON_BAT=power too aggressive (issue#460)

==== tpm2-0-tss ====
Subpackages: libtss2-esys0 libtss2-mu0 libtss2-sys0

- Use system-users for tss user creation (boo#1162360).

==== virglrenderer ====

- Avoid potential DoS in texture allocation (CVE-2020-8003
- Avoid potential DoS if grid launched without prior Compute Shader
(CVE-2020-8002 boo#1162519)
- Avoid deleting wrong object, in use by others
- Avoid potential use after free when deleting context

==== xkeyboard-config ====
Subpackages: xkeyboard-config-lang

- No longer recommend -lang: supplements are in use.

To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages