Packages changed: checkpolicy (2.9 -> 3.0) cilium curl installation-images-MicroOS (14.459 -> 14.461) kernel-firmware (20200207 -> 20200302) libcontainers-common (20191211 -> 20200306) libselinux (2.9 -> 3.0) libselinux-bindings (2.9 -> 3.0) libsemanage (2.9 -> 3.0) libsepol (2.9 -> 3.0) open-vm-tools (11.0.0 -> 11.0.5) patterns-base policycoreutils (2.9 -> 3.0) python-pyzmq (18.1.1 -> 19.0.0) python-semanage (2.9 -> 3.0) restorecond (2.9 -> 3.0) rpcbind transactional-update (2.20.2 -> 2.20.3) === Details === ==== checkpolicy ==== Version update (2.9 -> 3.0) - Update to version 3.0 * add flag to enable policy optimization * allow to write policy to stdout * remove a redundant if-condition ==== cilium ==== - Remove cilium-init package. - Add bpftool as a runtime dependency. ==== curl ==== Subpackages: libcurl4 - ignore_runtests_failure.patch: remove, no longer needed ==== installation-images-MicroOS ==== Version update (14.459 -> 14.461) - merge gh#openSUSE/installation-images#363 - adapt system-user-* and system-group-* package handling (bsc#1163938) - 14.461 - merge gh#openSUSE/installation-images#362 - fix rescue system setup (bsc#1160378) - 14.460 - Pull the correct distribution-logos per distribution theme ==== kernel-firmware ==== Version update (20200207 -> 20200302) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network ucode-amd - Update to version 20200302 (git commit 0148cfefcbf9): * check_whence: python3/utf-8 support * Makefile: improve `make check` usefulness * mediatek: Remove in-tree symlinks * qca: Fix blueooth firmware name for QCA6174 * mediatek: move MT8173 VPU FW to subfolder * linux-firmware: Update firmware file for Intel Bluetooth AX201 * qca: Add firmware files for BT chip wcn3991. * nvidia: add TU116/117 signed firmware * drm/amdgpu: update to latest 19.50 firmware for raven * mediatek: update MT8173 VPU firmware to v1.1.4 ==== libcontainers-common ==== Version update (20191211 -> 20200306) - New snaphot (bsc#1165917) - Update to image 5.2.1 * Add documentation about rewriting docker.io registries * Add registries warning to registries.conf - Update to libpod 1.8.0 * Fixed some spelling errors in oci-hooks documentations * include containers-mounts.conf(5) man-page into the package - Update to storage 1.16.1 * Add `rootless_storage_path` directive to storage.conf * Add better documentation for the mount_program in overlay driver ==== libselinux ==== Version update (2.9 -> 3.0) Subpackages: libselinux1 selinux-tools - Update to version 3.0 * Ignore the stem when looking up all matches in file context * Save digest of all partial matches for directory * Use Python distutils to install SELinux python bindings * ensure that digest_len is not zero * fix string conversion of unknown perms * mark all exported function "extern" Dropped Use-Python-distutils-to-install-SELinux.patch, included upstream ==== libselinux-bindings ==== Version update (2.9 -> 3.0) - Update to version 3.0 * Ignore the stem when looking up all matches in file context * Save digest of all partial matches for directory * Use Python distutils to install SELinux python bindings * ensure that digest_len is not zero * fix string conversion of unknown perms * mark all exported function "extern" ==== libsemanage ==== Version update (2.9 -> 3.0) - Update to version 3.0 * Add support for DCCP and SCTP protocols * include internal header to use the hidden function prototypes * mark all exported function "extern" * optionally optimize policy on rebuild Refreshed suse_path.patch ==== libsepol ==== Version update (2.9 -> 3.0) - Update to version 3.0 * cil: Allow validatetrans rules to be resolved * cil: Report disabling an optional block only at high verbose levels * cil: do not dereference perm_value_to_cil when it has not been allocated * cil: fix mlsconstrain segfault * Further improve binary policy optimization * Make an unknown permission an error in CIL * Remove cil_mem_error_handler() function pointer * Use LIBSEPOL_3.0 and fix sepol_policydb_optimize symbol mapping * Add a function to optimize kernel policy * Add ebitmap_for_each_set_bit macro Dropped fnocommon.patch as it's included upstream ==== open-vm-tools ==== Version update (11.0.0 -> 11.0.5) Subpackages: libvmtools0 - Simplified the conditional around systemd_ordering to just use suse_version >= 1500. - Update to 11.0.5 (build 15389592) (boo#1165955) + DNS server is reported incorrectly as '127.0.0.53' when using systemd-resolved. DNS server is reported incorrectly in GuestInfo as '127.0.0.53' , when the OS uses systemd-resolved. This issue is fixed in this release. - Conditionalized the use of systemd_ordering. Use systemd_ordering for factory, openSUSE >= 15, and SLE >= 15. Use systemd_requires for older openSUSE and SLE releases. - Conditionalize out the use of %license COPYING for SLE 12 SP2 and older. - Added patches + gcc10-warning.patch (boo#1160408) + diskinfo-debug-logging-1162435.patch (boo#1162435 and bsc#1162119) - Changed g_warning to g_debug + app_info_plugin.patch (boo#1165955) - Drop unnecessary patch: - fix-leaks-Aliases-MappedAliases.patch ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-minimal_base - drop telnet from enhanced_base recommendations - Fix basic_desktop upgrade path for SLE-15 SP2 and later - Put transactional_base in alphabetical order - Fix SLE bug in generation of txt files for basic_desktop ==== policycoreutils ==== Version update (2.9 -> 3.0) Subpackages: python3-policycoreutils - Dropped Recommends: for %{name}-lang and %{name}-devel. Not allowed by openSUSE guidelines - Update to version 3.0 * fixfiles: Fix "verify" option * fixfiles: Fix [-B] [-F] onboot * fixfiles: Force full relabel when SELinux is disabled * semodule: Enable CIL logging * semanage: Add support for DCCP and SCTP protocols * semanage: Do not use default s0 range in "semanage login -a" * semanage: Document DCCP and SCTP support * semanage: Improve handling of "permissive" statements * semanage: fix moduleRecords.customized() Refreshed chcat_join.patch - Ship working pam config for newrole (bsc#1163020) - Recommend policycoreutils-devel to have perm_map file available - Package perm_map as it's used by audit2* tools ==== python-pyzmq ==== Version update (18.1.1 -> 19.0.0) - specfile: * update copyright year - update to version 19.0.0: * Cython backend: Build Cython extensions with language level "3str" (requires Cython 0.29) * Cython backend: You can now cimport zmq * Asyncio: Fix memory leak in Poller * Log: Much improved logging in :mod:`zmq.log` (see :doc:`logging`) * Log: add python -m zmq.log entrypoint * Sources generated with Cython 0.29.15 ==== python-semanage ==== Version update (2.9 -> 3.0) - Update to version 3.0 * Add support for DCCP and SCTP protocols * include internal header to use the hidden function prototypes * mark all exported function "extern" * optionally optimize policy on rebuild Refreshed suse_path.patch ==== restorecond ==== Version update (2.9 -> 3.0) - Update to version 3.0 * Do not link against libpcre * Fix redundant console log output error * Use /run instead of /var/run Dropped r_opts_global.patch ==== rpcbind ==== - rpc-user.conf: use sysusers method to create rpc user - Minimize dependencies for container usage ==== transactional-update ==== Version update (2.20.2 -> 2.20.3) Subpackages: transactional-update-zypp-config - Update to version 2.20.3 - Reintroduce compatibility with RPM < 4.15 for inclusion in SLE / Leap 15.2 - Prepare for removal of /var/lib/alternatives [jsc#SLE-9101]