Packages changed: alsa alsa-utils bash busybox ebtables freerdp (2.0.0 -> 2.1.0) gdb krb5 libjansson (2.12 -> 2.13.1) libstorage-ng (4.3.5 -> 4.3.12) libvirt (6.2.0 -> 6.3.0) nftables obs-service-tar_scm (0.10.14.1584463383.06b0455 -> 0.10.15.1588842879.5c43eef) openldap2 (2.4.49 -> 2.4.50) python-libvirt-python (6.2.0 -> 6.3.0) qemu qemu-linux-user salt sudo (1.9.0rc2 -> 1.9.0rc4) yast2 (4.2.83 -> 4.2.84) yast2-add-on (4.2.15 -> 4.3.0) yast2-auth-client (4.2.4 -> 4.3.0) yast2-bootloader (4.2.22 -> 4.3.1) yast2-configuration-management (4.2.4 -> 4.3.0) yast2-country (4.2.18 -> 4.3.0) yast2-dhcp-server (4.2.3 -> 4.3.0) yast2-dns-server (4.2.4 -> 4.3.0) yast2-firewall (4.2.4 -> 4.3.0) yast2-firstboot (4.2.14 -> 4.3.0) yast2-ftp-server (4.2.4 -> 4.3.0) yast2-installation (4.2.41 -> 4.2.42) yast2-packager (4.2.62 -> 4.3.0) yast2-sound (4.2.4 -> 4.3.0) === Details === ==== alsa ==== Subpackages: libasound2 libasound2-32bit libatopology2 - Revert a problematic namehint change (boo#1171044) - Backport upstream fixes: fixes for PCM rate plugin, draining fix, topology parameter parser fix, USB device name for UCM: 0017-pcm-rate-fix-the-remaining-size-calculation-in-snd_p.patch 0018-use-case.h-add-USB-as-allowed-device-name.patch 0019-topology-Use-bool-parser-to-parse-boolean-value.patch 0020-fix-infinite-draining-of-the-rate-plugin-in-SND_PCM_.patch 0021-test-pcm_min-add-snd_pcm_drain-call-and-indentation-.patch ==== alsa-utils ==== - Backport upstream fixes: some improvements in alsa-info.sh: 0005-alsa-info.sh-add-ALT-to-DISTRO-list.patch 0006-alsa-info-initial-rpm-deb-package-info.patch 0007-alsa-info.sh-increase-version-to-0.4.65.patch ==== bash ==== Subpackages: bash-doc bash-lang - Fix usage of update-alternatives ==== busybox ==== - Re-add modutils - Set last ID to 65533, else nobody cannot be created - Merge config of default, -container and -static to be able to drop -container variant ==== ebtables ==== Subpackages: libebtc0 - Revert last /bin/bash -> /bin/sh change - Use /bin/sh for ebtables.systemd - Don't hard require systemd, we don't need that in a container ==== freerdp ==== Version update (2.0.0 -> 2.1.0) Subpackages: libfreerdp2 libwinpr2 - Updated to release 2.1.0 * Fixed CVEs: - CVE-2020-11039 - CVE-2020-11038 - CVE-2020-11043 - CVE-2020-11040 - CVE-2020-11041 - CVE-2020-11019 - CVE-2020-11017 - CVE-2020-11018 * Fixed leak and crashing issues: - gh#FreeRDP/FreeRDP#6129 - gh#FreeRDP/FreeRDP#6128 - gh#FreeRDP/FreeRDP#6127 - gh#FreeRDP/FreeRDP#6110 - gh#FreeRDP/FreeRDP#6081 - gh#FreeRDP/FreeRDP#6077 * Noteworthy features and improvements: - Fixed sound issues (gh#FreeRDP/FreeRDP#6043) - New expert command line options /tune and /tune-list to modify all client settings in a generic way. - Fixes for smartcard cache, this improves compatibility of smartcard devices with newer smartcard channel. - Shadow server can now be instructed to listen to multiple interfaces. - Improved server certificate support (gh#FreeRDP/FreeRDP#6052) - Various fixes for wayland client (fullscreen, mouse wheel, ...) - Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible. - USB redirection command line improvements (filter options) - Various translation improvements for android and ios clients - Removed upstream patches fix-freerdp-2.0.0-usbdk-build.patch and fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch ==== gdb ==== - Fix .debug_types problems [swo#24480, swo#25889, bsc#1168394]. - gdb-fix-range-loop-index-in-find_method.patch - gdb-fix-toplevel-types-with-fdebug-types-section.patch ==== krb5 ==== Subpackages: krb5-32bit krb5-client - Use %_tmpfilesdir instead of the wrong %_libexecdir/tmpfiles.d notation: libexecdir is likely changing away from /usr/lib to /usr/libexec. ==== libjansson ==== Version update (2.12 -> 2.13.1) Subpackages: libjansson4 libjansson4-32bit - Update to 2.13.1 * New Features: - Add jansson_version_str() and jansson_version_cmp() for runtime version checking - Add json_object_update_new(), json_object_update_existing_new() and json_object_update_missing_new() functions - Add json_object_update_recursive() * Bug fixes: - Add infinite loop check in json_deep_copy() - Enhance JANSSON_ATTRS macro to support earlier C standard(C89) - Update version detection for sphinx-build * Documentation improvements ==== libstorage-ng ==== Version update (4.3.5 -> 4.3.12) Subpackages: libstorage-ng-lang libstorage-ng-ruby libstorage-ng1 - merge gh#openSUSE/libstorage-ng#736 - added sanity checks - improved exception messages - coding style - 4.3.12 - merge gh#openSUSE/libstorage-ng#735 - merge gh#openSUSE/libstorage-ng#734 - merge gh#openSUSE/libstorage-ng#732 - merge gh#openSUSE/libstorage-ng#717 - merge gh#openSUSE/libstorage-ng#715 - track device block size when creating an Md RAID (bsc#1164295) - simplify combining disks with different block sizes into RAID (bsc#1164295) - add block_size check for Md::add_device() - update doc on RAID block size - ignore clusterd VGs also in vgchange command (bsc#1161775) - ignore umount/swapoff failure if it looks inactive already (bsc#1168615) - fixed typo - added integration tests - 4.3.11 - merge gh#openSUSE/libstorage-ng#733 - coding style - 4.3.10 - merge gh#openSUSE/libstorage-ng#731 - probe partition label and uuid on gpt partitions - coding style - avoid saving empty topology - remove deprecated size-k values - fixed typo - probe partition uuid and label - 4.3.9 - merge gh#openSUSE/libstorage-ng#730 - updated documentation - added const - 4.3.8 - merge gh#openSUSE/libstorage-ng#729 - added views/filters for devicegraphs - probe snapshot relationship between lvm logical volumes - added functions to query snapshot relationships - make utils show unfiltered devicegraph - work on probing lvm snapshots - 4.3.7 - merge gh#openSUSE/libstorage-ng#728 - support LVM mirror volumes - support probing LVM mirror volumes - 4.3.6 ==== libvirt ==== Version update (6.2.0 -> 6.3.0) Subpackages: libvirt-bash-completion libvirt-client libvirt-daemon libvirt-daemon-driver-interface libvirt-daemon-driver-libxl libvirt-daemon-driver-lxc libvirt-daemon-driver-network libvirt-daemon-driver-nodedev libvirt-daemon-driver-nwfilter libvirt-daemon-driver-qemu libvirt-daemon-driver-secret libvirt-daemon-driver-storage libvirt-daemon-driver-storage-core libvirt-daemon-driver-storage-disk libvirt-daemon-driver-storage-gluster libvirt-daemon-driver-storage-iscsi libvirt-daemon-driver-storage-iscsi-direct libvirt-daemon-driver-storage-logical libvirt-daemon-driver-storage-mpath libvirt-daemon-driver-storage-rbd libvirt-daemon-driver-storage-scsi libvirt-daemon-lxc libvirt-daemon-qemu libvirt-daemon-xen libvirt-libs - Xen: Fix connection when host uses modular daemons d677de9d-libxl-fix-driver-name-check.patch, d218a9c2-libxl-xen-driver-tables.patch, 836ea91d-libxl-xenlight-internal.patch, 57687260-xen-doc-improvements.patch boo#1171113 - Update to libvirt 6.3.0 - Many incremental improvements and bug fixes, see https://libvirt.org/news.html - Dropped patches: 88011ed2-libxl-driver-crash-fix.patch, 8e669b38-conf-add-event-channels.patch, a93f55c5-libxl-add-event-channels.patch, 967f4eeb-xenconfig-event-channels.patch, 93b15ba0-qemu-fix-hang-in-p2p-xbzrle-compression-parallel-mig.patch, b7d6648d-conf-add-e820-host.patch, 5749395b-libxl-e820-host.patch, f3ef7daf-xenconfig-e820-host.patch, 34077c1b-tests-check-e820-host.patch, fadbaa23-conf-add-passthrough.patch, 9529e007-libxl-passthrough.patch, 9cb8bc6f-xenconfig-refactor-features.patch, b523e225-xenconfig-passthrough.patch, bed32525-tests-check-passthrough.patch ==== nftables ==== Subpackages: libnftables1 - Add anonset-crashfix.patch [boo#1171321] ==== obs-service-tar_scm ==== Version update (0.10.14.1584463383.06b0455 -> 0.10.15.1588842879.5c43eef) Subpackages: obs-service-obs_scm obs-service-obs_scm-common - Update to version 0.10.15.1588842879.5c43eef: * dist: Convert to multibuild; run test suite in a separate flavor - Update to version 0.10.15.1588146746.5cfeeb8: * fix #boo 1168573 (obsservicerun,obsrun) not exists in client side installation * Update debian/changelog for latest version * Helpers: when a command fail, print the command itself too with its output * git: add support for @PARENT_TAG@ in revision * Fix build on non-openSUSE distro ==== openldap2 ==== Version update (2.4.49 -> 2.4.50) Subpackages: libldap-2_4-2 libldap-2_4-2-32bit libldap-data openldap2-client openldap2-devel - updated to 2.4.50 - added 0014-ITS-8650-fix-debug-usage.patch - enabled new contrib overlay pw-argon2 - replaced FTP by HTTPS download URL for source - removed 0009-Fix-ldap-host-lookup-ipv6.patch (see bsc#1171127) OpenLDAP 2.4.50 Release (2020/04/28) Fixed client benign typos (ITS#8890) Fixed libldap type cast (ITS#9175) Fixed libldap retry loop in ldap_int_tls_connect (ITS#8650) Fixed libldap_r race on Windows mutex initialization (ITS#9181) Fixed liblunicode memory leak (ITS#9198) Fixed slapd benign typos (ITS#8890) Fixed slapd to limit depth of nested filters (ITS#9202) Fixed slapd-mdb memory leak in dnSuperiorMatch (ITS#9214) Fixed slapo-pcache database initialization (ITS#9182) Fixed slapo-ppolicy callback (ITS#9171) Build Fix olcDatabaseDummy initialization for windows (ITS#7074) Fix detection for ws2tcpip.h for windows (ITS#8383) Fix back-mdb types for windows (ITS#7878) Contrib Update ldapc++ config.guess and config.sub to support newer architectures (ITS#7855) Added pw-argon2 module (ITS#9233, ITS#8575, ITS#9203, ITS#9206) Documentation slapd-ldap(5) - Clarify idassert-authzfrom behavior (ITS#9003) slapd-meta(5) - Remove client-pr option (ITS#8683) slapdinex(8) - Fix truncate option information for back-mdb (ITS#9230) ==== python-libvirt-python ==== Version update (6.2.0 -> 6.3.0) - Update to 6.3.0 - Add all new APIs and constants in libvirt 6.3.0 ==== qemu ==== Subpackages: qemu-arm qemu-block-curl qemu-block-dmg qemu-block-gluster qemu-block-iscsi qemu-block-nfs qemu-block-rbd qemu-block-ssh qemu-extra qemu-guest-agent qemu-ipxe qemu-ksm qemu-kvm qemu-lang qemu-microvm qemu-ppc qemu-s390 qemu-seabios qemu-sgabios qemu-tools qemu-ui-curses qemu-ui-gtk qemu-ui-sdl qemu-ui-spice-app qemu-vgabios qemu-vhost-user-gpu qemu-x86 - Fix DoS in virtiofsd, where a FUSE client could exhaust the number of available open files on the host (CVE-2020-10717 bsc#1171110) virtiofsd-add-rlimit-nofile-NUM-option.patch virtiofsd-stay-below-fs.file-max-sysctl-.patch - Add more fixes for gcc10 compatibility: Use NO_WERROR=1 when building ipxe sources, at least until we get gcc10 compatibility figured out. Also add patch for explicitly using -fcommon (boo#1171140) Be-explicit-about-fcommon-compiler-direc.patch and fix for tighter enum compatibility checking (boo#1171139) add-enum-cast-to-avoid-gcc10-warning.patch and a work around for what seems to be a compiler regression (boo#1171123) work-around-gcc10-problem-with-zero-leng.patch ==== qemu-linux-user ==== - Fix DoS in virtiofsd, where a FUSE client could exhaust the number of available open files on the host (CVE-2020-10717 bsc#1171110) virtiofsd-add-rlimit-nofile-NUM-option.patch virtiofsd-stay-below-fs.file-max-sysctl-.patch - Add more fixes for gcc10 compatibility: Use NO_WERROR=1 when building ipxe sources, at least until we get gcc10 compatibility figured out. Also add patch for explicitly using -fcommon (boo#1171140) Be-explicit-about-fcommon-compiler-direc.patch and fix for tighter enum compatibility checking (boo#1171139) add-enum-cast-to-avoid-gcc10-warning.patch and a work around for what seems to be a compiler regression (boo#1171123) work-around-gcc10-problem-with-zero-leng.patch ==== salt ==== Subpackages: python3-salt salt-master salt-minion - Python 3.8 compatibility changes - msgpack support for version >= 1.0.0 (bsc#1171257) - Added: * python3.8-compatibility-pr-s-235.patch * msgpack-support-versions-1.0.0.patch - Prevent sporious "salt-api" stuck processes when managing SSH minions because of logging deadlock (bsc#1159284) - Avoid segfault from "salt-api" under certain conditions of heavy load managing SSH minions (bsc#1169604) - Added: * prevent-logging-deadlock-on-salt-api-subprocesses-bs.patch * make-lazyloader.__init__-call-to-_refresh_file_mappi.patch ==== sudo ==== Version update (1.9.0rc2 -> 1.9.0rc4) - Update to 1.9.0rc4 * Various spelling fixes. Bug #925. * The struct passwd passed to PAM session modules is now looked up by user name, not user-ID, when possible. Fixes a problem with the pam_limits module and configurations where multiple user names share the same ID. Debian bug #734752. * Sudo command line options that take a value may only be specified once. This is to help guard against problems caused by poorly written scripts that invoke sudo with user-controlled input. Bug #924. - Update to 1.9.0rc3 * The sudo-logsrvd package now installs a systemd service on Linux distros that use systemd. * The I/O plugin is now closed before the policy plugin on command exit. * When copying the edited files to the original path, sudoedit now allocates any additional space needed before writing. Previously, it could truncate the destination file if the file system was full. Bug #922. * Fixed a compilation issue with Python 3.8. * Changed how TLS connections are made to the log server. Instead of using a starttls type approach where TLS and plaintext connections share the same point we now use separate ports for plaintext and TLS connections. A (tls) flag can be specified after the host:port to indicate that the connection should be secured with TLS. This avoids a potention man-in-the-middle attack that could cause the connection to be forced into plaintext mode. Unfortunately, this change breaks compatibility with the previous release candidates. ==== yast2 ==== Version update (4.2.83 -> 4.2.84) Subpackages: yast2-logs - AutoYaST: Cleanup/improve issue handling (bsc#1171335). - 4.2.84 ==== yast2-add-on ==== Version update (4.2.15 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-auth-client ==== Version update (4.2.4 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-bootloader ==== Version update (4.2.22 -> 4.3.1) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.1 - Set the AutoInstClonable attribute in the desktop file(related to bsc#1171356). - 4.3.0 ==== yast2-configuration-management ==== Version update (4.2.4 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-country ==== Version update (4.2.18 -> 4.3.0) Subpackages: yast2-country-data - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-dhcp-server ==== Version update (4.2.3 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-dns-server ==== Version update (4.2.4 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-firewall ==== Version update (4.2.4 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-firstboot ==== Version update (4.2.14 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-ftp-server ==== Version update (4.2.4 -> 4.3.0) - Autoyast schema: Allow optional types for string and map objects (bsc#1170886) - 4.3.0 ==== yast2-installation ==== Version update (4.2.41 -> 4.2.42) - Restore missing icons for ssh import and image deployment auto clients (bsc#1168123). - 4.2.42 ==== yast2-packager ==== Version update (4.2.62 -> 4.3.0) - bnc#1166661 - do not crash on empty system_packages_repos.yaml - 4.3.0 ==== yast2-sound ==== Version update (4.2.4 -> 4.3.0) bnc#1170224 - fixed sound card database creation - patch by lpechacek@suse.com - 4.3.0