Packages changed: ceph (16.2.3.26+g422932e923 -> 16.2.4.26+g555d38aa5a5) cilium cni etcd (3.4.15 -> 3.4.16) flannel gnutls helm (3.5.2 -> 3.5.4) kubic-control (0.10.2 -> 0.11) libidn2 (2.3.0 -> 2.3.1) snapper vim (8.2.2800 -> 8.2.2850) === Details === ==== ceph ==== Version update (16.2.3.26+g422932e923 -> 16.2.4.26+g555d38aa5a5) Subpackages: ceph-common libcephfs2 librados2 librbd1 librgw2 python3-ceph-argparse python3-ceph-common python3-cephfs python3-rados python3-rbd python3-rgw - Update to 16.2.4-26-g555d38aa5a5: + rebased on top of v16.2.4 tag https://ceph.io/releases/v16-2-4-pacific-released/ * mgr/dashboard: fix base-href: revert it to previous approach * (bsc#1186021) mgr/dashboard: fix cookie injection issue (CVE-2021-3509) * mgr/dashboard: fix set-ssl-certificate{,-key} commands * (bsc#1186020) rgw: RGWSwiftWebsiteHandler::is_web_dir checks empty subdir_name (CVE-2021-3531) * (bsc#1185619) rgw: sanitize \r in s3 CORSConfiguration?s ExposeHeader (CVE-2021-3524) * systemd: remove ProtectClock=true for ceph-osd@.service ==== cilium ==== - Add cilium-no-ineffassign-in-root.patch: Do not run ineffassign in the source root, where no go files exist. - Set GO111MODULE=auto to build with go1.16+ * Default changed to GO111MODULE=on in go1.16 * Set temporarily until using upstream release with go.mod * Add BuildRequires: golang(API) >= 1.13 recommended dependency expression ==== cni ==== - use buildmode=pie (cnitool is installed into sbindir) - Set GO111MODULE=auto to build with go1.16+ * Default changed to GO111MODULE=on in go1.16 * Set temporarily until using upstream release with go.mod * Drop BuildRequires: golang-packaging not currently using macros * Add BuildRequires: golang(API) >= 1.13 recommended dependency expression ==== etcd ==== Version update (3.4.15 -> 3.4.16) - Update to version 3.4.16: * version: 3.4.16 * Backport-3.4 exclude alarms from health check conditionally * etcdserver/mvcc: update trace.Step condition * Backport-3.4 etcdserver/util.go: reduce memory when logging range requests * .travis,Makefile,functional: Bump go 1.12 version to v1.12.17 * integration: Fix 'go test --tags cluster_proxy --timeout=30m -v ./integration/...' * pkg/tlsutil: Adjust cipher suites for go 1.12 * Fix pkg/tlsutil (test) to not fail on 386. * bill-of-materials.json: Update golang.org/x/sys * .travis,test: Turn race off in Travis for go version 1.15 * integration : fix TestTLSClientCipherSuitesMismatch in go1.13 * vendor: Run go mod vendor * go.mod,go.sum: Bump github.com/creack/pty that includes patch * go.mod,go.sum: Comply with go v1.15 * etcdserver,wal: Convert int to string using rune() * integration,raft,tests: Comply with go v1.15 gofmt * .travis.yml: Test with go v1.15.11 * pkpkg/testutil/leak.go: Allowlist created by testing.runTests.func1 * vendor: Run go mod vendor * go.sum, go.mod: Run go mod tidy with go 1.12 * go.mod: Pin go to 1.12 version * etcdserver: fix incorrect metrics generated when clients cancel watches * integration: relax leader timeout from 3s to 4s * etcdserver: when using --unsafe-no-fsync write data * server: Added config parameter experimental-warning-apply-duration * etcdserver: Fix PeerURL validation ==== flannel ==== - Sync manifest with upstream (0.13.0 release). Includes the following changes: * Fix typo and invalid indent in kube-flannel.yml * Use stable os and arch label for node * set priorityClassName to system-node-critical * Add NET_RAW capability to support cri-o * Use multi-arch Docker images in the Kubernetes manifest - Set GO111MODULE=auto to build with go1.16+ * Default changed to GO111MODULE=on in go1.16 * Set temporarily until using upstream version with go.mod ==== gnutls ==== - Compute the FIPS hmac file without re-defining the __os_install_post macro, use the brp-50-generate-fips-hmac script instead. [bsc#1184555] - Require the main package in devel and lib packages as the default priorities are now set via crypto-policies. [bsc#1183082] ==== helm ==== Version update (3.5.2 -> 3.5.4) - Update to version 3.5.4: * Add/update deprecation notices * Wrap validation error instead of recreating * Move default to avoid nil check * Add name validation rules for object kinds * Use kube libraries v0.20.4 - Update to version 3.5.3: * Fix the example for --time-format flag * Improve the console output for resource policy keep to align with helm2. * test(pkg/storage): Verify that storage.Create returns an error if it fails to clean up least-recent release versions * fix(pkg/storage): If storage.Create fails to clean up recent release versions, return an error * fix(test): Increase golangci-lint timeout * fix release sha256 * Fix-9253: Change the deprecated charts repo URL in release notes * Update default ingress values section to correspond with template * use kube libraries v0.20.2 ==== kubic-control ==== Version update (0.10.2 -> 0.11) Subpackages: kubic-haproxycfg kubicctl kubicd - Update to version 0.11 - workaround for go 1.15 certificate handling changes, all certificates should be re-generated with kubicctl 0.11 - adjust for kubeadm removed upgrade node arguments ==== libidn2 ==== Version update (2.3.0 -> 2.3.1) - libidn2 2.3.1: * Implement full roundtrip for lookup functionality * Fix domain too long error * Updated gnulib files and various build fixes ==== snapper ==== Subpackages: libsnapper5 - fixed systemd sandboxing (bsc#1186095) ==== vim ==== Version update (8.2.2800 -> 8.2.2850) Subpackages: vim-data-common vim-small - Updated to version 8.2.2850, fixes the following problems * After a timer displays text a hit-enter prompt is given. * Free Pascal makefile not recognized. * Vim9: illegal memory access. * Flicker when the popup menu has an info popup. * Setting buffer local mapping with mapset() changes global mapping. * Vim9: cannot use legacy syntax in Vim9 script. * Vim9: using "++nr" as a command might not work. * Build fails with tiny features. * Vim9: increment and decrement not sufficiently tested. * Vim9: :def function compilation fails when using :legacy. * Vim9: crash when calling a function in a substitute expression. * Vim9: error for missing white space doesn't say where it is missing * Vim9: still crash when using substitute expression. * Cannot grep using fuzzy matching. * Vim9: unused variable. (John Marriott) * Status line flickers when redrawing popup menu info. * Vim9: comment below expression in lambda causes problems. * Vim9: script sourcing continues after an error. * No jump added to jumplist when opening terminal in current window. * Finishing an abbreviation with a multi-byte char may not work. * Session file may divide by zero. * Code in checkreadonly() not fully tested. * Compiler warnings for int to size_t conversion. (Randall W. Morris) * Test file was not deleted. * Coverity complains about not checking the rename() return value. * Some comments are not correct or clear. * Terminal colors are not updated when 'background' is set. * Vim9: expandcmd() not tested. * Operator cancelled by moving mouse when using popup. (Sergey Vlasov) * Two key command cancelled by moving mouse when using popup. (Sergey Vlasov) * Vim9: :cexpr does not work with local variables. * Vim9: leaking memory in :cexpr. * Build failure without the +quickfix feature. (John Marriott) * Various code lines not covered by tests. * File extension .wrap not recognized. * Default redirection missing "ash" and "dash". * Vim9: member operation not fully tested. * Vim9: skip argument to searchpair() is not compiled. * Vim9: skip argument to searchpairpos() is not compiled. * Vim9: memory leak when using searchpair(). * Vim9: "echo Func()" does not give an error for a function without a return value. * Perl not tested sufficiently. * Crash when calling partial. * Bufwrite not sufficiently tested. * Recalling commands from history is not tested.