Please note that this mail was generated by a script.
The described changes are computed based on the x86_64 DVD.
The full online repo contains too many changes to be listed here.
Please check the known defects of this snapshot before upgrading:
https://openqa.opensuse.org/tests/overview?distri=microos&groupid=1&version=Tumbleweed&build=20200806
https://bugzilla.opensuse.org/buglist.cgi?product=openSUSE%20Tumbleweed&component=MicroOS&query_format=advanced&resolution=---
Please do not reply to this email to report issues, rather file a bug on bugzilla.opensuse.org.
For more information on filing bugs please see https://en.opensuse.org/openSUSE:Submitting_bug_reports
Packages changed:
gsettings-desktop-schemas
installation-images-MicroOS (16.2 -> 16.3)
libcontainers-common
libjcat (0.1.2+3 -> 0.1.3)
microos-tools (2.1 -> 2.2)
podman (1.9.3 -> 2.0.4)
ppp (2.4.7 -> 2.4.8)
python-jsonpatch (1.25 -> 1.26)
python-urllib3 (1.25.9 -> 1.25.10)
setools
systemd
webkit2gtk3 (2.28.3 -> 2.28.4)
xen (4.13.1_04 -> 4.14.0_02)
=== Details ===
==== gsettings-desktop-schemas ====
- Call %meson_build in %build section, not %meson_install.
==== installation-images-MicroOS ====
Version update (16.2 -> 16.3)
- merge gh#openSUSE/installation-images#398
- Update the environment variable reference (doc/configoptions.md)
- Removed obsolete bin/mk_boot
- Remove unused liveeval option
- 16.3
==== libcontainers-common ====
- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
==== libjcat ====
Version update (0.1.2+3 -> 0.1.3)
- Update to version 0.1.3:
* Export the JcatBlobKind and JcatBlobMethod on the result
* trivial: source the version header when including
==== microos-tools ====
Version update (2.1 -> 2.2)
- Update to version 2.2
- tmpfs support got moved to systemd
==== podman ====
Version update (1.9.3 -> 2.0.4)
Subpackages: podman-cni-config
- Update to v2.0.4
* Fixed a bug where the output of podman image search did not
populate the Description field as it was mistakenly assigned to
the ID field.
* Fixed a bug where podman build - and podman build on an HTTP
target would fail.
* Fixed a bug where rootless Podman would improperly chown the
copied-up contents of anonymous volumes (#7130).
* Fixed a bug where Podman would sometimes HTML-escape special
characters in its CLI output.
* Fixed a bug where the podman start --attach --interactive
command would print the container ID of the container attached
to when exiting (#7068).
* Fixed a bug where podman run --ipc=host --pid=host would only
set --pid=host and not --ipc=host (#7100).
* Fixed a bug where the --publish argument to podman run, podman
create and podman pod create would not allow binding the same
container port to more than one host port (#7062).
* Fixed a bug where incorrect arguments to podman images --format
could cause Podman to segfault.
* Fixed a bug where podman rmi --force on an image ID with more
than one name and at least one container using the image would
not completely remove containers using the image (#7153).
* Fixed a bug where memory usage in bytes and memory use
percentage were swapped in the output of podman stats
- -format=json.
* Fixed a bug where the libpod and compat events endpoints would
fail if no filters were specified (#7078).
* Fixed a bug where the CgroupVersion field in responses from the
compat Info endpoint was prefixed by "v" (instead of just being
"1" or "2", as is documented).
- Remove obsolete libpod.conf from Package sources
- libpod got renamed to podman on GitHub. Point _service file to
the new name.
- Remove obsolete old Requires on libcontainers-image and -storage
all of that is inside libcontainers-common
- Require a new enough libcontainers-common version to have the
default containers.conf installed.
- Remove deprecated libpod.conf and create an update notice pointing
to containers.conf for user that made changes to libpod.conf
- Suggest katacontainers instead of recommending it. It's not
enabled by default, so it's just bloat
- Update to v2.0.3
* Fix handling of entrypoint
* log API: add context to allow for cancelling
* fix API: Create container with an invalid configuration
* Remove all instances of named return "err" from Libpod
* Fix: Correct connection counters for hijacked connections
* Fix: Hijacking v2 endpoints to follow rfc 7230 semantics
* Remove hijacked connections from active connections list
* version/info: format: allow more json variants
* Correctly print STDOUT on non-terminal remote exec
* Fix container and pod create commands for remote create
* Mask out /sys/dev to prevent information leak from the host
* Ensure sig-proxy default is propagated in start
* Add SystemdMode to inspect for containers
* When determining systemd mode, use full command
* Fix lint
* Populate remaining unused fields in `pod inspect`
* Include infra container information in `pod inspect`
* play-kube: add suport for "IfNotPresent" pull type
* docs: user namespace can't be shared in pods
* Fix "Error: unrecognized protocol \"TCP\" in port mapping"
* Error on rootless mac and ip addresses
* Fix & add notes regarding problematic language in codebase
* abi: set default umask and rlimits
* Used reference package with errors for parsing tag
* fix: system df error when an image has no name
* Fix Generate API title/description
* Add noop function disable-content-trust
* fix play kube doesn't override dockerfile ENTRYPOINT
* Support default profile for apparmor
* Bump github.com/containers/common to v0.14.6
* events endpoint: backwards compat to old type
* events endpoint: fix panic and race condition
* Switch references from libpod.conf to containers.conf
* podman.service: set type to simple
* podman.service: set doc to podman-system-service
* podman.service: use default registries.conf
* podman.service: use default killmode
* podman.service: remove stop timeout
* systemd: symlink user->system
* vendor golang.org/x/text@v0.3.3
* Fix a bug where --pids-limit was parsed incorrectly
* search: allow wildcards
* [CI:DOCS]Do not copy policy.json into gating image
* Fix systemd pid 1 test
* Cirrus: Rotate keys post repo. rename
- The libpod.conf(5) man page got removed and all references are
now pointing towards containers.conf(5), which will be part
of the libcontainers-common package.
- Update to podman v2.0.2
* fix race condition in `libpod.GetEvents(...)`
* Fix bug where `podman mount` didn't error as rootless
* remove podman system connection
* Fix imports to ensure v2 is used with libpod
* Update release notes for v2.0.2
* specgen: fix order for setting rlimits
* Ensure umask is set appropriately for 'system service'
* generate systemd: improve pod-flags filter
* Fix a bug with APIv2 compat network remove to log an ErrNetworkNotFound instead of nil
* Fixes --remote flag issues
* Pids-limit should only be set if the user set it
* Set console mode for windows
* Allow empty host port in --publish flag
* Add a note on the APIs supported by `system service`
* fix: Don't override entrypoint if it's `nil`
* Set TMPDIR to /var/tmp by default if not set
* test: add tests for --user and volumes
* container: move volume chown after spec generation
* libpod: volume copyup honors namespace mappings
* Fix `system service` panic from early hangup in events
* stop podman service in e2e tests
* Print errors from individual containers in pods
* auto-update: clarify systemd-unit requirements
* podman ps truncate the command
* move go module to v2
* Vendor containers/common v0.14.4
* Bump to imagebuilder v1.1.6 on v2 branch
* Account for non-default port number in image name
- Changes since v2.0.1
* Update release notes with further v2.0.1 changes
* Fix inspect to display multiple label: changes
* Set syslog for exit commands on log-level=debug
* Friendly amendment for pr 6751
* podman run/create: support all transports
* systemd generate: allow manual restart of container units in pods
* Revert sending --remote flag to containers
* Print port mappings in `ps` for ctrs sharing network
* vendor github.com/containers/common@v0.14.3
* Update release notes for v2.0.1
* utils: drop default mapping when running uid!=0
* Set stop signal to 15 when not explicitly set
* podman untag: error if tag doesn't exist
* Reformat inspect network settings
* APIv2: Return `StatusCreated` from volume creation
* APIv2:fix: Remove `/json` from compat network EPs
* Fix ssh-agent support
* libpod: specify mappings to the storage
* APIv2:doc: Fix swagger doc to refer to volumes
* Add podman network to bash command completions
* Fix typo in manpage for `podman auto update`.
* Add JSON output field for ps
* V2 podman system connection
* image load: no args required
* Re-add PODMAN_USERNS environment variable
* Fix conflicts between privileged and other flags
* Bump required go version to 1.13
* Add explicit command to alpine container in test case.
* Use POLL_DURATION for timer
* Stop following logs using timers
* "pod" was being truncated to "po" in the names of the generated systemd unit files.
* rootless_linux: improve error message
* Fix podman build handling of --http-proxy flag
* correct the absolute path of `rm` executable
* Makefile: allow customizable GO_BUILD
* Cirrus: Change DEST_BRANCH to v2.0
- Update to podman v2.0.0
* The `podman generate systemd` command now supports the `--new`
flag when used with pods, allowing portable services for pods
to be created.
* The `podman play kube` command now supports running Kubernetes
Deployment YAML.
* The `podman exec` command now supports the `--detach` flag to
run commands in the container in the background.
* The `-p` flag to `podman run` and `podman create` now supports
forwarding ports to IPv6 addresses.
* The `podman run`, `podman create` and `podman pod create`
command now support a `--replace` flag to remove and replace any
existing container (or, for `pod create`, pod) with the same name
* The `--restart-policy` flag to `podman run` and `podman create`
now supports the `unless-stopped` restart policy.
* The `--log-driver` flag to `podman run` and `podman create`
now supports the `none` driver, which does not log the
container's output.
* The `--mount` flag to `podman run` and `podman create` now
accepts `readonly` option as an alias to `ro`.
* The `podman generate systemd` command now supports the `--container-prefix`,
`--pod-prefix`, and `--separator` arguments to control the
name of generated unit files.
* The `podman network ls` command now supports the `--filter`
flag to filter results.
* The `podman auto-update` command now supports specifying an
authfile to use when pulling new images on a per-container
basis using the `io.containers.autoupdate.authfile` label.
* Fixed a bug where the `podman exec` command would log to journald
when run in containers loggined to journald
([#6555](https://github.com/containers/libpod/issues/6555)).
* Fixed a bug where the `podman auto-update` command would not
preserve the OS and architecture of the original image when
pulling a replacement
([#6613](https://github.com/containers/libpod/issues/6613)).
* Fixed a bug where the `podman cp` command could create an extra
`merged` directory when copying into an existing directory
([#6596](https://github.com/containers/libpod/issues/6596)).
* Fixed a bug where the `podman pod stats` command would crash
on pods run with `--network=host`
([#5652](https://github.com/containers/libpod/issues/5652)).
* Fixed a bug where containers logs written to journald did not
include the name of the container.
* Fixed a bug where the `podman network inspect` and
`podman network rm` commands did not properly handle non-default
CNI configuration paths ([#6212](https://github.com/containers/libpod/issues/6212)).
* Fixed a bug where Podman did not properly remove containers
when using the Kata containers OCI runtime.
* Fixed a bug where `podman inspect` would sometimes incorrectly
report the network mode of containers started with `--net=none`.
* Podman is now better able to deal with cases where `conmon`
is killed before the container it is monitoring.
- Requires go 1.13 now
==== ppp ====
Version update (2.4.7 -> 2.4.8)
- New version 2.4.8.
* New pppd options have been added:
* ifname, to set the name for the PPP interface device
* defaultroute-metric, to set the metric for the default route
* defaultroute6, to add an IPv6 default route (with
nodefaultroute6 to prevent adding an IPv6 default route).
* up_sdnotify, to have pppd notify systemd when the link is up.
* The rp-pppoe plugin has new options:
* host-uniq, to set the Host-Uniq value to send
* pppoe-padi-timeout, to set the timeout for discovery packets
* pppoe-padi-attempts, to set the number of discovery attempts.
* Added the CLASS attribute in radius packets.
* Fixed warnings and issues found by static analysis.
- Obsoleted patches:
* ppp-2.4.3-pppoatm.diff
* ppp-2.4.4-strncatfix.patch
* ppp-2.4.6-ifname.diff
* ppp-2.4.7-DES-openssl.patch
* ppp-2.4.7.tar.gz.asc
* ppp-send-padt.patch
- Patches that got renamed, because they needed rediffing:
* ppp-2.4.1-higher-speeds.diff -> ppp-higher-speeds.patch
* ppp-2.4.1-higher-speeds.diff -> ppp-higher-speeds.patch
* ppp-2.4.2-__P.diff -> ppp-__P.patch
* ppp-2.4.2-cifdefroute.diff -> ppp-cifdefroute.patch
* ppp-2.4.2-pie.patch -> ppp-pie.patch
* ppp-2.4.2-smpppd.diff -> ppp-smpppd.patch
* ppp-2.4.3-filter.diff -> ppp-filter.patch
* ppp-2.4.3-fork-fix.diff -> ppp-fork-fix.patch
* ppp-2.4.4-var_run_resolv_conf.patch -> ppp-var_run_resolv_conf.patch
* ppp-2.4.6-lib64.patch -> ppp-lib64.patch
* ppp-2.4.6-make.diff -> ppp-make.patch
* ppp-2.4.6-misc.diff -> ppp-misc.patch
* ppp-2.4.7-fix-bashisms.patch -> ppp-fix-bashisms.patch
- bsc#1172916: Fix an outdated comment for lcp-echo-interval.
==== python-jsonpatch ====
Version update (1.25 -> 1.26)
- update to 1.26:
* bugfixes (reject invalid json patches)
==== python-urllib3 ====
Version update (1.25.9 -> 1.25.10)
- update to 1.25.10:
* Added support for ``SSLKEYLOGFILE`` environment variable for
logging TLS session keys with use with programs like
Wireshark for decrypting captured web traffic (Pull #1867)
* Fixed loading of SecureTransport libraries on macOS Big Sur
due to the new dynamic linker cache (Pull #1905)
* Collapse chunked request bodies data and framing into one
call to ``send()`` to reduce the number of TCP packets by 2-4x (Pull #1906)
* Don't insert ``None`` into ``ConnectionPool`` if the pool
was empty when requesting a connection (Pull #1866)
* Avoid ``hasattr`` call in ``BrotliDecoder.decompress()`` (Pull #1858)
==== setools ====
- python3-setools needs python3-networkx
==== systemd ====
Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev
- Restore default upstream tmp.mount (/tmp as tmpfs) behaviour (boo#1173461)
==== webkit2gtk3 ====
Version update (2.28.3 -> 2.28.4)
Subpackages: libjavascriptcoregtk-4_0-18 libwebkit2gtk-4_0-37 webkit2gtk-4_0-injected-bundles
- Update to version 2.28.4 (boo#1174662):
+ Fix several crashes and rendering issues.
+ Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894,
CVE-2020-9895, CVE-2020-9915, CVE-2020-9925.
==== xen ====
Version update (4.13.1_04 -> 4.14.0_02)
- Correct license name
* GPL-3.0+ is now GPL-3.0-or-later
- Upstream bug fixes (bsc#1027519)
5f1a9916-x86-S3-put-data-sregs-into-known-state.patch
5f21b9fd-x86-cpuid-APIC-bit-clearing.patch
- Update to Xen 4.14.0 FCS release
xen-4.14.0-testing-src.tar.bz2
* Linux stubdomains (contributed by QUBES OS)
* Control-flow Enforcement Technology (CET) Shadow Stack support (contributed by Citrix)
* Lightweight VM fork for fuzzing / introspection. (contributed by Intel)
* Livepatch: buildid and hotpatch stack requirements
* CONFIG_PV32
* Hypervisor FS support
* Running Xen as a Hyper-V Guest
* Domain ID randomization, persistence across save / restore
* Golang binding autogeneration
* KDD support for Windows 7, 8.x and 10
- Dropped patches contained in new tarball
5eb51be6-cpupool-fix-removing-cpu-from-pool.patch
5eb51caa-sched-vcpu-pause-flags-atomic.patch
5ec2a760-x86-determine-MXCSR-mask-always.patch
5ec50b05-x86-idle-rework-C6-EOI-workaround.patch
5ec7dcaa-x86-dont-enter-C6-with-in-service-intr.patch
5ec7dcf6-x86-dont-enter-C3-C6-with-errata.patch
5ec82237-x86-extend-ISR-C6-workaround-to-Haswell.patch
5ece1b91-x86-clear-RDRAND-CPUID-bit-on-AMD-fam-15-16.patch
5ece8ac4-x86-load_system_tables-NMI-MC-safe.patch
5ed69804-x86-ucode-fix-start-end-update.patch
5eda60cb-SVM-split-recalc-NPT-fault-handling.patch
5edf6ad8-ioreq-pending-emulation-server-destruction-race.patch
5edfbbea-x86-spec-ctrl-CPUID-MSR-defs-for-SRBDS.patch
5edfbbea-x86-spec-ctrl-mitigate-SRBDS.patch
5ee24d0e-x86-spec-ctrl-document-SRBDS-workaround.patch
xsa317.patch
xsa319.patch
xsa321-1.patch
xsa321-2.patch
xsa321-3.patch
xsa321-4.patch
xsa321-5.patch
xsa321-6.patch
xsa321-7.patch
xsa328-1.patch
xsa328-2.patch
- bsc#1172356 - Not able to hot-plug NIC via virt-manager, asks to
attach on next reboot while it should be live attached
ignore-ip-command-script-errors.patch
- Enhance libxc.migrate_tracking.patch
After transfer of domU memory, the target host has to assemble
the backend devices. Track the time prior xc_domain_unpause.
--
To unsubscribe, e-mail: opensuse-kubic+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-kubic+owner@opensuse.org