Mailinglist Archive: opensuse-kubic (24 mails)

< Previous Next >
[opensuse-kubic] New Kubic snapshot 20190907 released!
  • From: Richard Brown <rbrown@xxxxxxx>
  • Date: Mon, 09 Sep 2019 10:11:25 +0000
  • Message-id: <156802388581.21331.13185552291657381053@go-agent-stagingbot-3>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:

Please do not reply to this email to report issues, rather file a bug on
For more information on filing bugs please see
Packages changed:
aaa_base (84.87+git20190718.ce933cb -> 84.87+git20190822.82a17f1)
haproxy (2.0.3+git14.0ff395c1 -> 2.0.5+git0.d905f49a)
ldb (1.5.4 -> 1.5.5)
libgcrypt (1.8.4 -> 1.8.5)
yomi-formula (0.0.1+git.1565868437.c6afdff -> 0.0.1+git.1566569312.4133e8e)
zstd (1.4.2 -> 1.4.3)

=== Details ===

==== aaa_base ====
Version update (84.87+git20190718.ce933cb -> 84.87+git20190822.82a17f1)

- Update to version 84.87+git20190822.82a17f1:
* add sysctl.d/51-network.conf to tighten network security a bit
see also (boo#1146866) (jira#SLE-9132)

==== bash ====

- Add official patch bash50-008
When HISTSIZE is set to 0, history expansion can leave the history length
set to an incorrect value, leading to subsequent attempts to access invalid
- Add official patch bash50-009
The history file reading code doesn't close the file descriptor open to
the history file when it encounters a zero-length file.

==== dmidecode ====

2 recommended fixes from upstream:
- dmidecode-only-scan-dev-mem-for-entry-point-on-x86.patch: Only
scan /dev/mem for entry point on x86 (fixes reboot on ARM64).
- dmidecode-fix-formatting-of-tpm-table-output.patch: Fix
formatting of TPM table output (missing newlines).

==== filesystem ====

- Move /etc.cron.* directories to cron package
- Add /usr/etc

==== gzip ====

- refresh gzip-1.10-ibm_dfltcc_support.patch to fix three data
corruption issues [bsc#1145276] [jsc#SLE-5818] [jsc#SLE-8914]

==== haproxy ====
Version update (2.0.3+git14.0ff395c1 -> 2.0.5+git0.d905f49a)

- enable prometheus exporter
- enable verbose make output
- Update to version 2.0.5+git0.d905f49a:
* [RELEASE] Released version 2.0.5
* BUG/MEDIUM: mux_pt: Don't call unsubscribe if we did not subscribe.
* MINOR: fd: make sure to mark the thread as not stuck in fd_update_events()
* BUG/MINOR: stats: Wait the body before processing POST requests
* BUG/MEDIUM: lua: Fix test on the direction to set the channel exp timeout
* BUG/MEDIUM: mux_h1: Don't bother subscribing in recv if we're not connected.
* BUG/MINOR: Fix prometheus '# TYPE' and '# HELP' headers
* BUG/MINOR: lua: fix setting netfilter mark
* BUG/MEDIUM: proxy: Don't use cs_destroy() when freeing the conn_stream.
* BUG/MEDIUM: proxy: Don't forget the SF_HTX flag when upgrading TCP=>H1+HTX.
* BUG/MINOR: buffers/threads: always clear a buffer's head before releasing it
* MINOR: ssl: ssl_fc_has_early should work for BoringSSL
* BUG/MINOR: ssl: fix 0-RTT for BoringSSL
* BUG/MEDIUM: stick-table: Wrong stick-table backends parsing.
* [RELEASE] Released version 2.0.4
* BUG/MEDIUM: checks: make sure to close nicely when we're the last to speak
* BUG/MINOR: mux-h2: always reset rcvd_s when switching to a new frame
* BUG/MINOR: mux-h2: always send stream window update before connection's
* BUG/MEDIUM: mux-h2: do not recheck a frame type after a state transition
* BUG/MINOR: mux-h2: do not send REFUSED_STREAM on aborted uploads
* BUG/MINOR: mux-h2: use CANCEL, not STREAM_CLOSED in h2c_frt_handle_data()
* BUG/MINOR: mux-h2: don't refrain from sending an RST_STREAM after another
* BUG/MEDIUM: fd: Always reset the polled_mask bits in fd_dodelete().
* BUG/MEDIUM: proxy: Make sure to destroy the stream on upgrade from TCP to H2
* BUG/MEDIUM: mux-h2: split the stream's and connection's window sizes
* BUG/MEDIUM: mux-h2: unbreak receipt of large DATA frames
* BUG/MINOR: stream-int: also update analysers timeouts on activity
* BUG/MAJOR: http/sample: use a static buffer for raw -> htx conversion
* BUG/MEDIUM: lb-chash: Ensure the tree integrity when server weight is
* MINOR: wdt: also consider that waiting in the thread dumper is normal
* BUG/MINOR: debug: fix a small race in the thread dumping code

==== ldb ====
Version update (1.5.4 -> 1.5.5)

- Update to 1.5.5
+ LDAP_REFERRAL_SCHEME_OPAQUE was added to ldb_module.h; (bso#12478);
+ Skip @ records early in a search full scan; (bso#13893);

==== libdb-4_8 ====

- Add opd deadlock patch as found and documented by Red Hat.
* 0001-OPD-deadlock-RH-BZ-1349779.patch
- Remove the getpatches as it does not work at all, oracle
removed the pages
- Use spec-cleaner
- Fix stripped debuginfo to make sure we can debug with libdb

==== libgcrypt ====
Version update (1.8.4 -> 1.8.5)

- libgcrypt 1.8.5:
* CVE-2019-13627: mitigation against an ECDSA timing attack (boo#1148987)
* Improve ECDSA unblinding
* Provide a pkg-config file

==== libsodium ====

- Revert previous change about cpuid as previous change rejected
- Disable LTO as bypass boo#1148184
- Add libsodium_configure_cpuid_chg.patch and call autoconf
to regenerate configure script with proper CPUID checking.
Required at least for PowerPC and ARM now that LTO enabled.

==== python-cheroot ====

- Add cheroot_fix_so_peercred_ppc.patch
to solve python 2.7 tests failures for PowerPC, boo#1147151
- Drop dependency on backports.functools_lru_cache for the python3 subpackage
This fixes bsc#1149124

==== shadow ====

- bsc#1144060: Add to /etc/pam.d configuration files
to support kernel keyring feature
- Update pamd.tar.bz2 with pam configuration files accordingly
- encryption_method_nis.patch: drop, DES should really not be used
anymore anywhere, even with NIS
- shadow-login_defs-suse.patch: remove encryption NIS entry

==== snapper ====
Subpackages: libsnapper4

- reusing existing subvolumes on mksubvolume run
(bsc#1138725, bsc#1126900, gh#openSUSE/snapper#236)

==== yomi-formula ====
Version update (0.0.1+git.1565868437.c6afdff -> 0.0.1+git.1566569312.4133e8e)

- Lower the priority of /usr/share/yomi/pillar
- Update to version 0.0.1+git.1566569312.4133e8e:
* storage.wipe: state to wipe all devices
- Update to version 0.0.1+git.1566565353.86af2cb:
* devices.hwinfo: parse the hwinfo report
- Update to version 0.0.1+git.1565683297.a242917:
* pillar: make grub2_console persent in config
- Update to version 0.0.1+git.1565626987.fdda5d6:
* grub2_mkconfig: do not use gfxterm when in console mode
* docs: update links to Factory
* pillar: use better default pattern
- Update to version 0.0.1+git.1565607953.281fdae:
* bootloader: provides a default value to kernel
- Update to version 0.0.1+git.1565597137.7fbd398:
* devices.hwinfo provide a basic report module
* devices.wipe: remove GRUB signature
* bootloader: check for the second stage
* reboot: replace kexec config option with reboot
- Update to version 0.0.1+git.1565191883.64eabeb:
* devices.wipe: clean disk information
* pillar: add to MicroOS the new subvols
* pillar: fix services for MicroOS
* partitioned: ignore flags that contains type=
* partitioned: wipefs the new partition
- Update to version 0.0.1+git.1565017592.7207cea:
* documentation: add a note about the pillar top.sls
- Update to version 0.0.1+git.1564577012.3d7decf:
* _default_target: fix systemctl call
* documentation: add top.sls creation
- Change Requires to Requires(pre) for Salt packages, to guarantee
ordering of installation and the presence of the 'salt' group.
- Require salt-master for non SLE/Leap 15.1 nor Tumbleweed
- Remove the top.sls provided as an example from Yomi
- Update to version 0.0.1+git.1564144697.5bce6e9:
* pillar: add user certificate as example
- Update to version 0.0.1+git.1564140669.8074699:
* chroot: freeze and unfreeze packages
* salt-minion: fix unless condition
* users: support cerfificates
* pillar: parametrize the device type
* pillar: remove extra user
* pillar: set US as default keryboard layout
* pillar: add a Kubic pillar
* Split documentation about Kubic
* Document boot parameters master and minion_id
* _default_target: add config option to set target
* README: fix references to installer.sls
- Update to version 0.0.1+git.1560951712.33b7ae5:
* control_plane: use the first interface IP
* Fix macros.log call
* use-case-as-a-kubic-worker: fix monitor path
- Update to version 0.0.1+git.1560947494.0b6189a:
* network: fix dhcp config path
- Update to version 0.0.1+git.1560946703.1c4d880:
* Add use-case-deploying-kubic-from-scratch document
- Update to version 0.0.1+git.1560859479.b7d8fe1:
* network: configure network to accept hostanames
* Document --adv-addr in kubicctl
- Update to version 0.0.1+git.1560775166.35e3299:
* network: use the same ifcfg config file from YaST
* Add advanced configuration section
* Add use-case-as-a-kubic-worker documentation
- Update to version 0.0.1+git.1560526707.be4ae81:
* top: use generic glob
- Update to version 0.0.1+git.1560504884.48ef883:
* yomi: move all the states to a new ns
- Move to /usr/share/salt-formulas
- Add example configuration files
- Update to version 0.0.1+git.1560256453.82ef153:
* mark: mark successful installations
* firstboot: add systemd-firstboot support
* network: configure all interfaces
* fstab: use the not_change attribute
* Support salt-minion installation
* Unify YAML boolean syntax
* network: replace network detection algorithm
* README: document services section
* services: use systemctl to find service status
* microos: enable crio and kubelet services
* services: add enabled / disabled states
* microos: add Kubic patterns
* devices: deduce the net name in order
* network: add basic network configuration
* software: support minimal installation
* MicroOS: add extra bootloader data
* MicroOS: add RO option for root subvolume
* MicroOS: fix size typo
* software: support pattern detection
* fstab: support non-default options
* post_install: use the state
* MicroOS: Add new patterns in software section
* bootloader: Call grub2-set-default
* bootloader: Run grub2_mkconfig after configuration change
* bootloader: Add kernel and disable_os_prober features
* software: do not jump into inner states
* post_install: do not jump into inner states
* Rename states to use underscore
* device.umount: fix variable name
* MicroOS: use patterns instead of packages
* MicroOS: Add a pillar to deploy MicroOS
* LVM: Refactor LVM definition
* pillar: parametrize all the pillars
* devices.filter: rename to filter_ and create an alias
- Update to version 0.0.1+git.1553705260.c137d0e:
* partmod: move partition logic to the module
* Extract unit parser from partitioned
* partition: introduce `id` attribute
* partitioned: move partitioned.devices to devices.filter
* partition: simplify fs_type look out
* partitioned: rename aligment to initial_gap
* Remove extra dot
* Comment about UEFI and secure boot.
* Add some notes about monitor.
* Add installation instructions.
- Add initial version of Salt Yomi formula

==== zstd ====
Version update (1.4.2 -> 1.4.3)

- Update to version 1.4.3
* bug: Fix Dictionary Compression Ratio Regression (#1709)
* bug: Fix Buffer Overflow in v0.3 Decompression (#1722)
* build: Add support for IAR C/C++ Compiler for Arm (#1705)
* misc: Add NULL pointer check in util.c (#1706)

To unsubscribe, e-mail: opensuse-kubic+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-kubic+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages