Packages changed: colord glib-networking (2.70.0 -> 2.70.1) glib2 (2.70.1 -> 2.70.2) libX11 (1.7.2 -> 1.7.3.1) mozjs78 (78.14.0 -> 78.15.0) podman (3.4.2 -> 3.4.4) polkit (0.118 -> 0.120) === Details === ==== colord ==== - Change to systemd-sysusers ==== glib-networking ==== Version update (2.70.0 -> 2.70.1) - Update to version 2.70.1: + Fix crashes when handshake is cancelled + OpenSSL: fix spurious certificate expired verification errors + GnuTLS: - Fix tests on 32-bit systems - Fix crash when invalid priority string is forced - Add check section and run meson_test macro during build. ==== glib2 ==== Version update (2.70.1 -> 2.70.2) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - Update to version 2.70.2: + Fix use of the default log writer with journald namespaces + Fix hang in `dbus-daemon` under `GTestDBus` when `G_MESSAGES_DEBUG=all` is set + Speed up `g_canonicalize_filename()` to avoid pathogenic cases with `..` + Fix URI for pcre subproject as it?s moved upstream + Fix storing GSettings dictionaries on macOS + Speed up ?remove dot segments? algorithm in `GUri` to avoid pathogenic cases with `..` + Fix infinite loops in D-Bus message parsing for truncated inputs + Improve correctness of version information returned by `g_get_os_info()` for Windows 10/Server 2019+ + Bugs fixed: glgo#GNOME/GLib#2400, glgo#GNOME/GLib#2426, glgo#GNOME/GLib#2528, glgo#GNOME/GLib#2530, glgo#GNOME/GLib#2537, glgo#GNOME/GLib#2541, glgo#GNOME/GLib!2312, glgo#GNOME/GLib!2313, glgo#GNOME/GLib!2314, glgo#GNOME/GLib!2316, glgo#GNOME/GLib!2320, glgo#GNOME/GLib!2335, glgo#GNOME/GLib!2337, glgo#GNOME/GLib!2340, glgo#GNOME/GLib!2344, glgo#GNOME/GLib!2356, glgo#GNOME/GLib!2359, glgo#GNOME/GLib!2361, glgo#GNOME/GLib!2363, glgo#GNOME/GLib!2366, glgo#GNOME/GLib!2375, glgo#GNOME/GLib!2383. + Updated translations. - Stop passing fam=true to meson and drop gamin-devel BuildRequires, following upstream default. Following this, drop libgio-fam sub-package. ==== libX11 ==== Version update (1.7.2 -> 1.7.3.1) Subpackages: libX11-6 libX11-data - Update to version 1.7.3.1 * This release of libX11 corrects a packaging problem in 1.7.3 which caused the m4 files needed for autoreconf to not be included in the tarballs. * As a bonus, this release also includes one tiny typo fix in the XIM specs. - Update to version 1.7.3 * This release includes a number of bug fixes and adds support for the _EVDEVK keysyms added in xorgproto 2021.2. ==== mozjs78 ==== Version update (78.14.0 -> 78.15.0) - Update to version 78.15.0esr. ==== podman ==== Version update (3.4.2 -> 3.4.4) Subpackages: podman-cni-config - Update to version 3.4.4: * Bugfixes - Fixed a bug where the podman exec command would, under some circumstances, print a warning message about failing to move conmon to the appropriate cgroup (#12535). - Fixed a bug where named volumes created as part of container creation (e.g. podman run --volume avolume:/a/mountpoint or similar) would be mounted with incorrect permissions (#12523). - Fixed a bug where the podman-remote create and podman-remote run commands did not properly handle the --entrypoint="" option (to clear the container's entrypoint) (#12521). - Update to version 3.4.3: * Security - This release addresses CVE-2021-4024, where the podman machine command opened the gvproxy API (used to forward ports to podman machine VMs) to the public internet on port 7777. - This release addresses CVE-2021-41190, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients. * Features - The --secret type=mount option to podman create and podman run supports a new option, target=, which specifies where in the container the secret will be mounted (#12287). * Bugfixes - Fixed a bug where rootless Podman would occasionally print warning messages about failing to move the pause process to a new cgroup (#12065). - Fixed a bug where the podman run and podman create commands would, when pulling images, still require TLS even with registries set to Insecure via config file (#11933). - Fixed a bug where the podman generate systemd command generated units that depended on multi-user.target, which has been removed from some distributions (#12438). - Fixed a bug where Podman could not run containers with images that had /etc/ as a symlink (#12189). - Fixed a bug where the podman logs -f command would, when using the journald logs backend, exit immediately if the container had previously been restarted (#12263). - Fixed a bug where, in containers on VMs created by podman machine, the host.containers.internal name pointed to the VM, not the host system (#11642). - Fixed a bug where containers and pods created by the podman play kube command in VMs managed by podman machine would not automatically forward ports from the host machine (#12248). - Fixed a bug where podman machine init would fail on OS X when GNU Coreutils was installed (#12329). - Fixed a bug where podman machine start would exit before SSH on the started VM was accepting connections (#11532). - Fixed a bug where the podman run command with signal proxying (--sig-proxy) enabled could print an error if it attempted to send a signal to a container that had just exited (#8086). - Fixed a bug where the podman stats command would not return correct information for containers running Systemd as PID1 (#12400). - Fixed a bug where the podman image save command would fail on OS X when writing the image to STDOUT (#12402). - Fixed a bug where the podman ps command did not properly handle PS arguments which contained whitespace (#12452). - Fixed a bug where the podman-remote wait command could fail to detect that the container exited and return an error under some circumstances (#12457). - Fixed a bug where the Windows MSI installer for podman-remote would break the PATH environment variable by adding an extra " (#11416). * API - Updated the containers/image library to v5.17.0 - The Libpod Play Kube endpoint now also accepts ConfigMap YAML as part of its payload, and will use provided any ConfigMap to configure provided pods and services. - Fixed a bug where the Compat Create endpoint for Containers would not always create the container's working directory if it did not exist (#11842). - Fixed a bug where the Compat Create endpoint for Containers returned an incorrect error message with 404 errors when the requested image was not found (#12315). - Fixed a bug where the Compat Create endpoint for Containers did not properly handle the HostConfig.Mounts field (#12419). - Fixed a bug where the Compat Archive endpoint for Containers did not properly report errors when the operation failed (#12420). - Fixed a bug where the Compat Build endpoint for Images ignored the layers query parameter (for caching intermediate layers from the build) (#12378). - Fixed a bug where the Compat Build endpoint for Images did not report errors in a manner compatible with Docker (#12392). - Fixed a bug where the Compat Build endpoint for Images would fail to build if the context directory was a symlink (#12409). - Fixed a bug where the Compat List endpoint for Images included manifest lists (and not just images) in returned results (#12453). * Misc - Podman now builds by default with cgo enabled on OS X, resolving some issues with SSH (#10737). ==== polkit ==== Version update (0.118 -> 0.120) Subpackages: libpolkit-agent-1-0 libpolkit-gobject-1-0 - update to 0.120: * transition from Intltool to gettext * several tarball, meson and pipeline fixups * Portuguese translation * Romanian translation * meson build system added * CVE-2021-3560 mitigation * properties in text listener * typos fixups * Update Hungarian translation - drop CVE-2021-3560.patch (upstream)