Packages changed: acl apparmor augeas autofs bash branding-openSUSE btrfsmaintenance ceph (14.1.0.559+gf1a72cff25 -> 14.2.0.300+gacd2f2b9e1) checkpolicy (2.8 -> 2.9) chrony coreutils (8.30 -> 8.31) cri-o (1.13.1 -> 1.13.3) curl device-mapper dhcp docker-kubic (18.09.1_ce -> 18.09.3_ce) dracut (044.1 -> 044.2) efivar ethtool (4.19 -> 5.0) fuse glib-networking (2.58.0 -> 2.60.0.1) glib2 (2.58.3 -> 2.60.0) glibc gpg2 (2.2.13 -> 2.2.15) grub2 health-checker (1.2 -> 1.2.2) hwdata (0.320 -> 0.321) hwinfo (21.63 -> 21.64) installation-images-Kubic (14.411 -> 14.417) kdump kernel-default-base (4.20.13 -> 5.0.3) kernel-firmware (20190221 -> 20190312) kernel-source (4.20.13 -> 5.0.5) kubernetes libaio libgpg-error (1.35 -> 1.36) libmspack (0.9.1 -> 0.10.1) libseccomp (2.3.3 -> 2.4.0) libselinux (2.8 -> 2.9) libselinux-bindings (2.8 -> 2.9) libsemanage (2.8 -> 2.9) libsepol (2.8 -> 2.9) libtirpc libunistring libx86emu (2.1 -> 2.2) libzypp (17.11.2 -> 17.11.3) lua53 (5.3.4 -> 5.3.5) lvm2 mcstrans (2.8 -> 2.9) mozilla-nss (3.41.1 -> 3.42.1) multipath-tools (0.7.9+111+suse.b4232b7 -> 0.7.9+139+suse.ed9d450) ncurses open-iscsi open-lldp open-vm-tools (10.3.5 -> 10.3.10) openSUSE-build-key openldap2 openssh podman policycoreutils (2.8 -> 2.9) python-PyJWT python-PyYAML (3.13 -> 5.1) python-certifi (2018.11.29 -> 2019.3.9) python-cffi python-decorator (4.3.2 -> 4.4.0) python-jsonpointer (1.14 -> 2.0) python-jsonschema (2.6.0 -> 3.0.1) python-msgpack (0.5.6 -> 0.6.1) python-packaging (17.1 -> 19.0) python-psutil (5.5.1 -> 5.6.1) python-pyzmq (17.1.2 -> 18.0.1) python-rpm-macros (20190221.08f1194 -> 20190315.d3034bf) python-semanage (2.8 -> 2.9) python-tornado python3 python3-base restorecond (2.8 -> 2.9) slirp4netns (0.1+gitr54_39e87c0e6634 -> 0.3.0) snapper (0.8.2 -> 0.8.3) sqlite3 (3.26.0 -> 3.27.2) supportutils (3.1 -> 3.1.1) suse-module-tools (15.1.11 -> 15.1.13) systemd (239 -> 241) tar (1.30 -> 1.31) timezone (2018i -> 2019a) transactional-update (2.13.2 -> 2.14.1) ucode-intel (20180807a -> 20190312) update-alternatives vim (8.1.0892 -> 8.1.1066) xen (4.12.0_02 -> 4.12.0_07) yast2 (4.1.61 -> 4.1.67) zlib zypper (1.14.26 -> 1.14.27) === Details === ==== acl ==== - Update boilerplate descriptions for libacl-devel. - Remove out-of-date comments for libattr. - Remove old BuildRoot and %defattr tags. - Move library into the standard library directory. ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor - add usrmerge-fixes.diff: fix test failures when /bin/sh is handled by update-alternatives (boo#1127877) ==== augeas ==== - Add gcc9-disable-broken-test.patch in order to address bsc#1120894. ==== autofs ==== - Drop pre-12.2 parts from build recipe - Switch %systemd_requires to %systemd_ordering, since %service_* can deal with its absence. ==== bash ==== - Update temporary patch from upstream to make sed testsuite work again - Requires(postun) -> Requires(preun) - Do not link /bin/sh as slave alternative to /usr/bin/sh - Add temporary patch from upstream to fix boo#1127700 - Refine and harden update-alternatives work flow - Move header and Makefile from bash-loadables to bash-devel - Make update-alternatives work flawless - Put "sh" under control of update-alternatives ==== branding-openSUSE ==== - Replace font with font-size in YaST theming - Fix systemd logo icons package - Prevent tiny installation font (bsc#1124508) ==== btrfsmaintenance ==== - Document and adjust balance thresholds and periods (FATE#325529 jsc#SLE-3188). * README: document impact of balance + quota groups * sysconfig: reduce default balance usage thresholds * sysconfig: document using systemd.time(7) for frequency of operations * btrfsmaintenance-refresh-cron.sh: validate periods for cron-based systems - Remove python dependency (FATE#326736 jsc#SLE-4130). * btrfs-defrag-plugin: remove dependency on zypp-plugin-python - Added patches: * 0001-README-document-impact-of-balance-quota-groups.patch * 0002-sysconfig-reduce-default-balance-usage-thresholds-fa.patch * 0003-sysconfig-document-using-systemd.time-7-for-frequenc.patch * 0004-btrfsmaintenance-refresh-cron.sh-validate-periods-fo.patch * 0005-btrfs-defrag-plugin-remove-dependency-on-zypp-plugin.patch - Added source: * btrfs-defrag-plugin.sh - Removed patch: * python3-support-bsc1070322.diff - update to version 0.4.2 - CVE-2018-14722: expand auto mountpoints in a safe way - btrfs-defrag: fix missing function to detect btrfs filesystems (#52) - btrfs-trim: more verbose fstrim output (#60) - dist-install: print information about timer unit installation (#58) - In openSUSE the defrag plugin must explicitly refer to Python 3. (bsc#1070322) - Added patch: python3-support-bsc1070322.diff - update to version 0.4.1 - defrag plugin: python2 and 3 compatibility - defrag plugin: target extent size lowered to 32MiB (#43) - shell compatibility fixes - systemd unit type fixes - Removed patch: python3-support-bsc1070322.diff (upstream) - Add missing btrfsmaintenance-refresh.path [bsc#1084871] - Use %license [bsc#1082318] - Move the defrag plugin over to Python 3. (bsc#1070322) - Added patch: python3-support-bsc1070322.diff - update to version 0.4 - add support for systemd timers and use them by default; the alternative cron scripts are still present (#29, #36) - add automatic monitoring (via systemd.path) of the config file, no manual updates by btrfsmaintenance-refresh.service needed (#38) - fix RPM database path detection - spec file cleanups - documentation updates - removed patches: - btrfsmaintenance-0.3.1-fix-rpm-db-path.patch (upstream) - btrfsmaintenance-switch-to-timer.patch (upstream) - pull-request-36.patch (upstream) - Fix systemd timers enabled even if period is set to none: * Micro change in pull-request-36.patch (bsc#1075884) - Clean spec file: * Removed support for suse_version <= 1210. * Removed call to btrfsmaintenance-refresh-cron.sh upon deletion (not needed anymore since we use systemd timers which are handled by macros). * Ran spec-cleaner. - Switch default of btrfsmaintenance-refresh.service to systemd-timer, too (btrfsmaintenance-switch-to-timer.patch) [bsc#1073204] - pull-request-36.patch: update patch - Don't call btrfsmaintenance-refresh-cron.sh in %post, this is done already by the systemd macros - Add patch to use systemd timer instead of cron (pull-request-36.patch) - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Fix cron symlinks removal upon package upgrade (boo#904518): * The problem was in the preun section (in the old RPM). * This means the symlinks are removed by this update, but won't be by the next ones. * Please run 'systemctl start btrfsmaintenance-refresh' one more time to fix your symlinks. - Add btrfsmaintenance-0.3.1-fix-rpm-db-path.patch: * Change RPM database path to /usr/lib/sysimage/rpm for Tumbleweed. - Require btrfsprogs (bsc#1047226) - version 0.3.1 - dist-install: fix installation paths, install functions - functions: fix syntax to be compatible with dash - spec: install functions file - version 0.3 - add syslog to logging targets - add none target (/dev/null) - autodetect btrfs filesystems for balance, scrub and trim - detect mixed blockgroups and use correct balance filters - fix uninstall rules - fix capturing entire output to the log - fix when cron files are symlinks - add generic installation script - doc updates: retention policy tuning - version 0.2 - updated documentation - support debian-like configuration paths - no hardcoded paths to external utilities - fixed logger name typos for 'journal' target - defrag fixes (sysconfig, find arguments) - version 0.1.2 - change default config for trim: off - journal loggin should work (fixed a typo) - version 0.1.1 - fix typo and make journal logging target work - cron refresh: remove bashism - cron refresh: remove debugging messages - post installation must create the cron links (bsc#904518) - Removed patches: * btrfsmaintenance-0.1-fix-bashisms.patch - fix bashism in btrfsmaintenance-refresh-cron.sh script - add patches: * btrfsmaintenance-0.1-fix-bashisms.patch - add COPYING, README.md - add config option to specify log target (stdout, or journal) ==== ceph ==== Version update (14.1.0.559+gf1a72cff25 -> 14.2.0.300+gacd2f2b9e1) Subpackages: ceph-common libcephfs2 librados2 libradosstriper1 librbd1 librgw2 python3-ceph-argparse python3-cephfs python3-rados python3-rbd python3-rgw - Update to 14.2.0-300-gacd2f2b9e1: + spec/ceph-mgr: drop "Recommends: ceph-mgr-ssh" + cmake: empty INSTALL_RPATH for libceph_crypto_openssl.so (boo#1129921) - Update to 14.2.0-296-g063d979413: + rebase on top of upstream nautilus branch, SHA1 3a54b2b6d167d4a2a19e003a705696d4fe619afc * upstream Nautilus 14.2.0 (stable) release release notes: http://docs.ceph.com/docs/master/releases/nautilus/ + rpm: fix "rhel <= 7" conditional (bsc#1129595) + rpm: refrain from building ceph-resource-agents on SLE (bsc#1129597) - Update to 14.1.1-457-g1411dbed54: + rebase on top of upstream nautilus branch, SHA1 98653b3db92f69023cb62526791d4d9aa5d6ec23 * upstream Nautilus 14.1.1 (RC2) release * mgr: Fix broken get_localized_module_option function (bsc#1127342) * spec: ceph-osd gets new runtime dependency, libstoragemgmt + dashboard: Update downstream branding (bsc#1129224) + spec: build ceph-test package on x86_64 arch only (bsc#1129274) ==== checkpolicy ==== Version update (2.8 -> 2.9) - Update to version 2.9 * Add option to sort contexts when creating a binary policy * Update manpage * check the result value of hashtable_search * destroy the class datum if it fails to initialize * remove extraneous policy build noise ==== chrony ==== - Fix ordering and dependencies of chronyd.service, so that it is started after name resolution is up (bsc#1129914). - Add chrony-service-ordering.patch - Fix location of helper script in chrony-dnssrv@.service (bsc#1128846). - Update testsuite to version 58c5e8b ==== coreutils ==== Version update (8.30 -> 8.31) - Update to 8.31: * Noteworthy changes in release 8.31 (2019-03-10) [stable] * * Bug fixes 'base64 a b' now correctly diagnoses 'b' as the extra operand, not 'a'. [bug introduced in coreutils-5.3.0] When B already exists, 'cp -il A B' no longer immediately fails after asking the user whether to proceed. [This bug was present in "the beginning".] df no longer corrupts displayed multibyte characters on macOS. [bug introduced with coreutils-8.18] seq no longer outputs inconsistent decimal point characters for the last number, when locales are misconfigured. [bug introduced in coreutils-7.0] shred, sort, and split no longer falsely report ftruncate errors when outputting to less-common file types. For example, the shell command 'sort /dev/null -o /dev/stdout | cat' no longer fails with an "error truncating" diagnostic. [bug was introduced with coreutils-8.18 for sort and split, and (for shared memory objects only) with fileutils-4.1 for shred] sync no longer fails for write-only file arguments. [bug introduced with argument support to sync in coreutils-8.24] 'tail -f file | filter' no longer exits immediately on AIX. [bug introduced in coreutils-8.28] 'tail -f file | filter' no longer goes into an infinite loop if filter exits and SIGPIPE is ignored. [bug introduced in coreutils-8.28] * * Changes in behavior cksum, dd, hostid, hostname, link, logname, sleep, tsort, unlink, uptime, users, whoami, yes: now always process --help and --version options, regardless of any other arguments present before any optional '--' end-of-options marker. nohup now processes --help and --version as first options even if other parameters follow. 'yes a -- b' now outputs 'a b' instead of including the end-of-options marker as before: 'a -- b'. echo now always processes backslash escapes when the POSIXLY_CORRECT environment variable is set. When possible 'ln A B' now merely links A to B and reports an error if this fails, instead of statting A and B before linking. This uses fewer system calls and avoids some races. The old statting approach is still used in situations where hard links to directories are allowed (e.g., NetBSD when superuser). ls --group-directories-first will also group symlinks to directories. 'test -a FILE' is not supported anymore. Long ago, there were concerns about the high probability of humans confusing the -a primary with the -a binary operator, so POSIX changed this to 'test -e FILE'. Scripts using it were already broken and non-portable; the -a unary operator was never documented. wc now treats non breaking space characters as word delimiters unless the POSIXLY_CORRECT environment variable is set. * * New features id now supports specifying multiple users. 'date' now supports the '+' conversion specification flag, introduced in POSIX.1-2017. printf, seq, sleep, tail, and timeout now accept floating point numbers in either the current or the C locale. For example, if the current locale's decimal point is ',', 'sleep 0,1' and 'sleep 0.1' now mean the same thing. Previously, these commands accepted only C-locale syntax with '.' as the decimal point. The new behavior is more compatible with other implementations in non-C locales. test now supports the '-N FILE' unary operator (like e.g. bash) to check whether FILE exists and has been modified since it was last read. env now supports '--default-signal[=SIG]', '--ignore-signal[=SIG]', and '--block-signal[=SIG], to setup signal handling before executing a program. env now supports '--list-signal-handling' to indicate non-default signal handling before executing a program. * * New commands basenc is added to complement existing base64,base32 commands, and encodes and decodes printable text using various common encodings: base64,base64url,base32,base32hex,base16,base2,z85. * * Improvements ls -l now better aligns abbreviated months containing digits, which is common in Asian locales. stat and tail now know about the "sdcardfs" file system on Android. stat -f -c%T now reports the file system type, and tail -f uses inotify. stat now prints file creation time when supported by the file system, on GNU Linux systems with glibc >= 2.28 and kernel >= 4.11. - Refresh patches (line number changes only): * coreutils-disable_tests.patch * coreutils-i18n.patch * coreutils-misc.patch * coreutils-remove_hostname_documentation.patch * coreutils-remove_kill_documentation.patch * coreutils-skip-gnulib-test-tls.patch * coreutils-tests-shorten-extreme-factor-tests.patch - coreutils.spec: * Version: bump version. * URL: Use https scheme. * %description: Add 'basenc' tool. * Change gitweb to cgit URL with https in a comment. - coreutils.keyring: * Update for added section headers ('GPG keys of '). ==== cri-o ==== Version update (1.13.1 -> 1.13.3) Subpackages: cri-o-kubeadm-criconfig - Update cri-o to v1.13.3 * Always set gid if returned from container user files * server: delete the container if it cannot be restored * Bump github.com/containers/storage to v1.11 * Add support for host ip configuration * Pause credentials 1.13 * Allow device mounting to work in privileged mode * Fix detach non tty ==== curl ==== Subpackages: libcurl4 - Fix variable placement that wasn't properly reset within a loop missing to notify sockets. [bsc#1129083, bsc#1129470] * Added curl-singlesocket-sincebefore-placement.patch - Add patches to fix use-after-free (boo#1127849): * 0001-connection_check-set-data-to-the-transfer-doing-the-.patch * 0002-connection_check-restore-original-conn-data-after-th.patch ==== device-mapper ==== Subpackages: libdevmapper-event1_03 libdevmapper1_03 - Use %make_build in order to provide verbose output. ==== dhcp ==== Subpackages: dhcp-client - Drop use of $FIRST_ARG in .spec The use of $FIRST_ARG was probably required because of the %service_* rpm macros were playing tricks with the shell positional parameters. This is bad practice and error prones so let's assume that no macros should do that anymore and hence it's safe to assume that positional parameters remains unchanged after any rpm macro call. ==== docker-kubic ==== Version update (18.09.1_ce -> 18.09.3_ce) - Update to Docker 18.09.3-ce. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md. - docker-test: improvements to test packaging (we don't need to ship around the entire source tree, and we also need to build the born-again integration/ tests which contain a suite-per-directory). We also need a new patch which fixes the handling of *-test images. bsc#1128746 + bsc1128746-0001-integration-cli-don-t-build-test-images-if-they-alre.patch ==== dracut ==== Version update (044.1 -> 044.2) Subpackages: dracut-ima - Bump version to 044.2 to provide a version to lock on to (bsc#1127891) - Check SUSE kernel module dependencies recursively (bsc#1127891) * adds 0594-Check-SUSE-kernel-module-dependencies-recursively.patch - Handle non-versioned dependency in purge-kernels. ==== efivar ==== - Add efivar-bsc1127544-fix-ucs2len.patch to fix logic that checks for UCS-2 string termination (boo#1127544) - Add efivar-fix-efidp_ipv4_addr-fields-assignment.patch to fix the casting of IPv4 address. ==== ethtool ==== Version update (4.19 -> 5.0) - Hide some innocuous build warnings to make relevant ones more visible. - Update to new upstream release 5.0 * Feature: add pretty print for dsa/mv88e6xxx * Feature: don't report UFO on kernels >= 4.14 * Fix (potential): zero initalize coalesce struct ==== fuse ==== - Use %make_build in order to provide verbose output. ==== glib-networking ==== Version update (2.58.0 -> 2.60.0.1) - Update to version 2.60.0.1: + Fix build with OpenSSL pkg-config unavailable. - Update to version 2.60.0: + This is the first stable release featuring the new OpenSSL backend. Please be advised that this new backend is still experimental and known to not work on some systems, including Debian. Linux distributions are encouraged to stick to the default build options, where OpenSSL is not yet enabled. + Fix build with GnuTLS disabled. - Update to version 2.59.92: + GnuTLS: reject sync operations during handshake to avoid deadlocks. + Temporarily disable DTLS and OpenSSL tests due to bugs. - Update to version 2.59.91: + Update OpenSSL SSL struct when certificate is changed. + Fix tests build when GnuTLS is disabled. + Remove Fedora-specific PROFILE=SYSTEM default cipher list. + Fix some problems with the connection tests. - Update to version 2.59.90: + This release adds an OpenSSL backend, obsoleting the glib-openssl project. + The OpenSSL backend seems to be mature, though it is less well-tested for desktop usage than the GnuTLS backend. It will remain disabled by default at build time due to the GPL-incompatible nature of the OpenSSL license -- and the GPLv2-incompatible nature of the Apache license that will be used by future versions of OpenSSL -- and because the GnuTLS backend is sufficient for Linux distros. + Use the OpenSSL backend if you are building an embedded system where (GPLv2+ or LGPLv3+) dependencies are unacceptable (e.g. nettle or GMP, both dependencies of GnuTLS) and you are OK with the GPL-incompatible OpenSSL license. If the OpenSSL backend is enabled at build time, you should probably disable build of the GnuTLS backend, or it will take precedence over the OpenSSL backend at runtime. - Update to version 2.59.2: + Add support for application layer protocol negotiation. - Update to version 2.59.1: + This release removes the gnutls-pkcs11 backend, which was disabled in 2.57.2, due to lack of any feedback whatsoever regarding its disablement. If you think it is still useful to you, given that the normal gnutls backend now supports PKCS#11, speak up now. + This release also includes several changes to properly support TLS 1.3. + Other changes: - Perform certificate verification during, not after, TLS handshake. - Dramatically improve the reliability of the non-DTLS tests. (DTLS is still having problems). - Regenerate test certificates to prepare for OpenSSL support. - Several meson build system improvements to prepare for OpenSSL support. ==== glib2 ==== Version update (2.58.3 -> 2.60.0) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - Add patch submitted upstream to handle an UNKNOWN NM connectivity the same as a NONE value. This partly fixes boo#1103678 (packagekit reports the network as available on a computer without network connectivity which makes plasma-pk-update start an update check which obviously fails). * 0001-Handle-an-UNKNOWN-NetworkManager-connectivity-as-NONE.patch - Update to version 2.60.0: + Further fixes to the Happy Eyeballs (RFC 8305) implementation. + Add support for the XDG trash portal. + Bugs fixed: glgo#GNOME/GLib#1653, glgo#GNOME/GLib#1658, glgo#GNOME/GLib#1668, glgo#GNOME/GLib#1675, glgo#GNOME/GLib#1676, glgo#GNOME/GLib#1679, glgo#GNOME/GLib#1693, glgo#GNOME/GLib#1697, glgo#GNOME/GLib#1698, glgo#GNOME/GLib!276, glgo#GNOME/GLib!639, glgo#GNOME/GLib!666, glgo#GNOME/GLib!674, glgo#GNOME/GLib!676, glgo#GNOME/GLib!677, glgo#GNOME/GLib!686, glgo#GNOME/GLib!688, glgo#GNOME/GLib!689, glgo#GNOME/GLib!691, glgo#GNOME/GLib!692, glgo#GNOME/GLib!696, glgo#GNOME/GLib!698, glgo#GNOME/GLib!699, glgo#GNOME/GLib!702, glgo#GNOME/GLib!703. + Updated translations. - Update to version 2.59.2: + Fix check on GDBusMessage size when reading it. + Add async GIO API: g_file_query_default_handler_async(), g_app_info_launch_uris_async(). + Fix some bugs in the Happy Eyeballs implementation. + Install a new generated header with enum types for Unicode enums. + Support the XDG trash portal. + Bugs fixed: glgo#GNOME/GLib#1224, glgo#GNOME/GLib#1249, glgo#GNOME/GLib#1347, glgo#GNOME/GLib#1376, glgo#GNOME/GLib#1642, glgo#GNOME/GLib#1646, glgo#GNOME/GLib#1649, glgo#GNOME/GLib#1673, glgo#GNOME/GLib!276, glgo#GNOME/GLib!481, glgo#GNOME/GLib!585, glgo#GNOME/GLib!593, glgo#GNOME/GLib!609, glgo#GNOME/GLib!619, glgo#GNOME/GLib!622, glgo#GNOME/GLib!626, glgo#GNOME/GLib!627, glgo#GNOME/GLib!629, glgo#GNOME/GLib!630. + Updated translations. ==== glibc ==== Subpackages: glibc-locale glibc-locale-base - add-new-Fortran-vector-math-header-file.patch: Update from upstream ==== gpg2 ==== Version update (2.2.13 -> 2.2.15) - Update to 2.2.15 * sm: Allow decryption even if expired keys are configured. * agent: Change command KEYINFO to print ssh fingerprints with other hash algos. * dirmngr: Fix build problems on Solaris due to the use of reserved symbol names. * wkd: New commands --print-wkd-hash and --print-wkd-url for gpg-wks-client. - Update to 2.2.14: * gpg: Allow import of PGP desktop exported secret keys. Also avoid importing secret keys if the secret keyblock is not valid. * gpg: Do not error out on version 5 keys in the local keyring. * gpg: Make invalid primary key algo obvious in key listings. * sm: Do not mark a certificate in a key listing as de-vs compliant if its use for a signature will not be possible. * sm: Fix certificate creation with key on card. * sm: Create rsa3072 bit certificates by default. * sm: Print Yubikey attestation extensions with --dump-cert. * agent: Fix cancellation handling for scdaemon. * agent: Support --mode=ssh option for CLEAR_PASSPHRASE. * scd: Fix flushing of the CA-FPR DOs in app-openpgp. * scd: Avoid a conflict error with the "undefined" app. * dirmngr: Add CSRF protection exception for protonmail. * dirmngr: Fix build problems with gcc 9 in libdns. * gpgconf: New option --show-socket for use wity --launch. * gpgtar: Make option -C work for archive creation. - Removed patches that are included upstream by now: - 0001-libdns-Avoid-using-compound-literals.patch - 0002-libdns-Avoid-using-compound-literals-2.patch - 0003-libdns-Avoid-using-compound-literals-3.patch - 0004-libdns-Avoid-using-compound-literals-4.patch - 0005-libdns-Avoid-using-compound-literals-5.patch - 0006-libdns-Avoid-using-compound-literals-6.patch - 0007-libdns-Avoid-using-compound-literals-7.patch - 0008-libdns-Avoid-using-compound-literals-8.patch ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi - Use %doc for older products for compatibility, or may end up with unsuccessful build result * grub2.spec - Revert grub2-ieee1275-open-raw-mode.patch for regression of crashing lvm on multipath SAN (bsc#1113702) * deleted grub2-ieee1275-open-raw-mode.patch - Add exception handling to FCP lun enumeration (bsc#1113702) * grub2-ieee1275-FCP-methods-for-WWPN-and-LUNs.patch - Fix LOADER_TYPE parsing in grub2-once (boo#1122569) ==== health-checker ==== Version update (1.2 -> 1.2.2) Subpackages: health-checker-plugins-MicroOS health-checker-plugins-kubic - Update to version 1.2.2 * Fix product namings - Update to version 1.2.1 * Make sure telmetrics payload is not empty in success case ==== hwdata ==== Version update (0.320 -> 0.321) - Update to version 0.321: * Updated pci, usb and vendor ids. ==== hwinfo ==== Version update (21.63 -> 21.64) - Update of pci and usb ids (bsc#1127840) (#77) - 21.64 ==== installation-images-Kubic ==== Version update (14.411 -> 14.417) - merge gh#openSUSE/installation-images#302 - fine-tune RPi firmware inclusion (jsc:SLE-4394) - 14.417 - adjust build contraints to require 24GB to build - disable SLED build (fcrozat) - merge gh#openSUSE/installation-images#301 - Package mkfontdir is optional. So it can be obsoleted by package mkfontscale. - 14.416 - merge gh#openSUSE/installation-images#300 - adjust EFI boot setup to also include RPi firmware files (jsc:SLE-4394) - 14.415 - add raspberry pi firmware files - merge gh#openSUSE/installation-images#299 - bash is really in /usr/bin, do not rely in symlink in /bin - 14.414 - do not build for s390 (32 bit) - merge gh#openSUSE/installation-images#298 - bash has been moved to /usr/bin - systemd branding for Kubic is now MicroOS - 14.413 - Kubic: replace CAASP systemd branding with MicroOS - merge gh#openSUSE/installation-images#297 - Add nvme-cli package (bsc#1127815) - 14.412 ==== kdump ==== - Use %license instead of %doc (bsc#1082318, bsc#1129947). - kdump-fix-multipath-user_friendly_names.patch: Fix multipath configuration with user_friendly_names and/or aliases (bsc#1111207, LTC#171953, bsc#1125218, LTC#175465). - kdump-recover-from-missing-CRASHTIME.patch: Recover from missing CRASHTIME= in VMCOREINFO (bsc#1112387). - kdump-fallback-re-register-fadump-from-userspace.patch: Re-register FADUMP from userspace if the kernel cannot do it (bsc#1108170, LTC#171288, bsc#1094016, LTC#168050) - kdump-Restore-only-static-routes-in-kdump-initrd.patch: Restore only static routes in kdump initrd (bsc#1093795). - kdump-on-error-option-yesno.patch: Support yes/no style for KDUMP_CONTINUE_ON_ERROR (bsc#1083155). - kdump-use-pbl.patch: Replace obsolete perl-Bootloader library with a simpler script (bsc#1050349). - Ensure added kdump-early.service is enabled properly after update (bsc#1021484). - kdump-remove-noefi-and-acpi_rsdp-for-efi-firmware.patch: Remove noefi and acpi_rsdp for EFI firmware (bsc#1123940). ==== kernel-default-base ==== Version update (4.20.13 -> 5.0.3) - Separate kernel-deafult-base from kernel-default (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). ==== kernel-firmware ==== Version update (20190221 -> 20190312) Subpackages: ucode-amd - Update to version 20190312: * drm/amdgpu: update picasso to latest from 18.50 branch * drm/amdgpu: update polaris12 to latest from 18.50 branch * drm/amdgpu: update vega20 to latest from 18.50 branch * rtw88: RTL8822C: update rtw8822c_fw.bin to v5.0 * rtl_bt: Update firmware for BT part of RTL8822C * linux-firmware: update Marvell 8787/8801/8887 firmware images * linux-firmware: update Marvell 8897/8997 firmware images * nfp: update Agilio SmartNIC firmware to rev 2.1.16.1 * QCA: Add the fw files for BT Chip QCA6174. ==== kernel-source ==== Version update (4.20.13 -> 5.0.5) - Linux 5.0.5 (bnc#1012628). - ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec (bnc#1012628). - ALSA: hda - Record the current power state before suspend/resume calls (bnc#1012628). - locking/lockdep: Add debug_locks check in __lock_downgrade() (bnc#1012628). - x86/unwind: Add hardcoded ORC entry for NULL (bnc#1012628). - x86/unwind: Handle NULL pointer calls better in frame unwinder (bnc#1012628). - loop: access lo_backing_file only when the loop device is Lo_bound (bnc#1012628). - netfilter: ebtables: remove BUGPRINT messages (bnc#1012628). - aio: simplify - and fix - fget/fput for io_submit() (bnc#1012628). - f2fs: fix to avoid deadlock of atomic file operations (bnc#1012628). - RDMA/cma: Rollback source IP address if failing to acquire device (bnc#1012628). - drm/vkms: Fix flush_work() without INIT_WORK() (bnc#1012628). - Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto() (bnc#1012628). - Bluetooth: hci_ldisc: Initialize hci_dev before open() (bnc#1012628). - Bluetooth: Fix decrementing reference count twice in releasing socket (bnc#1012628). - Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bnc#1012628). - media: v4l2-ctrls.c/uvc: zero v4l2_event (bnc#1012628). - ext4: brelse all indirect buffer in ext4_ind_remove_space() (bnc#1012628). - ext4: fix data corruption caused by unaligned direct AIO (bnc#1012628). - ext4: fix NULL pointer dereference while journal is aborted (bnc#1012628). - ALSA: ac97: Fix of-node refcount unbalance (bnc#1012628). - ALSA: hda - Don't trigger jackpoll_work in azx_resume (bnc#1012628). - SMB3: Fix SMB3.1.1 guest mounts to Samba (bnc#1012628). - clocksource/drivers/riscv: Fix clocksource mask (bnc#1012628). - irqchip/gic-v3-its: Fix comparison logic in lpi_range_cmp (bnc#1012628). - objtool: Move objtool_file struct off the stack (bnc#1012628). - perf probe: Fix getting the kernel map (bnc#1012628). - cifs: allow guest mounts to work for smb3.11 (bnc#1012628). - futex: Ensure that futex address is aligned in handle_futex_death() (bnc#1012628). - scsi: ibmvscsi: Fix empty event pool access during host removal (bnc#1012628). - scsi: ibmvscsi: Protect ibmvscsi_head from concurrent modificaiton (bnc#1012628). - scsi: qla2xxx: Fix FC-AL connection target discovery (bnc#1012628). - scsi: core: Avoid that a kernel warning appears during system resume (bnc#1012628). - net/mlx5: Fix DCT creation bad flow (bnc#1012628). - powerpc/security: Fix spectre_v2 reporting (bnc#1012628). - powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bnc#1012628). - MIPS: Fix kernel crash for R6 in jump label branch function (bnc#1012628). - MIPS: Ensure ELF appended dtb is relocated (bnc#1012628). - mips: loongson64: lemote-2f: Add IRQF_NO_SUSPEND to "cascade" irqaction (bnc#1012628). - udf: Fix crash on IO error during truncate (bnc#1012628). - libceph: wait for latest osdmap in ceph_monc_blacklist_add() (bnc#1012628). - iommu/iova: Fix tracking of recently failed iova address (bnc#1012628). - iommu/amd: fix sg->dma_address for sg->offset bigger than PAGE_SIZE (bnc#1012628). - drm/vmwgfx: Return 0 when gmrid::get_node runs out of ID's (bnc#1012628). - drm/vmwgfx: Don't double-free the mode stored in par->set_mode (bnc#1012628). - drm/amdgpu: fix invalid use of change_bit (bnc#1012628). - mmc: renesas_sdhi: limit block count to 16 bit for old revisions (bnc#1012628). - mmc: mxcmmc: "Revert mmc: mxcmmc: handle highmem pages" (bnc#1012628). - mmc: alcor: fix DMA reads (bnc#1012628). - mmc: pxamci: fix enum type confusion (bnc#1012628). - ALSA: firewire-motu: use 'version' field of unit directory to identify model (bnc#1012628). - ALSA: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist (bnc#1012628). - commit 0fb0b14 - btrfs: honor path->skip_locking in backref code (bsc#1099312). - commit 76ff396 - Linux 5.0.4 (bnc#1012628). - SUNRPC: Respect RPC call timeouts when retrying transmission (bnc#1012628). - SUNRPC: Fix up RPC back channel transmission (bnc#1012628). - SUNRPC: Prevent thundering herd when the socket is not connected (bnc#1012628). - s390/setup: fix boot crash for machine without EDAT-1 (bnc#1012628). - net: dsa: lantiq_gswip: fix OF child-node lookups (bnc#1012628). - net: dsa: lantiq_gswip: fix use-after-free on failed probe (bnc#1012628). - KVM: nVMX: Check a single byte for VMCS "launched" in nested early checks (bnc#1012628). - KVM: nVMX: Ignore limit checks on VMX instructions using flat segments (bnc#1012628). - KVM: nVMX: Apply addr size mask to effective address for VMX instructions (bnc#1012628). - KVM: nVMX: Sign extend displacements of VMX instr's mem operands (bnc#1012628). - KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bnc#1012628). - KVM: x86/mmu: Detect MMIO generation wrap in any address space (bnc#1012628). - KVM: VMX: Zero out *all* general purpose registers after VM-Exit (bnc#1012628). - KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run (bnc#1012628). - KVM: Call kvm_arch_memslots_updated() before updating memslots (bnc#1012628). - drm/amd/display: don't call dm_pp_ function from an fpu block (bnc#1012628). - drm/amd/powerplay: correct power reading on fiji (bnc#1012628). - drm/radeon/evergreen_cs: fix missing break in switch statement (bnc#1012628). - drm/fb-helper: generic: Fix drm_fbdev_client_restore() (bnc#1012628). - media: imx: csi: Stop upstream before disabling IDMA channel (bnc#1012628). - media: imx: csi: Disable CSI immediately after last EOF (bnc#1012628). - media: imx-csi: Input connections to CSI should be optional (bnc#1012628). - media: vimc: Add vimc-streamer for stream control (bnc#1012628). - media: uvcvideo: Avoid NULL pointer dereference at the end of streaming (bnc#1012628). - media: sun6i: Fix CSI regmap's max_register (bnc#1012628). - media: lgdt330x: fix lock status reporting (bnc#1012628). - media: imx: prpencvf: Stop upstream before disabling IDMA channel (bnc#1012628). - rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (bnc#1012628). - tpm: Unify the send callback behaviour (bnc#1012628). - tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bnc#1012628). - x86/ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace() (bnc#1012628). - x86/kvmclock: set offset for kvm unstable clock (bnc#1012628). - md: Fix failed allocation of md_register_thread (bnc#1012628). - perf intel-pt: Fix divide by zero when TSC is not available (bnc#1012628). - perf/x86/intel/uncore: Fix client IMC events return huge result (bnc#1012628). - perf intel-pt: Fix overlap calculation for padding (bnc#1012628). - perf auxtrace: Define auxtrace record alignment (bnc#1012628). - perf tools: Fix split_kallsyms_for_kcore() for trampoline symbols (bnc#1012628). - perf intel-pt: Fix CYC timestamp calculation after OVF (bnc#1012628). - x86/unwind/orc: Fix ORC unwind table alignment (bnc#1012628). - vt: perform safe console erase in the right order (bnc#1012628). - stable-kernel-rules.rst: add link to networking patch queue (bnc#1012628). - bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bnc#1012628). - bcache: treat stale && dirty keys as bad keys (bnc#1012628). - bcache: never writeback a discard operation (bnc#1012628). - PM / OPP: Update performance state when freq == old_freq (bnc#1012628). - PM / wakeup: Rework wakeup source timer cancellation (bnc#1012628). - svcrpc: fix UDP on servers with lots of threads (bnc#1012628). - NFSv4.1: Reinitialise sequence results before retransmitting a request (bnc#1012628). - nfsd: fix wrong check in write_v4_end_grace() (bnc#1012628). - nfsd: fix memory corruption caused by readdir (bnc#1012628). - nfsd: fix performance-limiting session calculation (bnc#1012628). - NFS: Don't recoalesce on error in nfs_pageio_complete_mirror() (bnc#1012628). - NFS: Fix an I/O request leakage in nfs_do_recoalesce (bnc#1012628). - NFS: Fix I/O request leakages (bnc#1012628). - cpuidle: governor: Add new governors to cpuidle_governors again (bnc#1012628). - cpcap-charger: generate events for userspace (bnc#1012628). - mfd: sm501: Fix potential NULL pointer dereference (bnc#1012628). - media: cx25840: mark pad sig_types to fix cx231xx init (bnc#1012628). - dm integrity: limit the rate of error messages (bnc#1012628). - dm: fix to_sector() for 32bit (bnc#1012628). - ipmi_si: fix use-after-free of resource->name (bnc#1012628). - ipmi_si: Fix crash when using hard-coded device (bnc#1012628). - Revert "KVM/MMU: Flush tlb directly in the kvm_zap_gfn_range()" (bnc#1012628). - arm64: KVM: Fix architecturally invalid reset value for FPEXC32_EL2 (bnc#1012628). - arm64: debug: Ensure debug handlers check triggering exception level (bnc#1012628). - arm64: debug: Don't propagate UNKNOWN FAR into si_code for debug signals (bnc#1012628). - arm64: Fix HCR.TGE status for NMI contexts (bnc#1012628). - ARM: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bnc#1012628). - powerpc/traps: Fix the message printed when stack overflows (bnc#1012628). - powerpc/traps: fix recoverability of machine check handling on book3s/32 (bnc#1012628). - powerpc/smp: Fix NMI IPI xmon timeout (bnc#1012628). - powerpc/smp: Fix NMI IPI timeout (bnc#1012628). - powerpc/hugetlb: Don't do runtime allocation of 16G pages in LPAR configuration (bnc#1012628). - powerpc/ptrace: Simplify vr_get/set() to avoid GCC warning (bnc#1012628). - powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bnc#1012628). - powerpc/64s/hash: Fix assert_slb_presence() use of the slbfee. instruction (bnc#1012628). - powerpc/powernv: Don't reprogram SLW image on every KVM guest entry/exit (bnc#1012628). - powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bnc#1012628). - powerpc/83xx: Also save/restore SPRG4-7 during suspend (bnc#1012628). - powerpc/powernv: Make opal log only readable by root (bnc#1012628). - powerpc/wii: properly disable use of BATs when requested (bnc#1012628). - powerpc/32: Clear on-stack exception marker upon exception return (bnc#1012628). - security/selinux: fix SECURITY_LSM_NATIVE_LABELS on reused superblock (bnc#1012628). - selinux: add the missing walk_size + len check in selinux_sctp_bind_connect (bnc#1012628). - jbd2: fix compile warning when using JBUFFER_TRACE (bnc#1012628). - jbd2: clear dirty flag when revoking a buffer from an older transaction (bnc#1012628). - serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954 chip use the pci_pericom_setup() (bnc#1012628). - serial: 8250_pci: Fix number of ports for ACCES serial cards (bnc#1012628). - serial: 8250_of: assume reg-shift of 2 for mrvl,mmp-uart (bnc#1012628). - serial: uartps: Fix stuck ISR if RX disabled with non-empty FIFO (bnc#1012628). - dmaengine: usb-dmac: Make DMAC system sleep callbacks explicit (bnc#1012628). - usb: typec: tps6598x: handle block writes separately with plain-I2C adapters (bnc#1012628). - usb: chipidea: tegra: Fix missed ci_hdrc_remove_device() (bnc#1012628). - clk: ingenic: Fix doc of ingenic_cgu_div_info (bnc#1012628). - clk: ingenic: Fix round_rate misbehaving with non-integer dividers (bnc#1012628). - clk: samsung: exynos5: Fix kfree() of const memory on setting driver_override (bnc#1012628). - clk: samsung: exynos5: Fix possible NULL pointer exception on platform_device_alloc() failure (bnc#1012628). - clk: clk-twl6040: Fix imprecise external abort for pdmclk (bnc#1012628). - clk: uniphier: Fix update register for CPU-gear (bnc#1012628). - ext2: Fix underflow in ext2_max_size() (bnc#1012628). - cxl: Wrap iterations over afu slices inside 'afu_list_lock' (bnc#1012628). - IB/rdmavt: Fix concurrency panics in QP post_send and modify to error (bnc#1012628). - IB/rdmavt: Fix loopback send with invalidate ordering (bnc#1012628). - IB/hfi1: Close race condition on user context disable and close (bnc#1012628). - PCI: pci-bridge-emul: Extend pci_bridge_emul_init() with flags (bnc#1012628). - PCI: pci-bridge-emul: Create per-bridge copy of register behavior (bnc#1012628). - PCI: pciehp: Disable Data Link Layer State Changed event on suspend (bnc#1012628). - PCI: dwc: skip MSI init if MSIs have been explicitly disabled (bnc#1012628). - PCI: qcom: Don't deassert reset GPIO during probe (bnc#1012628). - PCI/DPC: Fix print AER status in DPC event handling (bnc#1012628). - PCI/ASPM: Use LTR if already enabled by platform (bnc#1012628). - swiotlb: Add is_swiotlb_active() function (bnc#1012628). - swiotlb: Introduce swiotlb_max_mapping_size() (bnc#1012628). - dma: Introduce dma_max_mapping_size() (bnc#1012628). - ext4: fix crash during online resizing (bnc#1012628). - ext4: add mask of ext4 flags to swap (bnc#1012628). - ext4: update quota information while swapping boot loader inode (bnc#1012628). - gpio: pca953x: Fix dereference of irq data in shutdown (bnc#1012628). - media: i2c: ov5640: Fix post-reset delay (bnc#1012628). - i2c: tegra: update maximum transfer size (bnc#1012628). - i2c: tegra: fix maximum transfer size (bnc#1012628). - parport_pc: fix find_superio io compare code, should use equal test (bnc#1012628). - intel_th: Don't reference unassigned outputs (bnc#1012628). - device property: Fix the length used in PROPERTY_ENTRY_STRING() (bnc#1012628). - nvmem: core: don't check the return value of notifier chain call (bnc#1012628). - kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bnc#1012628). - mm/memory.c: do_fault: avoid usage of stale vm_area_struct (bnc#1012628). - mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bnc#1012628). - mm: hwpoison: fix thp split handing in soft_offline_in_use_page() (bnc#1012628). - ext4: cleanup pagecache before swap i_data (bnc#1012628). - ext4: fix check of inode in swap_inode_boot_loader (bnc#1012628). - cpufreq: pxa2xx: remove incorrect __init annotation (bnc#1012628). - cpufreq: tegra124: add missing of_node_put() (bnc#1012628). - cpufreq: kryo: Release OPP tables on module removal (bnc#1012628). - x86/kprobes: Prohibit probing on optprobe template code (bnc#1012628). - irqchip/brcmstb-l2: Use _irqsave locking variants in non-interrupt code (bnc#1012628). - irqchip/gic-v3-its: Avoid parsing _indirect_ twice for Device table (bnc#1012628). - libertas_tf: don't set URB_ZERO_PACKET on IN USB transfer (bnc#1012628). - soc: qcom: rpmh: Avoid accessing freed memory from batch API (bnc#1012628). - Btrfs: fix deadlock between clone/dedupe and rename (bnc#1012628). - Btrfs: fix corruption reading shared and compressed extents after hole punching (bnc#1012628). - btrfs: init csum_list before possible free (bnc#1012628). - btrfs: ensure that a DUP or RAID1 block group has exactly two stripes (bnc#1012628). - btrfs: drop the lock on error in btrfs_dev_replace_cancel (bnc#1012628). - btrfs: scrub: fix circular locking dependency warning (bnc#1012628). - Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl (bnc#1012628). - Btrfs: setup a nofs context for memory allocation at btrfs_create_tree() (bnc#1012628). - m68k: Add -ffreestanding to CFLAGS (bnc#1012628). - ovl: Do not lose security.capability xattr over metadata file copy-up (bnc#1012628). - ovl: During copy up, first copy up data and then xattrs (bnc#1012628). - splice: don't merge into linked buffers (bnc#1012628). - fs/devpts: always delete dcache dentry-s in dput() (bnc#1012628). - scsi: qla2xxx: Use complete switch scan for RSCN events (bnc#1012628). - scsi: qla2xxx: Avoid PCI IRQ affinity mapping when multiqueue is not supported (bnc#1012628). - scsi: qla2xxx: Fix LUN discovery if loop id is not assigned yet by firmware (bnc#1012628). - scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock (bnc#1012628). - scsi: sd: Optimal I/O size should be a multiple of physical block size (bnc#1012628). - scsi: aacraid: Fix performance issue on logical drives (bnc#1012628). - scsi: virtio_scsi: don't send sc payload with tmfs (bnc#1012628). - s390/virtio: handle find on invalid queue gracefully (bnc#1012628). - s390/setup: fix early warning messages (bnc#1012628). - s390: vfio_ap: link the vfio_ap devices to the vfio_ap bus subsystem (bnc#1012628). - clocksource/drivers/arch_timer: Workaround for Allwinner A64 timer instability (bnc#1012628). - Update config files. Set SUN50I_ERRATUM_UNKNOWN1=y to stay aligned with the master branch. - clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown (bnc#1012628). - clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR (bnc#1012628). - mt76: fix corrupted software generated tx CCMP PN (bnc#1012628). - regulator: s2mpa01: Fix step values for some LDOs (bnc#1012628). - regulator: max77620: Initialize values for DT properties (bnc#1012628). - regulator: s2mps11: Fix steps for buck7, buck8 and LDO35 (bnc#1012628). - spi: spi-gpio: fix SPI_CS_HIGH capability (bnc#1012628). - spi: omap2-mcspi: Fix DMA and FIFO event trigger size mismatch (bnc#1012628). - spi: pxa2xx: Setup maximum supported DMA transfer length (bnc#1012628). - spi: ti-qspi: Fix mmap read when more than one CS in use (bnc#1012628). - mmc:fix a bug when max_discard is 0 (bnc#1012628). - mmc: renesas_sdhi: Fix card initialization failure in high speed mode (bnc#1012628). - mmc: sdhci-esdhc-imx: fix HS400 timing issue (bnc#1012628). - ACPI / device_sysfs: Avoid OF modalias creation for removed device (bnc#1012628). - xen: fix dom0 boot on huge systems (bnc#1012628). - vmw_balloon: release lock on error in vmballoon_reset() (bnc#1012628). - tracing/perf: Use strndup_user() instead of buggy open-coded version (bnc#1012628). - tracing: Do not free iter->trace in fail path of tracing_open_pipe() (bnc#1012628). - tracing: Use strncpy instead of memcpy for string keys in hist triggers (bnc#1012628). - smb3: make default i/o size for smb3 mounts larger (bnc#1012628). - CIFS: Fix read after write for files with read caching (bnc#1012628). - CIFS: Do not skip SMB2 message IDs on send failures (bnc#1012628). - CIFS: Do not reset lease state to NONE on lease break (bnc#1012628). - CIFS: Fix leaking locked VFS cache pages in writeback retry (bnc#1012628). - crypto: arm64/aes-ccm - fix bugs in non-NEON fallback routine (bnc#1012628). - crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling (bnc#1012628). - crypto: x86/morus - fix handling chunked inputs and MAY_SLEEP (bnc#1012628). - crypto: x86/aesni-gcm - fix crash on empty plaintext (bnc#1012628). - crypto: x86/aegis - fix handling chunked inputs and MAY_SLEEP (bnc#1012628). - crypto: testmgr - skip crc32c context test for ahash algorithms (bnc#1012628). - crypto: skcipher - set CRYPTO_TFM_NEED_KEY if ->setkey() fails (bnc#1012628). - crypto: pcbc - remove bogus memcpy()s with src == dest (bnc#1012628). - crypto: morus - fix handling chunked inputs (bnc#1012628). - crypto: hash - set CRYPTO_TFM_NEED_KEY if ->setkey() fails (bnc#1012628). - crypto: arm64/crct10dif - revert to C code for short inputs (bnc#1012628). - crypto: arm64/aes-neonbs - fix returning final keystream block (bnc#1012628). - crypto: arm/crct10dif - revert to C code for short inputs (bnc#1012628). - crypto: aegis - fix handling chunked inputs (bnc#1012628). - crypto: aead - set CRYPTO_TFM_NEED_KEY if ->setkey() fails (bnc#1012628). - fix cgroup_do_mount() handling of failure exits (bnc#1012628). - libnvdimm: Fix altmap reservation size calculation (bnc#1012628). - libnvdimm/pmem: Honor force_raw for legacy pmem regions (bnc#1012628). - libnvdimm, pfn: Fix over-trim in trim_pfn_device() (bnc#1012628). - libnvdimm/label: Clear 'updating' flag after label-set update (bnc#1012628). - nfit/ars: Attempt short-ARS even in the no_init_ars case (bnc#1012628). - nfit/ars: Attempt a short-ARS whenever the ARS state is idle at boot (bnc#1012628). - acpi/nfit: Fix bus command validation (bnc#1012628). - nfit: acpi_nfit_ctl(): Check out_obj->type in the right place (bnc#1012628). - nfit: Fix nfit_intel_shutdown_status() command submission (bnc#1012628). - dax: Flush partial PMDs correctly (bnc#1012628). - crypto: rockchip - update new iv to device in multiple operations (bnc#1012628). - crypto: rockchip - fix scatterlist nents error (bnc#1012628). - crypto: ahash - fix another early termination in hash walk (bnc#1012628). - crypto: ofb - fix handling partial blocks and make thread-safe (bnc#1012628). - crypto: cfb - remove bogus memcpy() with src == dest (bnc#1012628). - crypto: cfb - add missing 'chunksize' property (bnc#1012628). - crypto: ccree - don't copy zero size ciphertext (bnc#1012628). - crypto: ccree - unmap buffer before copying IV (bnc#1012628). - crypto: ccree - fix free of unallocated mlli buffer (bnc#1012628). - crypto: caam - fix DMA mapping of stack memory (bnc#1012628). - crypto: caam - fixed handling of sg list (bnc#1012628). - crypto: ccree - fix missing break in switch statement (bnc#1012628). - crypto: caam - fix hash context DMA unmap size (bnc#1012628). - stm class: Fix an endless loop in channel allocation (bnc#1012628). - stm class: Prevent division by zero (bnc#1012628). - mei: bus: move hw module get/put to probe/release (bnc#1012628). - mei: hbm: clean the feature flags on link reset (bnc#1012628). - iio: adc: exynos-adc: Use proper number of channels for Exynos4x12 (bnc#1012628). - iio: adc: exynos-adc: Fix NULL pointer exception on unbind (bnc#1012628). - ASoC: codecs: pcm186x: Fix energysense SLEEP bit (bnc#1012628). - ASoC: codecs: pcm186x: fix wrong usage of DECLARE_TLV_DB_SCALE() (bnc#1012628). - ASoC: fsl_esai: fix register setting issue in RIGHT_J mode (bnc#1012628). - 9p/net: fix memory leak in p9_client_create (bnc#1012628). - 9p: use inode->i_lock to protect i_size_write() under 32-bit (bnc#1012628). - commit c52890c - Do not provide kernel-default-srchash from kernel-default-base. - commit d6c71ce - rpm/kernel-subpackage-build: handle arm kernel zImage. - commit 81a63c3 - config: disable IMA_ARCH_POLICY for now When IMA_ARCH_POLICY was enabled during the 5.0-rc* stage, IMA causes kdump load to fail: kexec_file_load failed: Permission denied ima: impossible to appraise a kernel image without a file descriptor; try using kexec_file_load syscall. We have to fix kexec tooling before enabling IMA for everyone. BTW IMA_APPRAISE_BOOTPARAM was disabled by IMA_ARCH_POLICY=y. So restore the original state (and functionality). - commit 3fe0cfc - rpm/kernel-source.changes.old: Really drop old changelogs (bsc#1098995) - commit 9e463cf - config: disable BPFILTER_UMH on arm (bsc#1127188). - commit a705565 - Linux 5.0.3 (bnc#1012628). - drm: Block fb changes for async plane updates (bnc#1012628). - It's wrong to add len to sector_nr in raid10 reshape twice (bnc#1012628). - perf/x86/intel: Make dev_attr_allow_tsx_force_abort static (bnc#1012628). - perf/x86/intel: Fix memory corruption (bnc#1012628). - ALSA: hda/realtek: Enable headset MIC of Acer TravelMate X514-51T with ALC255 (bnc#1012628). - ALSA: hda/realtek - Reduce click noise on Dell Precision 5820 headphone (bnc#1012628). - ALSA: hda/realtek: Enable audio jacks of ASUS UX362FA with ALC294 (bnc#1012628). - ALSA: hda - add more quirks for HP Z2 G4 and HP Z240 (bnc#1012628). - ALSA: hda: Extend i915 component bind timeout (bnc#1012628). - ALSA: firewire-motu: fix construction of PCM frame for capture direction (bnc#1012628). - ALSA: bebob: use more identical mod_alias for Saffire Pro 10 I/O against Liquid Saffire 56 (bnc#1012628). - perf/x86: Fixup typo in stub functions (bnc#1012628). - f2fs: wait on atomic writes to count F2FS_CP_WB_DATA (bnc#1012628). - net: sched: flower: insert new filter to idr after setting its mask (bnc#1012628). - vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bnc#1012628). - net: hns3: fix to stop multiple HNS reset due to the AER changes (bnc#1012628). - net: dsa: mv88e6xxx: Set correct interface mode for CPU/DSA ports (bnc#1012628). - net/mlx4_core: Fix qp mtt size calculation (bnc#1012628). - net/mlx4_core: Fix locking in SRIOV mode when switching between events and polling (bnc#1012628). - net/mlx4_core: Fix reset flow when in command polling mode (bnc#1012628). - vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() (bnc#1012628). - vxlan: Fix GRO cells race condition between receive and link delete (bnc#1012628). - tcp: handle inet_csk_reqsk_queue_add() failures (bnc#1012628). - tcp: Don't access TCP_SKB_CB before initializing it (bnc#1012628). - tcp: do not report TCP_CM_INQ of 0 for closed connections (bnc#1012628). - sctp: remove sched init from sctp_stream_init (bnc#1012628). - rxrpc: Fix client call queueing, waiting for channel (bnc#1012628). - route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (bnc#1012628). - ravb: Decrease TxFIFO depth of Q3 and Q2 to one (bnc#1012628). - pptp: dst_release sk_dst_cache in pptp_sock_destruct (bnc#1012628). - net/x25: reset state in x25_connect() (bnc#1012628). - net/x25: fix use-after-free in x25_device_event() (bnc#1012628). - net: sit: fix UBSAN Undefined behaviour in check_6rd (bnc#1012628). - net/hsr: fix possible crash in add_timer() (bnc#1012628). - net: hsr: fix memory leak in hsr_dev_finalize() (bnc#1012628). - net: hns3: add dma_rmb() for rx description (bnc#1012628). - lan743x: Fix TX Stall Issue (bnc#1012628). - lan743x: Fix RX Kernel Panic (bnc#1012628). - l2tp: fix infoleak in l2tp_ip6_recvmsg() (bnc#1012628). - ipv4/route: fail early when inet dev is missing (bnc#1012628). - gro_cells: make sure device is up in gro_cells_receive() (bnc#1012628). - fou, fou6: avoid uninit-value in gue_err() and gue6_err() (bnc#1012628). - connector: fix unsafe usage of ->real_parent (bnc#1012628). - commit 843d1cc - config: armv6hl: Update to v5.0.2 - commit a2d3030 - config: armv7hl: Update to v5.0.2 - commit 70aaed6 - Trim build dependencies of sample subpackage spec file (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). - commit 2eae420 - cifs: Fix NULL pointer dereference of devname (bnc#1129519). - commit 018878b - config: enable RANDOM_TRUST_CPU The outcome from mailing list discussion when this config option appeared was that it makes more sense to enable it by default and let those who do not trust their CPU override it on command line; but then I forgot to actually change the value. - commit 138b5df - Update config files: disable CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER (bsc#1127552) The deferred fbcon takeover makes little sense with the current openSUSE boot setup, and it's harmful (more glitches, etc). Disable it for now. - commit 14fa903 - Remove the previous subpackage infrastructure. This partially reverts commit 9b3ca32c11854156b2f950ff5e26131377d8445e ("Add kernel-subpackage-build.spec (FATE#326579).") - commit a5ee24e - Add sample kernel-default-base spec file (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). - commit 35c4a52 - Install extra rpm scripts for kernel subpackaging (FATE#326579, jsc#SLE-4117, jsc#SLE-3853, bsc#1128910). - commit ad7c227 - Linux 5.0.2 (bnc#1012628). - perf/x86/intel: Implement support for TSX Force Abort (bnc#1012628). - x86: Add TSX Force Abort CPUID/MSR (bnc#1012628). - perf/x86/intel: Generalize dynamic constraint creation (bnc#1012628). - perf/x86/intel: Make cpuc allocations consistent (bnc#1012628). - ath9k: Avoid OF no-EEPROM quirks without qca,no-eeprom (bnc#1012628). - scripts/gdb: replace flags (MS_xyz -> SB_xyz) (bnc#1012628). - staging: erofs: compressed_pages should not be accessed again after freed (bnc#1012628). - staging: erofs: keep corrupted fs from crashing kernel in erofs_namei() (bnc#1012628). - gfs2: Fix missed wakeups in find_insert_glock (bnc#1012628). - bpf: Stop the psock parser before canceling its work (bnc#1012628). - Revert "PCI/PME: Implement runtime PM callbacks" (bnc#1012628). - media: Revert "media: rc: some events are dropped by userspace" (bnc#1012628). - drm: disable uncached DMA optimization for ARM and arm64 (bnc#1012628). - ARM: dts: exynos: Fix max voltage for buck8 regulator on Odroid XU3/XU4 (bnc#1012628). - ARM: dts: exynos: Add minimal clkout parameters to Exynos3250 PMU (bnc#1012628). - ARM: dts: exynos: Fix pinctrl definition for eMMC RTSN line on Odroid X2/U3 (bnc#1012628). - arm64: dts: hikey: Revert "Enable HS200 mode on eMMC" (bnc#1012628). - arm64: dts: hikey: Give wifi some time after power-on (bnc#1012628). - arm64: dts: zcu100-revC: Give wifi some time after power-on (bnc#1012628). - x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bnc#1012628). - scsi: aacraid: Fix missing break in switch statement (bnc#1012628). - iscsi_ibft: Fix missing break in switch statement (bnc#1012628). - Input: elan_i2c - add id for touchpad found in Lenovo s21e-20 (bnc#1012628). - Input: wacom_serial4 - add support for Wacom ArtPad II tablet (bnc#1012628). - media: uvcvideo: Fix 'type' check leading to overflow (bnc#1012628). - commit 815c1bc - Update patches.suse/0001-media-usb-pwc-Don-t-use-coherent-DMA-buffers-for-ISO.patch upstream reference. - commit ff7c8cd - Linux 5.0.1 (bnc#1012628). - exec: Fix mem leak in kernel_read_file (bnc#1012628). - Bluetooth: Fix locking in bt_accept_enqueue() for BH context (bnc#1012628). - Bluetooth: btrtl: Restore old logic to assume firmware is already loaded (bnc#1012628). - selftests: firmware: fix verify_reqs() return value (bnc#1012628). - Revert "selftests: firmware: remove use of non-standard diff - Z option" (bnc#1012628). - Revert "selftests: firmware: add CONFIG_FW_LOADER_USER_HELPER_FALLBACK to config" (bnc#1012628). - USB: serial: cp210x: fix GPIO in autosuspend (bnc#1012628). - gnss: sirf: fix premature wakeup interrupt enable (bnc#1012628). - xtensa: fix get_wchan (bnc#1012628). - aio: Fix locking in aio_poll() (bnc#1012628). - MIPS: irq: Allocate accurate order pages for irq stack (bnc#1012628). - alpha: wire up io_pgetevents system call (bnc#1012628). - applicom: Fix potential Spectre v1 vulnerabilities (bnc#1012628). - usb: xhci: Fix for Enabling USB ROLE SWITCH QUIRK on INTEL_SUNRISEPOINT_LP_XHCI (bnc#1012628). - xhci: tegra: Prevent error pointer dereference (bnc#1012628). - tracing: Fix event filters and triggers to handle negative numbers (bnc#1012628). - x86/boot/compressed/64: Do not read legacy ROM on EFI system (bnc#1012628). - x86/CPU/AMD: Set the CPB bit unconditionally on F17h (bnc#1012628). - tipc: fix RDM/DGRAM connect() regression (bnc#1012628). - team: Free BPF filter when unregistering netdev (bnc#1012628). - sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79 (bnc#1012628). - sctp: call iov_iter_revert() after sending ABORT (bnc#1012628). - qmi_wwan: Add support for Quectel EG12/EM12 (bnc#1012628). - net-sysfs: Fix mem leak in netdev_register_kobject (bnc#1012628). - net: sched: put back q.qlen into a single location (bnc#1012628). - net: mscc: Enable all ports in QSGMII (bnc#1012628). - net: dsa: mv8e6xxx: fix number of internal PHYs for 88E6x90 family (bnc#1012628). - net: dsa: mv88e6xxx: handle unknown duplex modes gracefully in mv88e6xxx_port_set_duplex (bnc#1012628). - net: dsa: mv88e6xxx: add call to mv88e6xxx_ports_cmode_init to probe for new DSA framework (bnc#1012628). - ip6mr: Do not call __IP6_INC_STATS() from preemptible context (bnc#1012628). - staging: android: ashmem: Avoid range_alloc() allocation with ashmem_mutex held (bnc#1012628). - staging: android: ashmem: Don't call fallocate() with ashmem_mutex held (bnc#1012628). - staging: android: ion: fix sys heap pool's gfp_flags (bnc#1012628). - staging: wilc1000: fix to set correct value for 'vif_num' (bnc#1012628). - staging: comedi: ni_660x: fix missing break in switch statement (bnc#1012628). - staging: erofs: fix illegal address access under memory pressure (bnc#1012628). - staging: erofs: fix race of initializing xattrs of a inode at the same time (bnc#1012628). - staging: erofs: fix memleak of inode's shared xattr array (bnc#1012628). - staging: erofs: fix fast symlink w/o xattr when fs xattr is on (bnc#1012628). - driver core: Postpone DMA tear-down until after devres release (bnc#1012628). - USB: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485 (bnc#1012628). - USB: serial: cp210x: add ID for Ingenico 3070 (bnc#1012628). - USB: serial: option: add Telit ME910 ECM composition (bnc#1012628). - binder: create node flag to request sender's security context (bnc#1012628). - staging: erofs: fix mis-acted TAIL merging behavior (bnc#1012628). - cpufreq: Use struct kobj_attribute instead of struct global_attr (bnc#1012628). - commit 47a2a02 - KMPs: provide and conflict a kernel version specific KMP name (bsc#1127155, bsc#1109137). - commit 5568093 - Revert "Drop multiversion(kernel) from the KMP template (fate#323189)" (bsc#1109137). This reverts commit 71504d805c1340f68715ad41958e5ef35da2c351. - commit adade9f - config: disable BPFILTER_UMH on non-x86 architectures (bsc#1127188) CONFIG_BPFILTER_UMH depends on ability to compile and link a userspace binary so that it currently doesn't work in our kbuild check setups using a cross compiler. Disable the option on architectures where cross compiler is used (i.e. all except x86_64 and i386). - commit cfb8371 - KMPs: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137). - commit 821419f - Update to 5.0 final - Refresh configs - commit 8f71df2 ==== kubernetes ==== Subpackages: kubernetes-client kubernetes-common kubernetes-kubeadm kubernetes-kubelet - Add kubeadm-Support-Kernel-5.0-gh74355.patch so kubeadm supports Kernel 5.0+ ==== libaio ==== - riscv-support.patch: Add support for RISC-V ==== libgpg-error ==== Version update (1.35 -> 1.36) - Update to 1.36: * Two new error codes to better support PIV cards * Support armv7a-unknown-linux-gnueabihf ==== libmspack ==== Version update (0.9.1 -> 0.10.1) - Update to version 0.10.1 * Bugfix release, no functional changes - Update to version 0.10: * Fix Heap buffer overflow in chmd_read_headers() * Fix memory exhausted in chmd_read_headers() * Fix memory exhausted in oabd_decompress() ==== libseccomp ==== Version update (2.3.3 -> 2.4.0) - updated to 2.4.0 (bsc#1128828) - Update the syscall table for Linux v5.0-rc5 - Added support for the SCMP_ACT_KILL_PROCESS action - Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute - Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension - Added support for the parisc and parisc64 architectures - Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) - Return -EDOM on an endian mismatch when adding an architecture to a filter - Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() - Fix PFC generation when a syscall is prioritized, but no rule exists - Numerous fixes to the seccomp-bpf filter generation code - Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 - Numerous tests added to the included test suite, coverage now at ~92% - Update our Travis CI configuration to use Ubuntu 16.04 - Numerous documentation fixes and updates - now gpg signed, added key of Paul Moore from keyserver. ==== libselinux ==== Version update (2.8 -> 2.9) Subpackages: libselinux1 selinux-tools - Update to version 2.9 * Add security_reject_unknown(3) man page * Change matchpathcon usage to match with matchpathcon manpage * Do not define gettid() if glibc >= 2.30 is used * Fix RESOURCE_LEAK defects reported by coverity scan * Fix line wrapping in selabel_file.5 * Do not dereference symlink with statfs in selinux_restorecon * Fix overly strict validation of file_contexts.bin * Fix selinux_restorecon() on non-SELinux hosts * Fix the whatis line for the selinux_boolean_sub.3 manpage * Fix printf format string specifier for uint64_t * Fix handling of unknown classes/perms * Set an appropriate errno in booleans.c - Dropped python3.patch, is now upstream ==== libselinux-bindings ==== Version update (2.8 -> 2.9) - Update to version 2.9 * Add security_reject_unknown(3) man page * Change matchpathcon usage to match with matchpathcon manpage * Do not define gettid() if glibc >= 2.30 is used * Fix RESOURCE_LEAK defects reported by coverity scan * Fix line wrapping in selabel_file.5 * Do not dereference symlink with statfs in selinux_restorecon * Fix overly strict validation of file_contexts.bin * Fix selinux_restorecon() on non-SELinux hosts * Fix the whatis line for the selinux_boolean_sub.3 manpage * Fix printf format string specifier for uint64_t * Fix handling of unknown classes/perms * Set an appropriate errno in booleans.c - Dropped python3.patch, is now upstream ==== libsemanage ==== Version update (2.8 -> 2.9) - Update to version 2.9 * Always set errno to 0 before calling getpwent() * Include user name in ROLE_REMOVE audit events * genhomedircon - improve handling large groups * improve semanage_migrate_store import failure * reset umask before creating directories * set selinux policy root around calls to selinux_boolean_sub * use previous seuser when getting the previous name ==== libsepol ==== Version update (2.8 -> 2.9) - Update to version 2.9 * Add two new Xen initial SIDs * Check that initial sid indexes are within the valid range * Create policydb_sort_ocontexts() * Eliminate initial sid string definitions in module_to_cil.c * Rename kernel_to_common.c stack functions * add missing ibendport port validity check * destroy the copied va_list * do not call malloc with 0 byte * do not leak memory if list_prepend fails * do not use uninitialized value for low_value * fix endianity in ibpkey range checks * ibpkeys.c: fix printf format string specifiers for subnet_prefix * mark permissive types when loading a binary policy ==== libtirpc ==== Subpackages: libtirpc-netconfig libtirpc3 - Fix SLES 15 - yp_bind_client_create_v3: RPC: Unknown host (bsc#1126096). - Add upstream patch 0001-xdrstdio_create-buffers-do-not-output-encoded-values.patch ==== libunistring ==== - Add disable-broken-tests.patch in order to fix broken tests (bnc#1128460). ==== libx86emu ==== Version update (2.1 -> 2.2) - merge gh#wfeldt/libx86emu#14 - ops2: Add support for conditional move - ops2: Implement bswap - Add additional ops2 instructions - 2.2 ==== libzypp ==== Version update (17.11.2 -> 17.11.3) - KeyManager: Work around bsc#1127220 [libgpgme] no error upon incomplete import due to signal received. - MediaCurl: add hint to check SCC for an expired regcode on http error 403 (bsc#965786) - version 17.11.3 (9) ==== lua53 ==== Version update (5.3.4 -> 5.3.5) - Update to 5.3.5: (it is really problematic to find ANY documentation of changes between minor versions; the best we have is https://www.lua.org/bugs.html) - Long brackets with a huge number of '=' overflow some internal buffer arithmetic. - Small build tweaks. ==== lvm2 ==== Subpackages: liblvm2app2_2 liblvm2cmd2_02 - Use %make_build in order to provide verbose output. ==== mcstrans ==== Version update (2.8 -> 2.9) - Update to version 2.9 * Fix check in raw_color() * remove unused getpeercon_raw() call ==== mozilla-nss ==== Version update (3.41.1 -> 3.42.1) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs - update to NSS 3.42.1 * required by Firefox 66.0 New functionality * Support XDG basedir specification (bmo#818686) Notable changes * added some testcases from the Wycheproof project Bugs fixed * Reject invalid CH.legacy_version in TLS 1.3 (bmo#1490006) * A fix for Solaris where Firefox 60 core dumps during start when using profile from version 52 (bmo#1513913) ==== multipath-tools ==== Version update (0.7.9+111+suse.b4232b7 -> 0.7.9+139+suse.ed9d450) Subpackages: kpartx - Update to version 0.7.9+139+suse.ed9d450: * multipath-tools: Build: properly parse systemd's version - Add kmod(xyz) style dependencies for SLE15-SP1 (jsc#SLE-3853, fate#326579, bsc#1119414) - Update to version 0.7.9+138+suse.0edd0a2: - Include reviewed fixes from upstream * libmutipath: continue to use old state on PATH_PENDING * libmultipath: disable user_friendly_names for NetApp * multipath: blacklist zram devices * various fixes for martinal path code - Bug fixes: * multipathd: Fix miscounting active paths (bsc#1125043) * multipathd: avoid null pointer dereference in LOG_MSG (bsc#1127873) * minor fixes suggested by coverity (bsc#1127879) ==== ncurses ==== Subpackages: libncurses6 ncurses-utils terminfo terminfo-base - Add ncurses patch 20190323 + move macro for is_linetouched() inside NCURSES_NOMACROS ifndef. + corrected prototypes in several manpages using script to extract those in compilable form. + use _nc_copy_termtype2() rather than direct assignment in setupterm, in case it is called repeatedly using fallback terminfo descriptions (report/patch by Werner Fink). - Drop patch ncurses-6.1-fallback.dif as now upstream - Reintroduce patch ncurses-6.1-fallback.dif to fix boo#1130091 - Add ncurses patch 20190317 + regenerate llib-* files. + modify tic to also use new function for user-defined capability info. + modify _nc_parse_entry() to check if a user-defined capability has an unexpected type; ignore it in that case. + fix a special case of link-anchors in generated Ada html files. + use newer rel=author tag in generated html rather than rev=made, which did not become accepted. - Add ncurses patch 20190309 + in-progress changes to add parameter-checking for common user-defined capabilities in tic. + update MKcodes.awk and MKnames.awk to ignore the new "userdef" data in Caps-ncurses (cf: 20190302). - Add ncurses patch 20190223 + fix typo in adds200 -TD + add tic check for consistent alternate character set capabilities. + improve check in mvcur() to decide whether to use hard-tabs, using xt, tbc and hts as clues. + replace check in reset command for obsolete "pt" capability using tbc and hts capabilities as clues (report by Nicolas Marriott). ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Added latest upstream changes, including: * Fix output of node printing for multiple paths. * Fix printing of node database again. * Add Restart=on-failure option to iscsid.service * Fix node print return value when no nodes. Updating: * open-iscsi-SUSE-latest.diff.bz2 ==== open-lldp ==== Subpackages: liblldp_clif1 - Add gcc9-fix-werror.patch in order to fix bsc#1128299. - Adjust project URL as we're using the Intel's fork. - Use %license instead of %doc [bsc#1082318] ==== open-vm-tools ==== Version update (10.3.5 -> 10.3.10) Subpackages: libvmtools0 - Update to 10.3.10 (build 12406962) (boo#1130898) + Resolved - In certain cases, quiesced snapshots on Linux guests do not include backup manifests. - Drop unnecessary patch: - include_log_h_for_g_info.patch - no_manifest_on_aborted_snapshot.patch - send_vmbackup_event_generic_manifest.patch - vmtoolsd_bailout_on_rpc_errors.patch - Link VGAuthService to libxmlsec1 rather than libxml-security-c for SLES 15 and SLES 15 SP1. It requires libxmlsec1 to be available in the base. VGAuthService is already being linked with libxmlsec1 for SLES 12 SP4. (bsc#1122435) ==== openSUSE-build-key ==== - Fix previous commit - drop arm specific key again => ARM sub project is considered to be equal trustworthy ==== openldap2 ==== - Corrected moduleload back_mdb.la to get a working configuration right after package installation. ==== openssh ==== - Fix a double free() in the KDF CAVS testing tool (bsc#1065237) * modify openssh-7.7p1-cavstest-kdf.patch - Minor clean-up of the fips patches, modified openssh-7.7p1-fips.patch openssh-7.7p1-fips_checks.patch - Fix two race conditions in sshd relating to SIGHUP (bsc#1119183) * 0001-upstream-Fix-two-race-conditions-in-sshd-relating-to.patch ==== podman ==== Subpackages: podman-cni-config - Change default libpod.conf configuration file: use the runtimes section to allow users to specify different OCI runtimes. This allows user to choose which runtime to use on a per container basis. - Add 'apparmor-parser' to list of requires (boo#1123387) - Scriptlets contain sh-compatible code, so drop -p /bin/bash. ==== policycoreutils ==== Version update (2.8 -> 2.9) Subpackages: python3-policycoreutils - Update to version 2.9 * secon: free scon_trans before returning * audit2allow/sepolgen-ifgen: show errors on stderr * audit2allow: allow using audit2why as non-root user * chcat: use check_call instead of getstatusoutput * restorecon: add force option * semanage module: Fix handling of -a/-e/-d/-r options * semanage/seobject: Fix listing boolean values * semanage: Drop python shebang from seobject.py * semanage: Fix logger class definition * semanage: Include MCS/MLS range when exporting local customizations * semanage: Load a store policy and set the store SELinux policy root * semanage: Start exporting "ibendport" and "ibpkey" entries * semanage: Stop logging loginRecords changes * semanage: Stop rejecting aliases in semanage commands * semanage: Use standard argparse.error() method in handlePermissive * semanage: do not show "None" levels when using a non-MLS policy * semanage: import sepolicy only when it's needed * semanage: move valid_types initialisations to class constructors * sepolgen: close /etc/selinux/sepolgen.conf after parsing it * sepolgen: fix access vector initialization * sepolgen: fix refpolicy parsing of "permissive" * sepolgen: print all AV rules correctly * sepolgen: refpolicy installs its Makefile in include/Makefile * sepolgen: return NotImplemented instead of raising it * sepolgen: silence linter warning about has_key * sepolgen: use self when accessing members in FilesystemUse * sepolicy: Add sepolicy.load_store_policy(store) * sepolicy: Make policy files sorting more robust * sepolicy: Stop rejecting aliases in sepolicy commands * sepolicy: Update to work with setools-4.2.0 * sepolicy: add missing % in network tab help text * sepolicy: initialize mislabeled_files in __init__() * sepolicy: search() also for dontaudit rules * add xperms support to audit2allow * replace aliases with corresponding type names - Dropped python3.patch, upstream now ==== python-PyJWT ==== - Fix fdupes and test calls ==== python-PyYAML ==== Version update (3.13 -> 5.1) - Update to 5.1: * many changes, see CHANGES ==== python-certifi ==== Version update (2018.11.29 -> 2019.3.9) - Update to 2019.3.9: * Add emSign Root CA - G1 * Add emSign ECC Root CA - G3 * Add Hongkong Post Root CA 3 - Rebase python-certifi-shipped-requests-cabundle.patch ==== python-cffi ==== - Remove test suite exception which was fixed by 7a76a38153*.patch - Add doc/*/*.rst to %doc ==== python-decorator ==== Version update (4.3.2 -> 4.4.0) - Update to 4.4.0: * Fixed a regression with decorator factories breaking the case with no arguments by going back to the syntax used in version 4.2. ==== python-jsonpointer ==== Version update (1.14 -> 2.0) - Use noun phrase in descriptions. - Update to 2.0: * Fix typos in messages * Accept pointer as argument in commandline utility - Run tests ==== python-jsonschema ==== Version update (2.6.0 -> 3.0.1) - Update to 3.0.1: * Support for Draft 6 and Draft 7 * Draft 7 is now the default * New TypeChecker object for more complex type definitions (and overrides) * Falling back to isodate for the date-time format checker is no longer attempted, in accordance with the specification ==== python-msgpack ==== Version update (0.5.6 -> 0.6.1) - update to 0.6.1 * unpackb(data) configures max_*_len options from len(data), instead of static default sizes. * Unpacker(max_buffer_len=N) configures max_*_len options from N, instead of static default sizes. * max_bin_len, max_str_len, and max_ext_len are deprecated. * unpacker: Default value of input limits are smaller than before to avoid DoS attack * Unpacker doesn't wrap underlaying ValueError (including UnicodeError) into UnpackValueError. If you want to catch all exception during unpack, you need to use try ... except Exception with minimum try code block. * PackValueError and PackOverflowError are also removed. You need to catch normal ValueError and OverflowError. * Unpacker has strict_map_key option now. When it is true, only bytes and str (unicode in Python 2) are allowed for map keys. * Extension modules are merged. There is msgpack._cmsgpack instead of msgpack._packer and msgpack._unpacker. * Add Unpacker.getbuffer() method. * unpacker: msgpack.StackError is raised when input data contains too nested data * unpacker: msgpack.FormatError is raised when input data is not valid msgpack format. ==== python-packaging ==== Version update (17.1 -> 19.0) - Fix check that egg-info is a directory to work with %check enabled, and better explain how it works - Remove unnecessary build dependency on base - Re-add test dependency on pyparsing with minimum version defined upstream, and replace inline comment with GitHub issue URL - Add LICENSE.APACHE LICENSE.BSD to %license - Update to v19.0 * Fix string representation of PEP 508 direct URL requirements with markers. * Better handling of file URLs This allows for using ``file:///absolute/path``, which was previously prevented due to the missing ``netloc`` This allows for all file URLs that ``urlunparse`` turns back into the original URL to be valid - from v18.0 * Improve error messages when invalid requirements are given ==== python-psutil ==== Version update (5.5.1 -> 5.6.1) - Active test suite, using skip-test-missing-warnings.patch to explicitly skip 2 tests regarding warnings, skip-flaky-i586.patch to skip a flaky i586 test, and setting TRAVIS to skip tests which upstream doesnt run in their CI - Add upstream pr_1364.patch to fix reading /sys/blocks on Linux 4.18+ - Remove tests from installed package - Use URL https://github.com/giampaolo/psutil - Use LANG=en_US.UTF-8 in %check to avoid failure in test_pmap - update to version 5.6.1 * No changes effecting Linux * Many checks added to tests to skip tests for missing features - update to version 5.6.0: * Enhancements + 1379: [Windows] Process suspend() and resume() now use NtSuspendProcess and NtResumeProcess instead of stopping/resuming all threads of a process. This is faster and more reliable (aka this is what ProcessHacker does). + 1420: [Windows] in case of exception disk_usage() now also shows the path name. + 1422: [Windows] Windows APIs requiring to be dynamically loaded from DLL libraries are now loaded only once on startup (instead of on per function call) significantly speeding up different functions and methods. + 1426: [Windows] PAGESIZE and number of processors is now calculated on startup. + 1428: in case of error, the traceback message now shows the underlying C function called which failed. + 1433: new Process.parents() method. (idea by Ghislain Le Meur) + 1437: pids() are returned in sorted order. + 1442: python3 is now the default interpreter used by Makefile. * Bug fixes + 1353: process_iter() is now thread safe (it rarely raised TypeError). + 1394: [Windows] Process name() and exe() may erroneously return "Registry". QueryFullProcessImageNameW is now used instead of GetProcessImageFileNameW in order to prevent that. + 1411: [BSD] lack of Py_DECREF could cause segmentation fault on process instantiation. + 1419: [Windows] Process.environ() raises NotImplementedError when querying a 64-bit process in 32-bit-WoW mode. Now it raises AccessDenied. + 1427: [OSX] Process cmdline() and environ() may erroneously raise OSError on failed malloc(). + 1429: [Windows] SE DEBUG was not properly set for current process. It is now, and it should result in less AccessDenied exceptions for low-pid processes. + 1432: [Windows] Process.memory_info_ex()'s USS memory is miscalculated because we're not using the actual system PAGESIZE. + 1439: [NetBSD] Process.connections() may return incomplete results if using oneshot(). + 1447: original exception wasn't turned into NSP/AD exceptions when using Process.oneshot() ctx manager. * Incompatible API changes + 1291: [OSX] Process.memory_maps() was removed because inherently broken (segfault) for years. ==== python-pyzmq ==== Version update (17.1.2 -> 18.0.1) - update to version 18.0.1: * Fixes installation from source on non-unicode locales with Python 3. There are no code changes in this release. - specfile: * update copyright year - update to version 18.0.0: * Update bundled libzmq to 4.3.1 (fixes CVE-2019-6250) * Added :func:`~zmq.proxy_steerable` and :class:`zmq.devices.ProxySteerable` * Added bind_{in|out|mon}_to_random_port variants for proxy device methods * Performance improvements for sends with asyncio * Fix sending memoryviews/bytearrays with cffi backend - changes from version 17.1.3: * Fix compatibility with tornado 6 (removal of stack_context) ==== python-rpm-macros ==== Version update (20190221.08f1194 -> 20190315.d3034bf) - Update to version 20190315.d3034bf bsc#1128323: * Rewrite pytest and pytest_arch into Lua macros with multiple arguments. - Update to version 20190307.81ca329: * We should preserve existing PYTHONPATH. - bsc#1128323: Update to version 20190307.fbaed33 * Add --ignore to pytest calls to ignore build directories. ==== python-semanage ==== Version update (2.8 -> 2.9) - Update to version 2.9 * Always set errno to 0 before calling getpwent() * Include user name in ROLE_REMOVE audit events * genhomedircon - improve handling large groups * improve semanage_migrate_store import failure * reset umask before creating directories * set selinux policy root around calls to selinux_boolean_sub * use previous seuser when getting the previous name ==== python-tornado ==== - Fix fdupes macro expansion ==== python3 ==== - Return distutils-reproducible-compile.patch which is still missing (still unfinished bpo#29708). - Build nis module again. ==== python3-base ==== Subpackages: libpython3_7m1_0 - Remove building of Qt Develop help files. - Return distutils-reproducible-compile.patch which is still missing (still unfinished bpo#29708). - Build nis module again. ==== restorecond ==== Version update (2.8 -> 2.9) - Update to version 2.9 * Do not ignore the -f option * close the PID file if writing to it failed ==== slirp4netns ==== Version update (0.1+gitr54_39e87c0e6634 -> 0.3.0) - Update to 0.3.0 * QMP-like JSON API for exposing node ports (--api-socket) - Change _service to use releases instead of git commit references - Update to 0.3.0-beta1 * Support protecting 127.0.0.1 on the host (--disable-host-loopback) * Support specifying CIDR like 10.0.2.0/24 (--cidr) * Fix CVE-2019-6778 * Synced with QEMU upstream ==== snapper ==== Version update (0.8.2 -> 0.8.3) Subpackages: libsnapper4 - fixed seg.fault during rollback if the previous default subvolume is missing in the snapshot list (bsc#1130273) - version 0.8.3 ==== sqlite3 ==== Version update (3.26.0 -> 3.27.2) - SQLite 3.27.2: * Add the VACUUM INTO command * Issue an SQLITE_WARNING message on the error log if a double-quoted string literal is used * Add the remove_diacritics=2 option to FTS3 and FTS5. * Add the SQLITE_PREPARE_NO_VTAB option to sqlite3_prepare_v3(). Use that option to prevent circular references to shadow tables from causing resource leaks. * Enhancements to the sqlite3_deserialize() interface * Enhancements to the CLI, mostly to support testing and debugging of the SQLite library itself * Increased robustness against malicious SQL that is run against a maliciously corrupted database - drop sqlite3-btree02-100.patch ==== supportutils ==== Version update (3.1 -> 3.1.1) - Updated to version 3.1.1 + Fixed X missing /prob/fb error (bsc#1127069) + Fixed dasdview -f (bsc#1109664) + Clarified -t help description (bsc#1121043) + Fixed grep error in NTP when /etc/cron.d is empty (bsc#1127063) + Collects systemd journal with minimum install (bsc#1094225) + Supportconfig fails on bzip archives (bsc#1120049) + Get few drbd output & configuration #42 - Corrected missed SUSE separation lines - Fixed invalid exit code commands (bsc#1125666) - CVE-2018-19640: supportutils: Users can kill arbitrary processes (CVE-2018-19640 bsc#1118463) - User can overwrite arbitrary log files in support tar (CVE-2018-19638 bsc#1118460) - Code execution if run with -v (CVE-2018-19639 bsc#1118462) - Static temporary filename allows overwriting of files (CVE-2018-19637 bsc#1117776) - Included additional SUSE separation (bsc#1125609) - Merged added listing of locked packes by zypper #41 - Corrected spec file errors - Added firewall-cmd info - btrfs filesystem usage - Add ls -lA --time-style=long-iso /etc/products.d/ - Dump lsof errors - Added corosync status to ha_info - Clarified -x functionality in supportconfig(8) (bsc#1115245) - Dump find errors in ib_info - Exclude pam.txt per GDPR by default (bsc#1112461) - udev service and journal content (bsc#1051797) - supportconfig collects tuned profile settings (bsc#1071545) - sfdisk -d no disk device specified (bsc#1043311) - Added vulnerabilites check in basic-health.txt (bsc#1105849) - Added backup rpm database directory - Updated URLs in documentation - Added only sched_domain from cpu0 - Blacklist sched_domain from proc.txt (bsc#1046681) - Use %license instead of %doc [bsc#1082318] - Accounts for firewalld now (bsc#1079137) - Added dmesg taint seach - Removed mii-tool from networking - Updated HA to use chrony - Added kdumptool calibrate to crash.txt - Removed SLES_VER case for sles8,9 and 10 - Added tuned feature OPTION_TUNED tuned.txt (bsc#1071545) - Fixed udev service - Fixed no disk device with sfdisk (bsc#1078638) - Removed OPTION_SAM from man pages and resource file - Validated missing commands - Updated apparmor with systemctl service - Replaced deprecated networking commands (bsc#1078318) - Removed sam_info since suse_sam is no longer available - Assigned SLE15 to SLES_VER selections (bsc#1078168) - Includes X without display issue (bsc#1077813) - Fixes for Infiniband (bsc#1071294) - Using chrony for NTP (bsc#1077818) - Added os-release processing (bsc#1077758) - Removed invalid string tty string (bsc#1077681) - Added SLE15 taint values (bsc#1077683) - Added transactional update with OPTION_TRANSACTIONAL=1 - Updated supportconfig.conf.5 with OPTION_TRANSACTIONAL - Fixed docker package detection (bsc#1069457) - Replaced route with ip route (bsc#1070379) - Added systemd-delta to systemd.txt (bsc#1071924) - Changed repos -u to repos -d (bsc#1071926) - Added rdma-core for infiniband (bsc#1071294) - Branding updates fate#324067 - Fixed piped spelling error - Separated core supportconfig function into resources/supportconfig.rc - Removed virtualization functions - Removed OES functions - Removed eDirectory functions - Initial commit ==== suse-module-tools ==== Version update (15.1.11 -> 15.1.13) - Update to version 15.1.13: * spec file: add conflicts for dracut < 44.2 (bsc#1127891) - Update to version 15.1.12 (git 1ab0b84): * modprobe.conf.common: add csiostor->cxgb4 dependency (bsc#1100989) * Load fbcon together with virtio_gpu on s390 (bsc#1121996, fate#327159) ==== systemd ==== Version update (239 -> 241) Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Stop installing macros.systemd There're no points in installing this file if we remove it right after. - Make sure systemd-network.rules take precedence over our polkit-default-privs (bsc#1125438) - Include the SUSE version along with the major version of systemd $ systemctl --version systemd 241 (+suse.42.g15a1b4d58) Note that the SUSE version format maybe subject to change and as such scripts should not try to parse it. - systemd-mini: explicitly disable some of the systemd components For some reasons, some build requirements get pulled in for the mini variant now, enabling some parts of the code that were expected to be turned OFF. - Upgrade to v241 (commit 15a1b4d58f1d2bc9c21c7cbab6fe63b58e48bda1) ==== tar ==== Version update (1.30 -> 1.31) - Remove libattr-devel from buildrequires, tar no longer uses it but finds xattr functions in libc. - update to version 1.31 * Fix heap-buffer-overrun with --one-top-level, bug introduced with the addition of that option in 1.28 * Support for zstd compression * New option '--zstd' instructs tar to use zstd as compression program. When listing, extractng and comparing, zstd compressed archives are recognized automatically. When '-a' option is in effect, zstd compression is selected if the destination archive name ends in '.zst' or '.tzst'. * The -K option interacts properly with member names given in the command line. Names of members to extract can be specified along with the "-K NAME" option. In this case, tar will extract NAME and those of named members that appear in the archive after it, which is consistent with the semantics of the option. Previous versions of tar extracted NAME, those of named members that appeared before it, and everything after it. * Fix CVE-2018-20482 - When creating archives with the --sparse option, previous versions of tar would loop endlessly if a sparse file had been truncated while being archived. - remove the following patches (upstreamed) * tar-1.30-tests-difflink.patch * tar-1.30-tests_dirrem_race.patch - refresh add_readme-tests.patch - add tar-1.31-tests_dirrem.patch to fix expected output in dirrem tests - add tar-1.31-racy_compress_tests.patch to fix compression tests ==== timezone ==== Version update (2018i -> 2019a) - timezone update 2019a: * Palestine "springs forward" on 2019-03-30 instead of 2019-03-23 * Metlakatla "fell back" to rejoin Alaska Time on 2019-01-20 at 02:00 * Israel observed DST in 1980 (08-02/09-13) and 1984 (05-05/08-25) * zic now has an -r option to limit the time range of output data ==== transactional-update ==== Version update (2.13.2 -> 2.14.1) Subpackages: transactional-update-zypp-config - Update to version 2.14.1 - Improve non-root fs changes checker based on feedback - Disable snapper's zypper plugin during transactional-update run - Allow parallel installation with snapper's zypper plugin (useful on read-write systems). - Update to version 2.14 - Warn user if contents of /var have been changed during update - Noteworthy: swapped position of upperdir and lowerdir in fstab for better readability - Major update to the transactional-update guide ==== ucode-intel ==== Version update (20180807a -> 20190312) - Update to 20190312 release (bsc#1129231) - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- new platforms ---------------------------------------- - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2 Core Gen9 Desktop - CFL-H R0 6-9e-d/22 000000b0 Core Gen9 Mobile - ---- updated platforms ------------------------------------ - HSX-E/EP Cx/M1 6-3f-2/6f 0000003d->00000041 Core Gen4 X series; Xeon E5 v3 - HSX-EX E0 6-3f-4/80 00000012->00000013 Xeon E7 v3 - SKX-SP H0/M0/U0 6-55-4/b7 0200004d->0000005a Xeon Scalable - SKX-D M1 6-55-4/b7 0200004d->0000005a Xeon D-21xx - BDX-DE V1 6-56-2/10 00000017->00000019 Xeon D-1520/40 - BDX-DE V2/3 6-56-3/10 07000013->07000016 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 - BDX-DE Y0 6-56-4/10 0f000012->0f000014 Xeon D-1557/59/67/71/77/81/87 - BDX-NS A0 6-56-5/10 0e00000a->0e00000c Xeon D-1513N/23/33/43/53 - APL D0 6-5c-9/03 00000032->00000036 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx - APL E0 6-5c-a/03 0000000c->00000010 Atom x5/7-E39xx - GLK B0 6-7a-1/01 00000028->0000002c Pentium Silver N/J5xxx, Celeron N/J4xxx - KBL-U/Y H0 6-8e-9/c0 0000008e->0000009a Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 00000096->0000009e Core Gen8 Mobile - KBL-H/S/E3 B0 6-9e-9/2a 0000008e->0000009a Core Gen7; Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 00000096->000000aa Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 0000008e->000000aa Core Gen8 ==== update-alternatives ==== - my attempt to rewrite %post in lua (bsc#1129036) ==== vim ==== Version update (8.1.0892 -> 8.1.1066) Subpackages: vim-data-common - Updated to version 8.1.1066, fixes the following problems * Test fails because t_F2 is not set. * Repeated code in quickfix support. * Using closure may consume a lot of memory. * Lua interface leaks memory. * Indent from autoindent not removed from blank line. (Daniel Hahler) * Memory leak with E461. * Quickfix buffer shows up in list, can't get buffer number. * Off-by-one error in filetype detection. * Window cleared when entering Terminal-Normal twice. (Epheien) * Lua: may garbage collect function reference in use. * Compiler warning for Python3 interface. * pyeval() and py3eval() leak memory. * May use NULL pointer when out of memory. (Coverity) * May use NULL pointer when indexing a blob. (Coverity) * Stray log calls in terminal code. (Christian Brabandt) * Checking NULL pointer after addition. (Coverity) * Unused condition. (Coverity) * Memory usage test sometimes fails. * DirectWrite doesn't take 'linespace' into account. * Quickfix function arguments are inconsistent. * Memory usage test may still fail. * Warnings from clang static analyzer. (Yegappan Lakshmanan) * Memory usage test may still fail on some systems. (Elimar Riesebieter) * Too many #ifdefs. * prop_remove() second argument is not optional. * Quickfix function arguments are inconsistent. * Memory usage test may still fail on some systems. * Arabic support excludes Farsi. * FEAT_TAG_ANYWHITE is not enabled in any build. * Test for Arabic no longer needed. * The paste test doesn't work properly in the Windows console. * Lua interface does not support Blob. * No way to check the reference count of objects. * E315 ml_get error when using Python and hidden buffer. * the "secure" variable is used inconsistently. (Justin M. Keyes) * WINCH signal is not tested. * Minor issues with tests. * When user tries to exit with CTRL-C message is confusing. * Blank srceen when DirectWrite failed. * Not all ways to switch terminal mode are tested. * test for CTRL-C message sometimes fails * Warning for missing return statement. (Dominique Pelle) * Not checking return value of ga_grow(). (Coverity) * CTRL-G U in Insert mode doesn't work to avoid splitting the undo sequence for shift-left and shift-right. * No eval function for Ruby. * Memory usage test may still fail on some systems. always used. * When substitute string throws error, substitute happens anyway. * Quickfix code is repeated. * Insufficient testing for wildmenu completion. * No test for output conversion in the GTK GUI. * No test for using and deleting menu in the GUI. * VIMDLL isn't actually used. - apparmor.vim: add network 'xdp' keyword - Updated to version 8.1.1005, fixes the following problems - vim-8.1.0297-dump3.patch - disabled another flakky test * Failure when closing a window when location list is in use. * Terminal test is a bit flaky. * Tests for restricted mode no run for MS-Windows GUI. * Can modify a:000 when using a reference. * A messed up rgb.txt can crash Vim. (Pavel Cheremushkin) * No need to check restricted mode for setwinvar(). * Index in getjumplist() may be wrong. (Epheien) * Incomplete set of assignment operators. * Struct uses more bytes than needed. * USE_LONG_FNAME never defined. * Complicated regexp causes a crash. (Kuang-che Wu) * Using clumsy way to get console window handle. * CI tests on AppVeyor are failing. * Can't handle large value for %{nr}v in regexp. (Kuang-che Wu) * Crash with tricky search pattern. (Kuang-che Wu) * Tag line with Ex command cannot have extra fields. * CI crashes when running out of memory. * Code related to findfile() is spread out. * fsync() may not work properly on Mac. * With Python 3.7 "find_module" is not made available. * Double free when running out of memory. * Compiler warnings. * In Terminal-Normal mode job output messes up the window. * Terminal test sometimes fails; using memory after free. * Terminal scrollback test is flaky. * Terminal dump diff swap does not update file names. * Terminal scrollback test still flaky. * Terminal scrollback test still still flaky. * No test for :wnext, :wNext and :wprevious. * USE_CR is never defined. * Stray log function call. * No error when requesting ConPTY but it's not available. * Typo in Makefile. * vtp_working included in GUI build but unused. * Farsi support is outdated and unused. * When using VTP scroll region isn't used properly. * Invalid memory access in search pattern. (Kuang-che Wu) * Old regexp engine may use invalid buffer for 'iskeyword' or uninitialized buffer pointer. (Kuang-che Wu) * May leak memory when using 'vartabstop'. (Kuang-che Wu) * Invalid memory access in search pattern. (Kuang-che Wu) * Background color is wrong in MS-Windows console when not using VTP. * No completion for sign group names. * Options window still checks for the multi_byte feature. * Still a trace of Farsi support. * Format of nbdbg() arguments is not checked. * Internal error when using pattern with NL in the range. * Coveralls is not very useful. * When built without +eval "Vim --clean" produces errors. (James McCoy) * Using :python sets 'pyxversion' even when not executed. * Compilation warnings when building the MS-Windows installer. * A very long file is truncated at 2^31 lines. * Arguments of semsg() and siemsg() are not checked. * Matchit autoload directory not in installer. (Chris Morgan) * Using context:0 in 'diffopt' does not work well. * Compiling weird regexp pattern is very slow. * Sorting large numbers is not tested and does not work properly. * When using ConPTY garbage collection has undefined behavior. * Building with MinGW and static libs doesn't work. (Salman Halim) * Illegal memory access when using 'incsearch'. * Cannot see in CI why a screenshot test failed. * Search test fails. * One terminal test is flaky. * Stray dependency in test Makefile. * Crash when using search pattern \%Ufffffc23. * Message written during startup is truncated. * Text properties test fails when 'encoding' is not utf-8. * Failure for selecting quoted text object moves cursor. * Cannot switch from terminal window to next tabpage. * Pattern with syntax error gives threee error messages. (Kuang-che Wu) * Cannot switch from terminal window to previous tabpage. * Using STRNCPY() wrongly. Warning for uninitialized variable. * Dosinstall still has buffer overflow problems. * Blob not tested with Ruby. * Blob not tested with Perl. * Compiler warning for unused functions. (Yasuhiro Matsumoto) * extend() insufficiently tested. * Pasting in terminal insufficiently tested. * update_cursor() called twice in :shell. * Checking __CYGWIN32__ unnecessarily. * Unnecessary #ifdefs. * Crash with large number in regexp. (Kuang-che Wu) * rename() is not propertly tested. * Unnecessary condition in #ifdef. * Deleting a location list buffer breaks location list window functionality. * Various small code ugliness. * Floating point exception with "%= 0" and "/= 0". * Cannot build with FEAT_EVAL defined and FEAT_SEARCH_EXTRA undefined, and with FEAT_DIFF defined and FEAT_EVAL undefined. * A :normal command while executing a register resets the reg_executing() result. * ch_read() may return garbage if terminating NL is missing. * Relative cursor position is not calculated correctly. * A getchar() call while executing a register resets the reg_executing() result. * A few screendump tests fail because of scrolling. * Using GUI colors in vim.exe when 'termguicolors' is off. * getcurpos() unexpectedly changes "curswant". * Use register one too often and not properly tested. * Indenting is off. * Visual area not correct when using 'cursorline'. * "gf" does not always work when URL has a port number. (Jakob Schöttl) * Playing back recorded key sequence mistakes key code. * Function "luaV_setref()" not covered with tests. * Test fails because t_F2 is not set. ==== xen ==== Version update (4.12.0_02 -> 4.12.0_07) - bsc#1130485 - Please drop Requires on multipath-tools in xen-tools. Now using Recommends multipath-tools. xen.spec - Update to Xen 4.12.0 RC7 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Update to Xen 4.12.0 RC6 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - bsc#1026236 - add Xen cmdline option "suse_vtsc_tolerance" to avoid TSC emulation for HVM domUs if their expected frequency does not match exactly the frequency of the receiving host xen.bug1026236.suse_vtsc_tolerance.patch - Update to Xen 4.12.0 RC5 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - jsc#SLE-3059 - Disable Xen auto-ballooning - Add CONFIG_DOM0_MEM to the spec file for managing dom0 memory. xen.spec - Disable autoballooning in xl.con xl-conf-disable-autoballoon.patch - Update gcc9-ignore-warnings.patch to fix build in SLE12 - bsc#1126325 - fix crash in libxl in error path Setup of grant_tables and other variables may fail libxl.prepare-environment-for-domcreate_stream_done.patch - bsc#1127620 - Documentation for the xl configuration file allows for firmware=pvgrub64 but we don't ship pvgrub64. Create a link from grub.xen to pvgrub64 xen.spec - Update to Xen 4.12.0 RC4 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 - Tarball also contains additional post RC4 security fixes for Xen Security Advisories 287, 288, and 290 through 294. - Update to Xen 4.12.0 RC3 release (fate#325107, fate#323901) xen-4.12.0-testing-src.tar.bz2 ==== yast2 ==== Version update (4.1.61 -> 4.1.67) - Firewall: Zone name has been removed from the common attributes declaration as it cannot be modified through the firewalld API. (bsc#1130354) - 4.1.67 - Require tar as a dependency for yast2-logs (bsc#1125142). - 4.1.66 - Fixed evaluating the base product, the same products with the available and selected status must be treated as duplicate products (bsc#1129257) - 4.1.65 - Process the "specialproduct" value like a linuxrc parameter (ignore "-_." characters, ignore case) (bsc#1128901) - 4.1.64 - Fix how a product features is read in a running system. - Update default path for base product licenses (fate#324053, jsc#SLE-4173). - 4.1.63 - Fixed product filtering in product_reader.rb, fixes problem when upgrading SLE15-SP1 to SLE15-SP1 (usually used to fix a broken system) (bsc#1128459) - 4.1.62 ==== zlib ==== - Try to safely abort if we get NULL ptr bsc#1110304 bsc#1129576: * zlib-power8-fate325307.patch ==== zypper ==== Version update (1.14.26 -> 1.14.27) - Add Requires: libaugeas0 >= 1.10.0 (fixes #265) - bash-completion: add package completion for addlock (bsc#1047962) - bash-completion: fix incorrect detection of command names (bsc#1049826) - version 1.14.27