Mailinglist Archive: opensuse-factory (355 mails)

< Previous Next >
[opensuse-factory] New Tumbleweed snapshot 20200306 released!
  • From: Dominique Leuenberger <dimstar@xxxxxxx>
  • Date: Sun, 08 Mar 2020 02:01:25 +0000
  • Message-id: <158363288507.31742.3959522950599123854@go-agent-stagingbot-7>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=opensuse&groupid=1&version=Tumbleweed&build=20200306

Please do not reply to this email to report issues, rather file a bug
on bugzilla.opensuse.org. For more information on filing bugs please
see https://en.opensuse.org/openSUSE:Submitting_bug_reports

Packages changed:
autofs (5.1.5 -> 5.1.6)
ceph (15.0.0.7456+ge089cead79 -> 15.1.0.1521+gcdf35413a0)
curl (7.68.0 -> 7.69.0)
dracut (049.1+git124.70941b30 -> 049.1+git125.e2b2c9ef)
ed (1.15 -> 1.16)
elementary-xfce-icon-theme (0.14+git21.6b81725d -> 0.14+git23.0db3af45)
ffmpeg-4
gd
gstreamer-plugins-bad
hwdata (0.332 -> 0.333)
libmfx (19.2.1 -> 19.4.0)
libva (2.5.0 -> 2.6.1)
libva-gl (2.5.0 -> 2.6.1)
libvirt
libxcrypt (4.4.12 -> 4.4.15)
open-iscsi
osinfo-db (20191125 -> 20200214)
perl-Date-Manip (6.79 -> 6.81)
perl-DateTime (1.51 -> 1.52)
perl-DateTime-Format-Strptime (1.76 -> 1.77)
permissions (1550_20200213 -> 1550_20200228)
rubygem-nokogiri (1.10.8 -> 1.10.9)
samba (4.11.5+git.114.5685848b8fc -> 4.11.6+git.120.e474a78db08)
skopeo (0.1.39 -> 0.1.41)
systemd
vim (8.2.0314 -> 8.2.0348)
wicked (0.6.62 -> 0.6.63)
wireguard
xscreensaver (5.40 -> 5.43)

=== Details ===

==== autofs ====
Version update (5.1.5 -> 5.1.6)

- Upgrade to 5.1.6
- support strictexpire mount option.
- fix hesiod string check in master_parse().
- add NULL check for get_addr_string() return.
- use malloc(3) in spawn.c.
- add mount_verbose configuration option.
- optionally log mount requestor process info.
- log mount call arguments if mount_verbose is set.
- Fix NFS mount from IPv6 addresses.
- make expire remaining log level debug.
- allow period following macro in selector value.
- fix macro expansion in selector values.
- fix typing errors.
- Explain /etc/auto.master.d usage.
- plus map includes are only allowed in file sources.
- Update README.
- fix additional typing errors.
- update autofs(8) offset map entry update description.
- increase group buffer size geometrically.
- also use strictexpire for offsets.
- remove unused function has_fstab_option().
- remove unused function reverse_mnt_list().
- remove a couple of old debug messages.
- fix amd entry memory leak.
- fix unlink_mount_tree() not umounting mounts.
- use ignore option for offset mounts as well.
- add config option for "ignore" mount option
- use bit flags for autofs mount types in mnt_list.
- use mp instead of path in mnt_list entries.
- always use PROC_MOUNTS to make mount lists.
- add glibc getmntent_r().
- use local getmntent_r in table_is_mounted().
- refactor unlink_active_mounts() in direct.c.
- don't use tree_is_mounted() for mounted checks.
- use single unlink_umount_tree() for both direct and indirect mounts.
- move unlink_mount_tree() to lib/mounts.c.
- use local_getmntent_r() for unlink_mount_tree().
- use local getmntent_r() in get_mnt_list().
- use local getmntent_r() in tree_make_mnt_list().
- fix missing initialization of autofs_point flags.
- NetworkManager-autofs: reload rather than restart autofs.service
* If complex network setups are being brought up, autofs.service
may be restarted too quickly, causing systemd to consider the
service failed. "reload" avoids that, and works just fine.
- Fix autofs restart when Networkmanager connection is brought up
* NetworkManager-autofs: /bin/systemctl has been removed in
systemd-244

==== ceph ====
Version update (15.0.0.7456+ge089cead79 -> 15.1.0.1521+gcdf35413a0)
Subpackages: librados2 librbd1

- Update to 15.1.0-1521-gcdf35413a0:
+ rebase on tip of upstream master, SHA1
28c08615e5c27e5a0986e3191ca4427cdc32f538
- significant changes since the last Factory SR:
+ ceph-rpmlintrc: silence RPMLINT warnings and document ones that are in
the process of being fixed ("WIP")
+ fix s390x build failure
+ fix GCC 10 build failure (boo#1161086)
+ spec:
* drop Python 2 support
* make Python 3 build work on CentOS 8
* globally change %_python_buildid macro to %_python3_pkgversion
* Use pkgconfig() style BuildRequires for udev/libudev-devel
* add cmake_verbose_logging bcond
* rename ceph-daemon subpackage to cephadm
* add scriptlets to cephadm subpackage
* rename ceph-mgr-ssh subpackage to ceph-mgr-cephadm
* stop calling MGR modules "plugins"
* move "always-on" MGR modules into their own subpackage,
ceph-mgr-modules-core
* make ceph-mgr-cephadm explicitly require openssh on SUSE
- Update to 15.1.0-1207-g89308cc4c6:
+ rebase on tip of upstream master, SHA1
0ffbe4a5ef73036309a3c6488be4dbb1b667a4c7
+ drop temporary fix "cephadm: Don't call prepare-host from bootstrap"
- Update to 15.1.0-951-g36f83482b6c:
+ cephadm: Don't call prepare-host from bootstrap
(temporary fix to keep cephadm running on SUSE after upstream merged
932ac9342483141f10dbf99d1806d81a4d70a26a)
- Update to 15.1.0-950-g0ba22d2e46:
+ rebase on tip of upstream master, SHA1
e79e42467970c1be210d674e90dab21ce73e2872
* mgr/orch: resurrect ServiceDescription, 'orch ls'
- Update to 15.1.0-818-g5f8ed0e957:
+ rebase on tip of upstream master, SHA1
eb72aebb92f1bfce00aedaebf140789871eb943f
* includes "mgr/orch: new cli, phase 2" patches (PR#33244) needed
by latest ceph-bootstrap
- Update to 15.1.0-636-g2280954009:
+ rebase on tip of upstream master, SHA1
e36d47a8c3f4181d68a4cd680bdde72064dee910
- Update to 15.1.0-168-gfda88e35c8:
+ rebase on tip of upstream master, SHA1
80487f4a604da94778e65f666e1177a3ed84543e
+ spec: Use pkgconfig() style BuildRequires for udev/libudev-devel
- Update to 15.0.0-10092-gb5fd1b8250:
+ rebase on tip of upstream master, SHA1
3913835a8f0b9b34ceffd4dc02e1e8203227be02
- Update to 15.0.0-9544-gefdea72067:
+ cmake: Improve test for 16-byte atomic support on IBM Z (bsc#1161688)
- Update to 15.0.0-9543-g1c7fc80ba1:
+ rebase on tip of upstream master, SHA1
089e97c27013612672099281fad76746f19290e3
- Update to 15.0.0-9494-g22cdfe7b96:
+ rebase on tip of upstream master, SHA1
26c66630bd98dfce113f66ab4e081e5a7b0216c0
- Update to 15.0.0-9092-gd050bc3f0a:
+ rebase on tip of upstream master, SHA1
dfd90da59c0b2eda9ca61fed1d508ddc2ab32a2b
- Update to 15.0.0-8683-gb78b3635a5:
+ rebase on tip of upstream master, SHA1
3e1e6a6694bb133c57e2b05a6316dcebae390815
+ drop libxio Provides/Obsoletes (they are no longer necessary because libxio
is long gone)
+ drop runtime dependency on gptfdisk (it was needed for ceph-disk,
which has since been removed)
+ spec: drop "_python_buildid" macro (it was needed to support py2 builds,
which upstream is finally moving away from)
- Update to 15.0.0-8588-g58b5b29433:
+ spec, debian: cephadm requires lvm2 (bsc#1159466)
- ceph-rpmlintrc: fix syntax error introduced by change mentioned
in previous changelog entry
- Update to 15.0.0-8587-gf0521c1db5:
+ rebase on tip of upstream master, SHA1
068aafb2ea3c71b5adda79467847ee03b77bb35e
* cephadm: do ceph-volume activate+deactivate as part of systemd unit
- Update to 15.0.0-8442-g094a533242:
+ spec:
* fix cephadm user/group creation
* cephadm subpackage: start summary with a capital letter
+ ceph-rpmlintrc: silence some RPMLINT warnings
- Update to 15.0.0-8370-gec9b27b5e0
+ ceph-daemon is renamed to cephadm
+ mgr/ssh is renamed to mgr/cephadm
- increase disk space needs in _constraints for some architectures
- Update to 15.0.0-7866-g639502405f:
+ rebase on tip of upstream master, SHA1
95dd54889a9c113f77dd6c2c7e77166335a59794
- Update to 15.0.0-7686-g54042e1a06:
+ rebase on tip of upstream master, SHA1
2c06beb5ec38c8b9f7bd84152da3f5708de8d0c0
* Revert "Merge pull request #16715 from adamemerson/wip-I-Object!"
(bsc#1157443)
* spec: add explicit openssh dependency to ceph-mgr-ssh (bsc#1157527)

==== curl ====
Version update (7.68.0 -> 7.69.0)
Subpackages: libcurl4

- Update to 7.69.0
* Changes:
- polarssl: removed
- smtp: add CURLOPT_MAIL_RCPT_ALLLOWFAILS and --mail-rcpt-allowfails
- wolfSSH: new SSH backend
* Bugfixes:
- altsvc: improved header parser
- altsvc: keep a copy of the file name to survive handle reset
- altsvc: make saving the cache an atomic operation
- altsvc: use h3-27
- azure: disable brotli on the macos debug-builds
- build: remove all HAVE_OPENSSL_ENGINE_H defines
- cleanup: fix several comment typos
- cleanup: fix typos and wording in docs and comments
- cmake: add support for CMAKE_LTO option
- cmake: clean up and improve build procedures
- cmake: Show HTTPS-proxy in the features output
- cmake: use check_symbol_exists also for inet_pton
- configure.ac: fix comments about --with-quiche
- configure: disable metalink if mbedTLS is specified
- configure: disable metalink support for incompatible SSL/TLS
- conn: do not reuse connection if SOCKS proxy credentials differ
- conncache: removed unused Curl_conncache_bundle_size()
- connect: remove some spurious infof() calls
- connection reuse: respect the max_concurrent_streams limits
- cookie: check __Secure- and __Host- case sensitively
- cookies: make saving atomic with a rename
- create-dirs.d: mention the mode
- curl: avoid using strlen for testing if a string is empty
- curl: error on --alt-svc use w/o support
- curl: let -D merge headers in one file again
- curl: make #0 not output the full URL
- curl: make the -# spaceship bar not wrap the line
- curl: remove 'config' field from OutStruct
- curl:progressbarinit: ignore column width from terminals < 20
- curl_escape.3: add a link to curl_free
- curl_getenv.3: fix the memory handling description
- curl_global_init: assume the EINTR bit by default
- curl_global_init: move the IPv6 works status bool to multi handle
- CURLINFO_COOKIELIST.3: Fix example
- CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording
- CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
- CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section
- data.d: remove "Multiple files can also be specified"
- digest: do not quote algorithm in HTTP authorisation
- docs/HTTP3: add --enable-alt-svc to curl's configure
- docs/HTTP3: update the OpenSSL branch to use for ngtcp2
- docs: fix typo on CURLINFO_RETRY_AFTER
- easy: remove dead code
- form.d: fix two minor typos
- ftp: convert 'sock_accepted' to a plain boolean
- ftp: remove superfluous checking for crlf in user or pwd
- ftp: shrink temp buffers used for PORT
- github: Instructions to post "uname -a" on Unix systems in issues
- GnuTLS: always send client cert
- gtls: fixed compilation when using GnuTLS < 3.5.0
- hostip: move code to resolve IP address literals to 'Curl_resolv'
- HTTP-COOKIES: describe the cookie file format
- HTTP-COOKIES: mention that a trailing newline is required
- http2: make pausing/unpausing set/clear local stream window
- http2: now requires nghttp2 >= 1.12.0
- http: added 417 response treatment
- http: increase EXPECT_100_THRESHOLD to 1Mb
- http: mark POSTs with no body as "upload done" from the start
- http: move "oauth_bearer" from connectdata to Curl_easy
- include: remove non-curl prefixed defines
- KNOWN_BUGS: Multiple methods in a single WWW-Authenticate: header
- libssh2: add support for forcing a hostkey type
- libssh2: fix variable type
- libssh: improve known hosts handling
- llist: removed unused Curl_llist_move()
- location.d: the method change is from POST to GET only
- md4: fixed compilation issues when using GNU TLS gcrypt
- md4: use init/update/final functions in Secure Transport
- md5: added implementation for mbedTLS
- mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER
- multi: change curl_multi_wait/poll to error on negative timeout
- multi: fix outdated comment
- multi: if Curl_readwrite sets 'comeback' use expire, not loop
- multi_done: if multiplexed, make conn->data point to another transfer
- multi_wait: stop loop when sread() returns zero
- ngtcp2: add error code for QUIC connection errors
- ngtcp2: fixed to only use AF_INET6 when ENABLE_IPV6
- ngtcp2: update to git master and its draft-25 support
- ntlm: removed the dependency on the TLS libaries when using MD5
- ntlm_wb: use Curl_socketpair() for greater portability
- oauth2-bearer.d: works for HTTP too
- openssl: make CURLINFO_CERTINFO not truncate x509v3 fields
- openssl: remove redundant assignment
- os400: fixed the build
- pause: force-drain the transfer on unpause
- quiche: update to draft-25
- README: mention that the docs is in docs/
- runtests: make random seed fixed for a month
- runtests: restore the command log
- schannel_verify: Fix alt names manual verify for UNICODE builds
- sha256: use crypto implementations when available
- singleuse.pl: support new API functions, fix curl_dbg_ handling
- smtp: support the SMTPUTF8 extension
- smtp: support UTF-8 based host names in MAIL FROM
- SOCKS: make the connect phase non-blocking
- strcase: turn Curl_raw_tolower into static
- strerror: increase STRERROR_LEN 128 -> 256
- test1323: added missing 'unit test' feature requirement
- tests: add a unit test for MD4 digest generation
- tests: add a unit test for SHA256 digest generation
- tests: add a unit test for the HMAC hash generation
- tests: deduce the tool name from the test case for unit tests
- tests: fix Python 3 compatibility of smbserver.py
- tool_dirhie: allow directory traversal during creation
- tool_homedir: change GetEnv() to use libcurl's curl_getenv()
- url: include the failure reason when curl_win32_idn_to_ascii() fails
- urlapi: guess scheme properly with credentials given
- urldata: do string enums without #ifdefs for build scripts
- vtls: refactor Curl_multissl_version to make the code clearer
- Refresh patches:
* curl-secure-getenv.patch
* libcurl-ocloexec.patch

==== dracut ====
Version update (049.1+git124.70941b30 -> 049.1+git125.e2b2c9ef)

- Update to version 049.1+git125.e2b2c9ef:
* 01fips: handle SHA1 on machines without AVX (bsc#1160318)
* Update: 90kernel-modules: Add PCI host controller modules (boo#1162669)

==== ed ====
Version update (1.15 -> 1.16)

- Update to 1.16
* regex.c (line_replace): Accept 's/^/#/g' as valid.
(Reported by Bjoern Wibben).
* main_loop.c: Removed length limit of prompt string.
(Reported by Tim Chase).
* main.c: Set a valid invocation_name even if argc == 0.
* ed.texi: Extended operators depend on regex implementation.
(Reported by Brian Zwahr).
* ed.texi: Several fixes and improvements.

==== elementary-xfce-icon-theme ====
Version update (0.14+git21.6b81725d -> 0.14+git23.0db3af45)

- Update to version 0.14+git23.0db3af45:
* Fixed close and eject icons for dark theme
* Fix user-desktop icons

==== ffmpeg-4 ====
Subpackages: libavcodec58 libavdevice58 libavfilter7 libavformat58
libavresample4 libavutil56 libpostproc55 libswresample3 libswscale5

- Enable libmfx support for SLE 15 SP2 and Leap 15.2 via
conditional, libmfx is available there too now.

==== gd ====
Subpackages: libgd3

- security update
- added patches
fix CVE-2018-14553 [bsc#1165471], null pointer dereference in gdImageClone()
+ gd-CVE-2018-14553.patch

==== gstreamer-plugins-bad ====
Subpackages: gstreamer-plugins-bad-lang libgstadaptivedemux-1_0-0
libgstbadaudio-1_0-0 libgstbasecamerabinsrc-1_0-0 libgstcodecparsers-1_0-0
libgstisoff-1_0-0 libgstmpegts-1_0-0 libgstphotography-1_0-0 libgstsctp-1_0-0
libgsturidownloader-1_0-0 libgstwayland-1_0-0 libgstwebrtc-1_0-0

- Switch to meson buildsystem for tumbleweed.
- Following the above, add pkgconfig(vulkan) BuildRequires and
tweak options passed to meson, as well as a cleanup in some
conditionals.
- Add gst-plugins-bad-wayland-headers.patch: Fix build when using
meson and having wayland-headers in non-default location

https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1076.

==== hwdata ====
Version update (0.332 -> 0.333)

- Update to version 0.323:
* Updated pci, usb and vendor ids.

==== libmfx ====
Version update (19.2.1 -> 19.4.0)
Subpackages: libmfx1

- Update to version 19.4.0:
* bugfixes and improvements

==== libva ====
Version update (2.5.0 -> 2.6.1)
Subpackages: libva-drm2 libva-x11-2 libva2

- Update to version 2.6.1
* adjust call sequence to ensure authenticate operation is
executed this patch is not needed for media-driver, but
needed for i965 driver which check authentication.
- Update to version 2.6.0:
* enable the mutiple driver selection logic and enable it for DRM.
* drm: Add iHD to driver_name_map
* Add missed slice parameter 'slice_data_num_emu_prevn_bytes'
* ensure that all meson files are part of the release tarball
* configure: use correct comparison operator
* trace: support VAConfigAttribMultipleFrame in trace
* remove incorrect field of VAConfigAttribValDecJPEG
* va/va_trace: Dump VP9 parameters for profile 1~3
* add multiple frame capability report
* add variable to indicate layer infromation
* trace: fix memory leak on closing the trace
* add prediction direction caps report
* Add comments for colour primaries and transfer characteristics in
VAProcColorProperties

==== libva-gl ====
Version update (2.5.0 -> 2.6.1)
Subpackages: libva-glx2 libva-wayland2

- Update to version 2.6.1
* adjust call sequence to ensure authenticate operation is
executed this patch is not needed for media-driver, but
needed for i965 driver which check authentication.
- Update to version 2.6.0:
* enable the mutiple driver selection logic and enable it for DRM.
* drm: Add iHD to driver_name_map
* Add missed slice parameter 'slice_data_num_emu_prevn_bytes'
* ensure that all meson files are part of the release tarball
* configure: use correct comparison operator
* trace: support VAConfigAttribMultipleFrame in trace
* remove incorrect field of VAConfigAttribValDecJPEG
* va/va_trace: Dump VP9 parameters for profile 1~3
* add multiple frame capability report
* add variable to indicate layer infromation
* trace: fix memory leak on closing the trace
* add prediction direction caps report
* Add comments for colour primaries and transfer characteristics in
VAProcColorProperties

==== libvirt ====
Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon
libvirt-daemon-driver-interface libvirt-daemon-driver-libxl
libvirt-daemon-driver-lxc libvirt-daemon-driver-network
libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter
libvirt-daemon-driver-qemu libvirt-daemon-driver-secret
libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core
libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct
libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath
libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi
libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs

- qemu: Allow format probing under special circumstances
ae9e6c2a-qemu-allow-cond-format-probe.patch
bsc#1165588

==== libxcrypt ====
Version update (4.4.12 -> 4.4.15)
Subpackages: libcrypt1 libcrypt1-32bit libxcrypt-devel

- Update to version 4.4.15
* The compatibility symbols crypt_gensalt_r, xcrypt, xcrypt_r,
xcrypt_gensalt, and xcrypt_gensalt_r are deprecated further
* Speed up ka-sunmd5 by skipping most of the test phrases
- Package README.md and TODO.md (bsc#1165389)

==== open-iscsi ====
Subpackages: iscsiuio libopeniscsiusr0_2_0

- Merged in latest upstream (2.1.1), which is mainly a bug-fix
release over 2.1.0, including changing the test suite from
shell-based to python3-based, replacing
open-iscsi.2.1.0-suse.tar.bz2 with open-iscsi-2.1.1-suse.tar.bz2
and resetting open-iscsi-SUSE-latest-diff.bz2

==== osinfo-db ====
Version update (20191125 -> 20200214)

- bsc#1165855 - Add UEFI support to the database for SLES and
openSUSE distros
5bbe30db-opensuse-add-info-about-UEFI-support.patch
SLE-add-info-about-UEFI-support.patch
- Update database to version 20200214
osinfo-db-20200214.tar.xz
- Drop patch included in new tarball
add-sle12sp5-support.patch
- Fix the length of string for the ISO volume id (bsc#1054986)
fix-sle15sp1-volume-id-string.patch
add-sle15sp2-support.patch
- Fix release date of SLE12-SP5
add-sle12sp5-support.patch

==== perl-Date-Manip ====
Version update (6.79 -> 6.81)

- updated to 6.81
see /usr/share/doc/packages/perl-Date-Manip/Changes
6.81 2020-03-01
- Messed up the 6.80 package. This release fixes it.
6.80 2020-03-01
- Missed Changes entry for previous version.
Reported by Tina Muller (GitHub #31)
6.79 2019-12-01
- Time zone fixes
Newest zoneinfo data (tzdata 2019c).

==== perl-DateTime ====
Version update (1.51 -> 1.52)

- updated to 1.52
see /usr/share/doc/packages/perl-DateTime/Changes
1.52 2020-02-29
- Added a $dt->is_between($dt1, $dt2) method. Based on GH #97 by philip r
brenan.
- Simplify the calculation of leap seconds in XS. This is a little more
efficient for most use cases (anything with future or recent past
datetimes). Contributed by Mark Overmeer. GH #91.

==== perl-DateTime-Format-Strptime ====
Version update (1.76 -> 1.77)

- updated to 1.77
see /usr/share/doc/packages/perl-DateTime-Format-Strptime/Changes
1.77 2020-02-29
* When the parsed string contained an invalid time zone offset (parsed with
"%z") like "-9999", the error handling set in the parser's constructor was
ignored and an exception was always thrown. Reported by x-qq. GH #25.

==== permissions ====
Version update (1550_20200213 -> 1550_20200228)
Subpackages: chkstat permissions-config permissions-doc

- Update to version 20200228:
* chkstat: fix readline() on platforms with unsigned char
- Update to version 20200227:
* remove capability whitelisting for radosgw
* whitelist ceph log directory (bsc#1150366)
* adjust testsuite to post CVE-2020-8013 link handling
* testsuite: add option to not mount /proc
* do not follow symlinks that are the final path element: CVE-2020-8013
* add a test for symlinked directories
* fix relative symlink handling
* include cpp compat headers, not C headers
* Move permissions and permissions.* except .local to /usr/share/permissions
* regtest: fix the static PATH list which was missing /usr/bin
* regtest: also unshare the PID namespace to support /proc mounting
* regtest: bindMount(): explicitly reject read-only recursive mounts
* Makefile: force remove upon clean target to prevent bogus errors
* regtest: by default automatically (re)build chkstat before testing
* regtest: add test for symlink targets
* regtest: make capability setting tests optional
* regtest: fix capability assertion helper logic
* regtests: add another test case that catches set*id or caps in
world-writable sub-trees
* regtest: add another test that catches when privilege bits are set for
special files
* regtest: add test case for user owned symlinks
* regtest: employ subuid and subgid feature in user namespace
* regtest: add another test case that covers unknown user/group config
* regtest: add another test that checks rejection of insecure mixed-owner
paths
* regtest: add test that checks for rejection of world-writable paths
* regtest: add test for detection of unexpected parent directory ownership
* regtest: add further helper functions, allow access to main instance
* regtest: introduce some basic coloring support to improve readability
* regtest: sort imports, another piece of rationale
* regtest: add capability test case
* regtest: improve error flagging of test cases and introduce warnings
* regtest: support caps
* regtest: add a couple of command line parameter test cases
* regtest: add another test that checks whether the default profile works
* regtests: add tests for correct application of local profiles
* regtest: add further test cases that test correct profile application
* regtest: simplify test implementation and readability
* regtest: add helpers for permissions.d per package profiles
* regtest: support read-only bind mounts, also bind-mount permissions repo
* tests: introduce a regression test suite for chkstat
* Makefile: allow to build test version programmatically
* README.md: add basic readme file that explains the repository's purpose
* chkstat: change and harmonize coding style
* chkstat: switch to C++ compilation unit
- add suse_version to end of permissions package version

==== rubygem-nokogiri ====
Version update (1.10.8 -> 1.10.9)

- updated to version 1.10.9
[#] Fixed
* [MRI] Raise an exception when Nokogiri detects a specific
libxml2 edge case involving blank Schema nodes wrapped
by Ruby objects that would cause a segfault. Currently no fix
is available upstream, so we're preventing a dangerous
operation and informing users to code around it if
possible. [#1985, #2001]
* [JRuby] Change NodeSet#to_a to return a RubyArray instead
of Object, for compilation under JRuby 9.2.9 and later.
[#1968, #1969] (Thanks, @headius!)

==== samba ====
Version update (4.11.5+git.114.5685848b8fc -> 4.11.6+git.120.e474a78db08)
Subpackages: libdcerpc-binding0 libdcerpc-binding0-32bit libdcerpc0
libdcerpc0-32bit libndr-krb5pac0 libndr-krb5pac0-32bit libndr-nbt0
libndr-nbt0-32bit libndr-standard0 libndr-standard0-32bit libndr0 libndr0-32bit
libnetapi0 libnetapi0-32bit libsamba-credentials0 libsamba-credentials0-32bit
libsamba-errors0 libsamba-errors0-32bit libsamba-hostconfig0
libsamba-hostconfig0-32bit libsamba-passdb0 libsamba-passdb0-32bit
libsamba-policy0-python3 libsamba-util0 libsamba-util0-32bit libsamdb0
libsamdb0-32bit libsmbclient0 libsmbconf0 libsmbconf0-32bit libsmbldap2
libsmbldap2-32bit libtevent-util0 libtevent-util0-32bit libwbclient0
libwbclient0-32bit samba-client samba-client-32bit samba-libs samba-libs-32bit
samba-libs-python3 samba-python3 samba-winbind samba-winbind-32bit

- Remove unused pwdutils buildrequires
- Update to samba 4.11.6
+ pygpo: Use correct method flags; (bso#14209);
+ Avoiding bad call flags with python 3.8, using METH_NOARGS
instead of zero; (bso#14209);
+ source4/utils/oLschema2ldif: Include stdint.h before cmocka.h;
(bso#14218);
+ docs-xml/winbindnssinfo: Clarify interaction with idmap_ad etc;
(bso#14122);
+ smbd: Fix the build with clang; (bso#14251);
+ upgradedns: Ensure lmdb lock files linked; (bso#14199);
+ s3: VFS: glusterfs: Reset nlinks for symlink entries during
readdir; (bso#14182);
+ smbc_stat() doesn't return the correct st_mode and also the
uid/gid is not filled (SMBv1) file; (bso#14101);
+ librpc: Fix string length checking in ndr_pull_charset_to_null();
(bso#14219);
+ ctdb-scripts: Strip square brackets when gathering connection info;
(bso#14227);

==== skopeo ====
Version update (0.1.39 -> 0.1.41)

- Removed patches that were merged upstream:
- 0002-Add-set-of-image-options-used-only-for-docker-transp.patch
- bsc1115165-0001-Introduce-the-sync-command.patch
- CVE-2019-10214.patch
- Update to skopeo v0.1.41 (bsc#1165715):
- Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1
- Bump gopkg.in/yaml.v2 from 2.2.7 to 2.2.8
- Bump github.com/containers/common from 0.0.7 to 0.1.4
- Remove the reference to openshift/api
- vendor github.com/containers/image/v5@v5.2.0
- Manually update buildah to v1.13.1
- add specific authfile options to copy (and sync) command.
- Bump github.com/containers/buildah from 1.11.6 to 1.12.0
- Add context to --encryption-key / --decryption-key processing
failures
- Bump github.com/containers/storage from 1.15.2 to 1.15.3
- Bump github.com/containers/buildah from 1.11.5 to 1.11.6
- remove direct reference on c/image/storage
- Makefile: set GOBIN
- Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.7
- Bump github.com/containers/storage from 1.15.1 to 1.15.2
- Introduce the sync command
- openshift cluster: remove .docker directory on teardown
- Bump github.com/containers/storage from 1.14.0 to 1.15.1
- document installation via apk on alpine
- Fix typos in doc for image encryption
- Image encryption/decryption support in skopeo
- make vendor-in-container
- Bump github.com/containers/buildah from 1.11.4 to 1.11.5
- Travis: use go v1.13
- Use a Windows Nano Server image instead of Server Core for
multi-arch testing
- Increase test timeout to 15 minutes
- Run the test-system container without --net=host
- Mount /run/systemd/journal/socket into test-system containers
- Don't unnecessarily filter out vendor from (go list ./...)
output
- Use -mod=vendor in (go {list,test,vet})
- Bump github.com/containers/buildah from 1.8.4 to 1.11.4
- Bump github.com/urfave/cli from 1.20.0 to 1.22.1
- skopeo: drop support for ostree
- Don't critically fail on a 403 when listing tags
- Revert "Temporarily work around auth.json location confusion"
- Remove references to atomic
- Remove references to storage.conf
- Dockerfile: use golang-github-cpuguy83-go-md2man
- bump version to v0.1.41-dev
- systemtest: inspect container image different from current
platform arch
- Changes in v0.1.40:
- vendor containers/image v5.0.0
- copy: add a --all/-a flag
- System tests: various fixes
- Temporarily work around auth.json location confusion
- systemtest: copy: docker->storage->oci-archive
- systemtest/010-inspect.bats: require only PATH
- systemtest: add simple env test in inspect.bats
- bash completion: add comments to keep scattered options in sync
- bash completion: use read -r instead of disabling SC2207
- bash completion: support --opt arg completion
- bash-completion: use replacement instead of sed
- bash completion: disable shellcheck SC2207
- bash completion: double-quote to avoid re-splitting
- bash completions: use bash replacement instead of sed
- bash completion: remove unused variable
- bash-completions: split decl and assignment to avoid masking
retvals
- bash completion: double-quote fixes
- bash completion: hard-set PROG=skopeo
- bash completion: remove unused variable
- bash completion: use `||` instead of `-o`
- bash completion: rm eval on assigned variable
- copy: add --dest-compress-format and --dest-compress-level
- flag: add optionalIntValue
- Makefile: use go proxy
- inspect --raw: skip the NewImage() step
- update OCI image-spec to
775207bd45b6cb8153ce218cc59351799217451f
- inspect.go: inspect env variables
- ostree: use both image and & storage buildtags
- Add patch for CVE-2019-10214. bsc#1144065
+ CVE-2019-10214.patch

==== systemd ====
Subpackages: libsystemd0 libsystemd0-32bit libudev-devel libudev1
libudev1-32bit systemd-32bit systemd-container systemd-lang systemd-logger
systemd-sysvinit udev

- move html documentation to sparate package to save space
- move networkd and resolved binaries into correct subpackage

==== vim ====
Version update (8.2.0314 -> 8.2.0348)
Subpackages: gvim vim-data vim-data-common

- Updated to version 8.2.0348, fixes the following problems
* Short name not set for terminal buffer.
* Build failure on HP-UX system.
* ex_getln.c code has insufficient test coverage.
* MSVC: _CRT_SECURE_NO_DEPRECATE not defined on DEBUG build.
* Vim9: types not sufficiently tested.
* File missing in distribution, comments outdated.
* No Haiku support.
* Vim9: ":execute" does not work yet.
* Vim9: error checks not tested.
* Vim9: calling a function that is defined later is slow.
* Text property not updated correctly when inserting/deleting.
* Ex_getln.c code not covered by tests.
* Compiler warning for using uninitialized variable. (Yegappan Lakshmanan)
* Crash when opening and closing two popup terminal windows.
* No redraw when leaving terminal-normal mode in a terminal popup window.
* Popup filter converts 0x80 bytes.
* Build error with popup window but without terminal.
* Internal error when using test_void() and test_unknown(). (Dominique Pelle)
* Some code in ex_getln.c not covered by tests.
* Terminal in popup test is flaky.
* Abort called when using test_void(). (Dominique Pelle)
* No completion for :disassemble.
* Vim9: insufficient test coverage for compiling.
* Build fails on a few systems.
* Build failure without the channel feature.
* Vim9: function return type may depend on arguments.
* Vim9: function and partial types not tested.
* Using ":for" in Vim9 script gives an error.
* Some code in ex_getln.c not covered by tests.
* Vim9: using wrong instruction, limited test coverage.
* ":def" not skipped properly.
* Compiler warning when building without the float feature.
* Vim9: finding common list type not tested.

==== wicked ====
Version update (0.6.62 -> 0.6.63)
Subpackages: wicked-service

- version 0.6.63
- spec: fix old libwicked package provides/obsoletes (bsc#1165180)
- ipv6: support to apply stable secret ifsysctl (jsc#SLE-6960)

==== wireguard ====

- Fix build on openSUSE 15.2
+ wireguard-fix-leap152.patch

==== xscreensaver ====
Version update (5.40 -> 5.43)
Subpackages: xscreensaver-data xscreensaver-data-extra xscreensaver-lang

- Update to version 5.43:
* New hacks GravityWell, DeepStars, handsy.
* GLPlanet now supports the Mercator projection.
* Bouncing Cow has mathematically ideal cows.
* Foggy toasters.
* Unknown Pleasures can now use an image file as a clip mask.
* Updated webcollage for recent changes.
* Added some sample unlock dialog color schemes to the .ad file.
* On systemd systems, closing your laptop lid might actually lock
your screen now, maybe (boo#1101393).
* sonar can ping without being setuid by using setcap.
* Those new font-loading fallback heuristics work again. Oops.
* Fixed `noof' from displaying minimalistically.
* Rewrote `unknownpleasures' to be faster, and a true waterfall
graph.
* If the xscreensaver daemon is setuid, then we can implore the
kernel's out-of-memory killer to pretty please not unlock the
screen.
- Drop xscreensaver-lock-after-fade.patch. Upstream has a different
fix (boo#1101393).
- Refresh xscreensaver-default-screensaver.patch.
- Update xscreensaver-data-extra.list and xscreensaver-data.list.


--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages