Mailinglist Archive: opensuse-kubic (24 mails)

< Previous Next >
[opensuse-kubic] New Kubic snapshot 20190920 released!
  • From: Richard Brown <rbrown@xxxxxxx>
  • Date: Sat, 21 Sep 2019 17:03:58 +0000
  • Message-id: <156908543818.15647.2956653806312878120@go-agent-stagingbot-2>

Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.

Please check the known defects of this snapshot before upgrading:

Please do not reply to this email to report issues, rather file a bug on
For more information on filing bugs please see
Packages changed:
bash (5.0 -> 5.0.11)
cri-o (1.15.1 -> 1.15.2)
curl (7.65.3 -> 7.66.0)
hello-kubic (1.0 -> 1.1)
rook (1.0.0+git1899.g69255322 -> 1.1.0+git0.g2f9db0e1)

=== Details ===

==== bash ====
Version update (5.0 -> 5.0.11)

- Use new version scheme which now includes patch level as well
- Add official patch bash50-010
* Change posix mode bahviour
* Remove patch assignment-preceding-builtin.patch
- Add official patch bash50-011
The conditional command did not perform appropriate quoted null
character removal on its arguments, causing syntax errors and
attempts to stat invalid pathnames.
- Avoid pulling in bash-doc into every installation. Instead of
recommeding it, supplement the documentation pattern.

==== blog ====
Subpackages: libblogger2

- Add blog-Remove-unused-header.patch: Fix build with new glibc

==== cri-o ====
Version update (1.15.1 -> 1.15.2)
Subpackages: cri-o-kubeadm-criconfig

- Update to v1.15.2:
* Use HTTP2MatchHeaderFieldSendSettings for incoming gRPC connections
* Fix 32 bit builds
* crio-wipe: Fix int compare in lib.bash

==== curl ====
Version update (7.65.3 -> 7.66.0)
Subpackages: libcurl4

- Update to 7.66.0 [bsc#1149496, CVE-2019-5482][bsc#1149495, CVE-2019-5481]
* Changes:
- CURLINFO_RETRY_AFTER: parse the Retry-After header value
- HTTP3: initial (experimental still not working) support
- curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
- curl: support parallel transfers with -Z
- curl_multi_poll: a sister to curl_multi_wait() that waits more
- sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID
* Bugfixes:
- CVE-2019-5481: FTP-KRB double-free
- CVE-2019-5482: TFTP small blocksize heap buffer overflow
- CMake: remove needless newlines at end of gss variables
- CMake: use platform dependent name for dlopen() library
- CURLINFO docs: mention that in redirects times are added
- CURLOPT_ALTSVC.3: use a "" file name to not load from a file
- CURLOPT_HTTP_VERSION: seting this to 3 forces HTTP/3 use directly
- CURLOPT_READFUNCTION.3: provide inline example
- CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2
- Curl_addr2string: take an addrlen argument too
- Curl_fillreadbuffer: avoid double-free trailer buf on error
- HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
- alt-svc: add protocol version selection masking
- alt-svc: fix removal of expired cache entry
- alt-svc: make it use h3-22 with ngtcp2 as well
- alt-svc: more liberal ALPN name parsing
- alt-svc: send Alt-Used: in redirected requests
- alt-svc: with quiche, use the quiche h3 alpn string
- asyn-thread: create a socketpair to wait on
- cleanup: move functions out of url.c and make them static
- cleanup: remove the 'numsocks' argument used in many places
- configure: avoid undefined check_for_ca_bundle
- curl.h: add CURL_HTTP_VERSION_3 to the version enum
- curl: cap the maximum allowed values for retry time arguments
- curl: handle a libcurl build without netrc support
- curl: make use of CURLINFO_RETRY_AFTER when retrying
- curl: use CURLINFO_PROTOCOL to check for HTTP(s)
- curl_global_init_mem.3: mention it was added in 7.12.0
- curl_version: bump string buffer size to 250
- curl_version_info.3: mentioned ALTSVC and HTTP3
- curl_version_info: offer quic (and h3) library info
- curl_version_info: provide nghttp2 details
- defines: avoid underscore-prefixed defines
- docs/ALTSVC: remove what works and the experimental explanation
- docs/EXPERIMENTAL: explain what it means and what's experimental now
- docs/ converted to markdown from plain text
- docs/examples/curlx: fix errors
- docs: s/curl_debug/curl_dbg_debug in comments and docs
- easy: resize receive buffer on easy handle reset
- examples: Avoid reserved names in hiperfifo examples
- examples: add http3.c, altsvc.c and http3-present.c
- http09: disable HTTP/0.9 by default in both tool and library
- http2: when marked for closure and wanted to close == OK
- http2_recv: trigger another read when the last data is returned
- http: fix use of credentials from URL when using HTTP proxy
- http_negotiate: improve handling of gss_init_sec_context() failures
- md4: Use our own MD4 when no crypto libraries are available
- multi: call detach_connection before Curl_disconnect
- nss: use TLSv1.3 as default if supported
- openssl: build warning free with boringssl
- openssl: use SSL_CTX_set__proto_version() when available
- plan9: add support for running on Plan 9
- progress: reset download/uploaded counter between transfers
- readwrite_data: repair setting the TIMER_STARTTRANSFER stamp
- scp: fix directory name length used in memcpy
- smb: init *msg to NULL in smb_send_and_recv()
- smtp: check for and bail out on too short EHLO response
- source: remove names from source comments
- spnego_sspi: add typecast to fix build warning
- src/makefile: fix uncompressed hugehelp.c generation
- ssh-libssh: do not specify O_APPEND when not in append mode
- ssh: move code into vssh for SSH backends
- sspi: fix memory leaks
- tests: Replace outdated test case numbering documentation
- tftp: return error when packet is too small for options
- timediff: make it 64 bit (if possible) even with 32 bit time_t
- travis: reduce number of torture tests in 'coverage'
- url: make use of new HTTP version if alt-svc has one
- urlapi: verify the IPv6 numerical address
- urldata: avoid 'generic', use dedicated pointers
- vauth: Use CURLE_AUTH_ERROR for auth function errors

==== hello-kubic ====
Version update (1.0 -> 1.1)

- Update to version 1.1
- print additional architecture information

==== iptables ====
Subpackages: libip4tc2 libip6tc2 libxtables12 xtables-plugins

- add missing Provides/Obsoletes for the renamed package
iptables-backend-nft (was iptables-nft)

==== iputils ====

- Fix arping -w problem (
* added arping-fix-f-quit-on-first-reply-regression.patch
(upstream commit 1df5350)

==== libaio ====

- Add _constraints for PowerPC to avoid OOM at build time

==== mcstrans ====

- Avoid use of ®/? signs in specfiles as per guidelines.

==== numactl ====

- numastat doesn't need perl anymore since 2012

==== patterns-base ====
Subpackages: patterns-base-apparmor patterns-base-minimal_base

- minimal_base: add libnss_usrfiles2, required to read /usr/etc

==== patterns-microos ====
Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor
patterns-microos-base patterns-microos-basesystem patterns-microos-cloud
patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm
patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap

- Replace vim with nano (less dependency, default what others are
using, including in documentation)

==== readline ====

- Avoid pulling in readline-doc into every installation. Instead of
recommeding it, supplement the documentation pattern.

==== rook ====
Version update (1.0.0+git1899.g69255322 -> 1.1.0+git0.g2f9db0e1)

- rook-k8s-yaml: Revert to buildrequire for ceph
- Update tar creation script
+ build rook tag 'v1.1.0' from 'suse-release-1.1' branch
- Update Rook to tag 'v1.1.0'
+ fix HighMonLeaderChanges alert
+ add leases rules to CSI rules
+ only schedule node drain canaries on nodes with OSDs
+ increase sidecar timeout from 60s to 150s
+ use combined (stdout+stderr) output from ceph-volume
+ set command property for the OSD prepare init container blkdevmapper
+ change OSD DOWN message to debug level
+ discovery daemon: ignore updates on nbd devices
- Support upstream beta tags by replacing hyphens in release tag with tildes
+ RPMs sorts tildes before anything else to support vX.Y.0~beta.B coming
before vX.Y.0
- Update tar creation script
+ fail on more types of script errors
+ exit properly on error
+ allow checking out tags
+ allow parsing tag versions with hyphens (e.g., v1.1.0-beta.1)
+ use revision (tag) 'v1.1.0-beta.1' from ('suse-release-1.1' branch)
- Update Rook to tag 'v1.1.0-beta.1'
+ support external Ceph clusters
+ fix osdsPerDevice config
+ add portable failure-domain label to OSD deployments
+ add bucket provisioner
+ use deployment with leader election instead of stateful set for CSI drivers
+ fix alerting & recording rules
+ fix race in create ObjectUser
+ support mon migrations without rebuilds when using PVCs
+ allow CRUSH map to be based on PVCs for PVC-based OSDs
+ fix md and dev ordering for ceph-volume batch operations
+ improve upgrades when a mon is down
+ fix service account name for CSI RBD provisioner
+ add -pidlimit flag for CephFS and RBD plugins for CSI driver
+ add image pull secrets option to manifests
+ remove OSD pods marked out if pod is more than an hour old
+ add --db-devices flag to ceph-volume provisioning & fix MB size bug
+ implement GRPC metrics for cephcsi
+ clean up verbose Ceph logging
+ update upgrade documentation for v1.1 release
+ remove unused attacher service account
+ add dynamic expansion to FlexVolume driver
+ fix random OSD pod failures when using PVCs
+ fix osd prepare panic
+ lower minimum OSD memory to 2GB
+ add ability to enable mgr modules via CRD (notably the pg_autoscaler module)
+ fix topologyAware on PVC-based OSDs
+ add support for OpenShift machine disruption budgets

< Previous Next >
This Thread
  • No further messages