Packages changed: brotli (1.0.7 -> 1.0.9) gpg2 (2.2.21 -> 2.2.23) patterns-microos podman (2.0.5 -> 2.0.6) read-only-root-fs xen === Details === ==== brotli ==== Version update (1.0.7 -> 1.0.9) Subpackages: libbrotlicommon1 libbrotlidec1 - Add 0001-Revert-Add-runtime-linker-path-to-pkg-config-files-7.patch - Update to 1.0.9 * Fix integer overflow when input chunk is longer than 2GiB [boo#1175825] * `brotli -v` now reports raw / compressed size * decoder: minor speed / memory usage improvements * encoder: fix rare access to uninitialized data in ring-buffer - Drop brotli_Ensure-decompression-consumes-all-input.patch, brotli_Verbose-CLI+Shared-Brotli.patch (merged) ==== gpg2 ==== Version update (2.2.21 -> 2.2.23) - GnuPG 2.2.23: * gpg: fix AHEAD preference list overflow boo#1176034 / CVE-2020-25125 * gpg: fix possible segv in the key cleaning code * gpgsm: fix a minor RFC2253 parser gub * scdaemon: Fix a PIN verify failure on certain OpenPGP card implementations - GnuPG 2.2.22: * gpg: Change the default key algorithm to rsa3072 * gpg: Add regular expression support for Trust Signatures on all platforms * gpg: Ignore --personal-digest-prefs for ECDSA keys * gpgsm: Make rsaPSS a de-vs compliant scheme * gpgsm: Show also the SHA256 fingerprint in key listings * gpgsm: Do not require a default keyring for --gpgconf-list * gpg-agent: Default to extended key format and record the creation time of keys Add new option --disable-extended-key-format * gpg-agent: Support the WAYLAND_DISPLAY envvar * gpg-agent: Allow using --gpgconf-list even if HOME does not exist * gpg-agent: Make the Pinentry work even if the envvar TERM is set to the empty string * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which wrongly incremented the error counter when using the "verify" command of "gpg --edit-key" with only the signature key being present * dirmngr: Better handle systems with disabled IPv6 * gpgpslit: Install tool. It was not installed in the past to avoid conflicts with the version installed by GnuPG 1.4 * gpgtar: Make --files-from and --null work as documented - drop gnupg-gpgme-t-encrypt-sym.patch, upstream ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap - Remove vim as we use now vim-small - Add lvm2 and nvme-cli to the medium as YaST may need them [bsc#1175841] ==== podman ==== Version update (2.0.5 -> 2.0.6) Subpackages: podman-cni-config - Update to v2.0.6 * Fixed a bug where running systemd in a container on a cgroups v1 system would fail. * Fixed a bug where /etc/passwd could be re-created every time a container is restarted if the container's /etc/passwd did not contain an entry for the user the container was started as. * Fixed a bug where containers without an /etc/passwd file specifying a non-root user would not start. * Fixed a bug where the --remote flag would sometimes not make remote connections and would instead attempt to run Podman locally. ==== read-only-root-fs ==== - Adjust btrfsmaintenance sysconfig to not use the read-only root filesystem [bsc#1176052] ==== xen ==== - Fix build on aarch64 with gcc10 - Package xenhypfs for aarch64