Packages changed: btrfsprogs (5.11 -> 5.12.1) elfutils (0.183 -> 0.184) grub2 icu installation-images-MicroOS (17.2 -> 17.3) kubernetes kubernetes1.21 libXfixes (5.0.3 -> 6.0.0) open-iscsi patterns-base python-Babel (2.9.0 -> 2.9.1) python-psutil runc (1.0.0~rc93 -> 1.0.0~rc94) sudo (1.9.6p1 -> 1.9.7) === Details === ==== btrfsprogs ==== Version update (5.11 -> 5.12.1) Subpackages: btrfsprogs-udev-rules libbtrfs0 - Update to 5.12.1 * build: fix missing symbols in libbtrfs * mkfs: check for minimal number of zones * check: fix warning about cache generation when free space tree is enabled * fix superblock write in zoned mode on 16K pages - Update to 5.12 * libbtrfsutil: relicensed to LGPL v2.1+ * mkfs: zoned mode support (kernel 5.12+) * fi df: show zone_unusable per profile type in zoned mode * fi usage: show total amount of zone_unusable * fi resize: fix message for exact size * image: fix warning and enlarge output file if necessary * core * refactor chunk allocator for more modes * implement zoned mode support: allocation and writes, sb log * crypto/hash refactoring and cleanups * refactoring and cleanups * other * test updates * CI updates * travis-ci integration disabled * docker images updated, more coverage * incomplete build support for Android removed * doc updates * chattr mode m for 'NOCOMPRESS" * swapfile used from fstab * how to add a new export to libbtrfsutil * update status of mount options since 5.9 - Update to 5.11.1 * properly format checksums when a mismatch is reported * check: fix false alert on tree block crossing 64K page boundary * convert: * refuse to convert filesystem with 'needs_recovery' * update documentation to require fsck before conversion * balance convert: fix raid56 warning when converting other profiles * fi resize: improved summary * other * build: fix checks and autoconf defines * fix symlink paths for CI support scripts * updated tests ==== elfutils ==== Version update (0.183 -> 0.184) Subpackages: libasm1 libdw1 libelf1 - Update to version 0.184: debuginfod: Use libarchive's bsdtar as the .deb-family file unpacker. debuginfod-client: Client caches negative results. If a query for a file failed with 404, an empty 000 permission file is created in the cache. This will prevent requesting the same file for the next 10 minutes. Client objects now carry long-lived curl handles for outgoing connections. This makes it more efficient for multiple sequential queries, because the TCP connections and/or TLS state info are kept around awhile, avoiding O(100ms) setup latencies. libdw: handle DW_FORM_indirect when reading attributes translations: Update Polish translation. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi - Fix plaintext password in grub config didn't work to unlock menu entry if enabling secure boot in UEFI (bsc#1181892) ==== icu ==== Subpackages: libicu69 libicu69-ledata - nan-undefined-conversion.patch: ICU-21613 Fix undefined behaviour in ComplexUnitsConverter::applyRounder ==== installation-images-MicroOS ==== Version update (17.2 -> 17.3) - merge gh#openSUSE/installation-images#510 - openssh-server now uses /usr/etc for its config files (bsc#1185709) - 17.3 ==== kubernetes ==== Subpackages: kubernetes-client kubernetes-kubeadm kubernetes-kubelet - Bump kubernetes-*-minus1 to 1.20.6 ==== kubernetes1.21 ==== Subpackages: kubernetes1.21-client kubernetes1.21-client-common kubernetes1.21-kubeadm kubernetes1.21-kubelet kubernetes1.21-kubelet-common - Remove workaround in 10-kubeadm.conf for boo#1171770 causing sysctl values to be reset ==== libXfixes ==== Version update (5.0.3 -> 6.0.0) - Update to version 6.0.0 * The big new feature here is support for the new ClientDisconnectMode. From the corresponding xorgproto announcement: An X server that is started on demand (Xwayland) should ideally also terminate when the last client disconnects. However, some X11 clients that provide system services will linger around forever, preventing that shutdown. * With the new XFixes request, a client can designate itself as to-be-terminated and the X server can ignore those clients when counting the number of remaining clients. If no other clients are left, the server can shut down. * Note that this requires changes to the X server and each client to work. ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Merge latest upstream, which added fix (bsc#1185930): * Set default 'startup' to 'onboot' for FW nodes ==== patterns-base ==== Subpackages: patterns-base-apparmor patterns-base-bootloader patterns-base-minimal_base - Don't recommend syslinux and binutils in enhanced_base ==== python-Babel ==== Version update (2.9.0 -> 2.9.1) - update to 2.9.1: * The internal locale-data loading functions now validate the name of the locale file to be loaded and only allow files within Babel's data directory. ==== python-psutil ==== - remove the dependency on net-tools, since it conflicts with busybox-hostnmame which is default on MicroOS. boo#1184753 ==== runc ==== Version update (1.0.0~rc93 -> 1.0.0~rc94) - Update to runc v1.0.0~rc94. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc94 Breaking Changes: * cgroupv1: kernel memory limits are now always ignored, as kmemcg has been effectively deprecated by the kernel. Users should make use of regular memory cgroup controls. Regression Fixes: * seccomp: fix 32-bit compilation errors * runc init: fix a hang caused by deadlock in seccomp/ebpf loading code * runc start: fix "chdir to cwd: permission denied" for some setups - Remove upstreamed patches: - 0001-cloned_binary-switch-from-error-to-warning-for-SYS_m.patch ==== sudo ==== Version update (1.9.6p1 -> 1.9.7) - update to 1.9.7 * The "fuzz" Makefile target now runs all the fuzzers for 8192 passes (can be overridden via the FUZZ_RUNS variable). This makes it easier to run the fuzzers in-tree. To run a fuzzer indefinitely, set FUZZ_RUNS=-1, e.g. "make FUZZ_RUNS=-1 fuzz". * Fixed fuzzing on FreeBSD where the ld.lld linker returns an error by default when a symbol is multiply-defined. * Added support for determining local IPv6 addresses on systems that lack the getifaddrs() function. This now works on AIX, HP-UX and Solaris (at least). Bug #969. * Fixed a bug introduced in sudo 1.9.6 that caused "sudo -V" to report a usage error. Also, when invoked as sudoedit, sudo now allows a more restricted set of options that matches the usage statement and documentation. GitHub issue #95. * Fixed a crash in sudo_sendlog when the specified certificate or key does not exist or is invalid. Bug #970 * Fixed a compilation error when sudo is configured with the - -disable-log-client option. * Sudo's limited support for SUCCESS=return entries in nsswitch.conf is now documented. Bug #971. * Sudo now requires autoconf 2.70 or higher to regenerate the configure script. Bug #972. * sudo_logsrvd now has a relay mode which can be used to create a hierarchy of log servers. By default, when a relay server is defined, messages from the client are forwarded immediately to the relay. However, if the "store_first" setting is enabled, the log will be stored locally until the command completes and then relayed. Bug #965. * Sudo now links with OpenSSL by default if it is available unless the --disable-openssl configure option is used or both the - -disable-log-client and --disable-log-server configure options are specified. * Fixed configure's Python version detection when the version minor number is more than a single digit, for example Python 3.10. * The sudo Python module tests now pass for Python 3.10. * Sudo will now avoid changing the datasize resource limit as long as the existing value is at least 1GB. This works around a problem on 64-bit HP-UX where it is not possible to exactly restore the original datasize limit. Bug #973. * Fixed a race condition that could result in a hang when sudo is executed by a process where the SIGCHLD handler is set to SIG_IGN. This fixes the bug described by GitHub PR #98. * Fixed an out-of-bounds read in sudoedit and visudo when the EDITOR, VISUAL or SUDO_EDITOR environment variables end in an unescaped backslash. Also fixed the handling of quote characters that are escaped by a backslash. GitHub issue #99. * Fixed a bug that prevented the "log_server_verify" sudoers option from taking effect. * The sudo_sendlog utility has a new -s option to cause it to stop sending I/O records after a user-specified elapsed time. This can be used to test the I/O log restart functionality of sudo_logsrvd. * Fixed a crash introduced in sudo 1.9.4 in sudo_logsrvd when attempting to restart an interrupted I/O log transfer. * The TLS connection timeout in the sudoers log client was previously hard-coded to 10 seconds. It now uses the value of log_server_timeout. * The configure script now outputs a summary of the user-configurable options at the end, separate from output of configure script tests. Bug #820. * Corrected the description of which groups may be specified via the - g option in the Runas_Spec section. Bug #975.